Lack of verification for _uri parameter in createContract() function in Escher721Factory contract

Lines of code Vulnerability details Impact The impact of this vulnerability is that an attacker could potentially manipulate the token URI for any given token ID in the Escher721 contract created by the Escher721Factory contract. This could potentially allow the attacker to trick users into...

Oracle will become invalid much faster than intended on non-mainnet chains

Lines of code Vulnerability details Description NFTFloorOracle is in charge of answering price queries for ERC721 assets. EXPIRATIONPERIOD constant is the max amount of blocks allowed to have passed for the reading to be considered up to date: uint256 diffBlock = currentBlock - priceInfo.updatedA...

Sale contracts use address.transfer method

Lines of code Vulnerability details Impact The FixedPrice, LPDA & OpenEdition contracts uses payableaddress.transfer method to send ETH which is unsafe. EIP1884 increases the gas cost certain opcodes, possibly making contracts go over the 2300 gas limit by transfer, making them unable to receive...

[NAZ-H1] Anyone Can Call removeFeeder()

Lines of code Vulnerability details Impact Currently anyone can call removeFeeder which can cause an ample amount of issues across the protocol. It is also stated in the NatSpec: Allows owner to remove feeder. Proof of Concept Anyone can remove a feeder and only the admin should be able to remove...

Ownership of EscherERC721.sol contracts can be changed, thus creator roles become useless

Lines of code Vulnerability details Impact creator = has a CREATORROLE in Escher.sol non-creator = doesn't have a CREATORROLE in Escher.sol Currently creating an ERC721 edition via the Escher721Factory.sol contract requires a user to have the CREATORROLE in the main Escher.sol contract. This...

Funds reserved for refunding users can be steal in LPDA sale

Lines of code Vulnerability details Impact LPDA sale works like a Dutch Auction, where early buyers will get refund after the sale ended. In addition, in buy function, when last NFT is saled, it is automatically ending the LPDA sale and send payments to sale receiver, fee to fee receiver. And the...

Downcast can lead to overflow and impact the functionality to remove an asset in NFTFloorOracle

Lines of code Vulnerability details Impact When adding a new asset, the index for the last asset will be saved and downcasted on L284. If the number of assets is bigger than 256, the downcasting operation will lead to a silent overflow. Consequentially, the incorrect index will be stored. This ca...

LPDA refund logic is broken, meaning buyers always get lowest price sale

Lines of code Vulnerability details Impact The protocol intends the LPDA to refunds buyers with the difference between the price they paid and the last sale price Once the sale has ended, the users must call refund to get their Ether refunds based on their purchase price and lowest sale price 99:...

Dangerous casting from i256 to u256 of the price returned by the Chainlink oracle

Lines of code Vulnerability details Impact Referring to the docs, Chainlink oracles are returning the price as an int256, which means that the answer can be a negative price. Later, this price is casted as an uint256 in the case of an oracle that is set, which overflows when price 0. Any price...

suppliers funds loss because attacker can transfer his collateralized tokens when health factor is below liquidation threshold by reentrancy attack during executeLiquidateERC20() logic and transferring collateralize

Lines of code Vulnerability details Impact Function executeLiquidateERC20 is for liquidating a position if its Health Factor drops below 1. The caller liquidator covers liquidationAmount amount of debt of the user getting liquidated, and receives a proportional amount of the collateralAsset plus ...

The LPDA will fail, because the Arithmetic underflow

Lines of code Vulnerability details Impact The LPDA will fail to buy mint new NFTs even if block.timestamp = temp.startTime , block.timestamp = temp.endTime and newId sale.dropPerSecond sale.endTime - sale.startTime, "INVALID DROP PER SECOND"; --- The text was updated successfully, but th...

The Ether for an LPDA mint sale can be locked in the LPDA contract indefinitely

Lines of code Vulnerability details Impact After a mint sale using LPDA, all the Ether can be locked in the LPDA contract indefinitely. Proof of Concept In the src/minters/ contracts, the .transfer function is used for sending Ether. It is used for sending fees to the feeReceiver, and in the...

Asset removal leaks previous asset prices which will be used again when asset is re-added.

Lines of code Vulnerability details Description NFTFloorOracle retrieves ERC721 prices for ParaSpace. Recordings of prices are managed in assetFeederMap, mapping between address and FeederRegistrar: struct FeederRegistrar // if asset registered or not bool registered; // index in asset list uint8...

Missing ReEntrancy Guard to executeAcceptBidWithCredit function

Lines of code Vulnerability details Impact if the mint was initiated by a contract, then the contract is checked for its ability to receive ERC721 tokens. Without reentrancy guard, onERC721Received will allow an attacker controlled contract to call the mint again, which may not be desirable to so...

Possible malicious _uri in initialize() of Escher721.sol

Lines of code Vulnerability details Impact Loss of user funds if user approves malicious transaction Description Trace: createContract of Escher721.Factory.sol calls initialize of Escher721.sol The initialize function sets tokenUriDelegate to the passed in uri address. There's no input validation...

Missing access control in NFTFloorOracle::removeFeeder

Lines of code Vulnerability details Proof of Concept THe removeFeeder method is lacking onlyRoleDEFAULTADMINROLE modifier, even though the NatSpec states “Allows owner to remove feeder”. Due to this, now everyone can remove a feeder anytime. Different types of attack can be executed, one of which...

Attacker can drain pool using executeBuyWithCredit with malicious marketplace payload.

Lines of code Vulnerability details Description Paraspace supports leveraged purchases of NFTs through PoolMarketplace entry points. User calls buyWithCredit with marketplace, calldata to be sent to marketplace, and how many tokens to borrow. function buyWithCredit bytes32 marketplaceId, bytes...

MintableIncentivizedERC721 incorrectly implements safe transfers

Lines of code Vulnerability details Impact MintableIncentivizedERC721 incorrectly implements safeTransfer and safeTransferFrom by simply replicating the unsafe transfer/transferFrom function. Raising as medium because as a consequence of this, these ERC721 tokens may end up locked in contracts th...

Use of payable.transfer() may lock user funds

Lines of code Vulnerability details Impact The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient has a payable callback, only provides 2300 gas for its operation. This means the following cases can cause the...

Possible negative price on LPDA causes sale and refund mechanism to not working

Lines of code Vulnerability details Impact Possible negative price on LPDA causes sale and refund mechanism to not working Proof of Concept function getPrice public view returns uint256 Sale memory temp = sale; uint256 start, uint256 end = temp.startTime, temp.endTime; if block.timestamp...

UniswapV3 tokens of certain pairs will be wrongly valued, leading to liquidations.

Lines of code Vulnerability details Description UniswapV3OracleWrapper is responsible for price feed of UniswapV3 NFT tokens. Its getTokenPrice is used by the health check calculation in GenericLogic. getTokenPrice gets price from the oracle and then uses it to calculate value of its liquidity...

Actor can input malicious data in the swap function inputs

Lines of code Vulnerability details Impact Function swap has a data input parameter, which can be defined by the caller. Any user could therefore define a token address that they will send. By doing so user could create their own token and send it instead of tokenA and receive tokenB for free. By...

Anyone can call addLiquidity function and be the router

Lines of code Vulnerability details Impact Anyone can call addLiquidity, meaning that when IAddLiquidityCallbackmsg.sender.addLiquidityCallbacktokenAAmount, tokenBAmount, data; is called, the msg.sender can be a contract that a malicious user has deployed and has a addLiquidityCallbacktokenAAmoun...

Actor can send an arbitrary token when adding liquidity

Lines of code Vulnerability details Impact Anyone can call addLiquidity directly and can input tokenId, params and data. The data inputs are never checked, so the user can send anything in there. Since the erc20 tokens routed are defined in the data parameter, user could send any token. Since the...

Upgraded Q -> M from #454 [1670445333683]

Judge has assessed an item in Issue 454 as M risk. The relevant finding follows: L‑01 Don't use payable.transfer/payable.send The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient is either an EOA account, or...

Upgraded Q -> M from #508 [1670444214372]

Judge has assessed an item in Issue 508 as M risk. The relevant finding follows: 508 --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> H from #439 [1670433195074]

Judge has assessed an item in Issue 439 as H risk. The relevant finding follows: L02 - close should not be able to close a specific id credit line As per the docs: Can a Borrower chose to repay any debt in any order? No. The app automatically selects which credit line can be repaid using a...

Upgraded Q -> M from #366 [1670366311052]

Judge has assessed an item in Issue 366 as M risk. The relevant finding follows: 5. Cannot cancel mutual consent Mutual consent works by using two TXs with the same msg.data. However, when first one call, there is no way to cancel it. First caller might send wrong msg.data or later caller change...

Payable functions do not refund excess and locks in

Lines of code Vulnerability details Impact All payable functions addCredit, increaseCredit, depositAndClose, depositAndRepay, closehttps://github.com/debtdao/Line-of-Credit/blob/698...

Upgraded Q -> M from #35 [1670345543949]

Judge has assessed an item in Issue 35 as M risk. The relevant finding follows: No. 2 Any smart contract that uses transfer or send is taking a hard dependency on gas costs by forwarding a fixed amount of gas: 2300. If gas costs are subject to change, then smart contracts can’t depend on any...

Upgraded Q -> M from #366 [1670366212013]

Judge has assessed an item in Issue 366 as M risk. The relevant finding follows: 1. Not support fee-on-transfer tokens Every tokens of credit line will be transferred from lender to LineOfCredit first, then to borrower later. These 2-transfer steps will make the tax for some fee-on-transfer token...

Upgraded Q -> M from #76 [1670347574630]

Judge has assessed an item in Issue 76 as M risk. The relevant finding follows: L02 address.callvalue:x should be used instead of payable.transfer Impact The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient...

Missing msg.value when executing the cross-chain request

Lines of code Vulnerability details Impact the cross-chain request will not support smart contract that requires ETH payment in destination chain on execution side. Proof of Concept When a user relayers call and performs a cross-chain request, the executor needs to execute the request in the...

Potential security issues in CallLib solidity library

Lines of code Vulnerability details Description: The CallLib solidity library contains several potential security issues that could be exploited by attackers. Issue 1: The executeCalls function does not check if the sender parameter is the contract owner before allowing the calls to be executed...

Upgraded Q -> M from #316 [1670230229509]

Judge has assessed an item in Issue 316 as M risk. The relevant finding follows: compound in AutoPxGmx can be called by anyone and can be sandwiched if a poorly chosen amountOutMinimum is used. The idea is to call the function often by adding an incentive to the caller. There is a problematic...

Relayer/executor-already-set Error in CrossChainRelayerArbitrum Contract

Lines of code Vulnerability details Summary The setExecutor function in the CrossChainRelayerArbitrum contract improperly reverts when the executor variable has already been set. Impact This bug could prevent the CrossChainRelayerArbitrum contract from properly setting the executor variable,...

ProcessedCalls Event Emission Vulnerability

Lines of code Vulnerability details Summary The contract is vulnerable to reentrancy attacks through the ProcessedCalls event. The event is emitted with the ticketId of the newly created retryable ticket, which can be used by an attacker to reenter the contract. Impact An attacker could exploit...

CrossChainExecutor contracts do not update the necessary states for failing transactions.

Lines of code Vulnerability details Impact The CrossChainExecutorArbitrum and CrossChainExecutorOptimism contracts both use CallLib library to invoke Calls on external contract. As per the CallLib library implementation, any failing Call results in the entire transaction getting reverted. The...

Upgraded Q -> M from #251 [1670231833702]

Judge has assessed an item in Issue 251 as M risk. The relevant finding follows: AutoPxGlp.setPlatform and AutoPxGmx.setPlatform break the vaults functionalities. Looking at AutoPxGlp.setPlatform: this admin setter allows the owner to change the pirexGmx address in AutoPxGlp. The issue is that it...

CrossChainRelayerArbitrum contract: GasLimitTooHigh revert error not caught

Lines of code Vulnerability details Summary The relayCalls function in the CrossChainRelayerArbitrum contract reverts when the gasLimit parameter is greater than the maxGasLimit, but it does not have a catch block to handle the error. As a result, the transaction will fail without providing any...

Current implementation may be vulnerable to griefing attacks

Lines of code Vulnerability details Impact EIP 5164 states that: CrossChainExecutors SHOULD revert with a CallFailure error if a call fails. The current implementation of EIP-5164 makes the assumption CallLib.solL61-L72 that all call data are legitimately crafted. For context-agnostic protocols,...

Incorrect use of AddressAliasHelper.applyL1ToL2Alias() in _isAuthorized()

Lines of code Vulnerability details Summary In the isAuthorized function, the require statement checks if the msg.sender is equal to the result of calling AddressAliasHelper.applyL1ToL2Alias with relayer as the argument. However, this is incorrect, as AddressAliasHelper.applyL1ToL2Alias is intend...

Potential security issues in CrossChainExecutorOptimism contract

Lines of code Vulnerability details Title: Potential security issues in CrossChainExecutorOptimism contract Product: CrossChainExecutorOptimism contract Version: 0.8.16 Summary: The CrossChainExecutorOptimism contract contains several potential security issues that could allow unauthorized or...

CrossChainRelayerArbitrum contract gas limit bug

Lines of code Vulnerability details Summary The CrossChainRelayerArbitrum contract uses the maxSubmissionCost parameter to determine if the gasLimit provided to the processCalls function is greater than the maxGasLimit. This is incorrect because maxSubmissionCost should not be used to determine t...

Incorrect gas limit check

Lines of code Vulnerability details Summary The relayCalls function incorrectly checks the gas limit provided in the gasLimit parameter against the maxGasLimit variable instead of checking if it is less than or equal to the msg.gas value. Impact This bug allows the caller of relayCalls to specify...

Upgraded Q -> M from #400 [1670235895275]

Judge has assessed an item in Issue 400 as M risk. The relevant finding follows: L01 - EOA restriction of wallet representative can be bypassed A node operator can call registerBLSPublicKeys to register a node runner to LSD and create a new smart wallet. The protocol only allows EOAs to be...

Possible DoS On executeCalls() function

Lines of code Vulnerability details Impact The contract can be in a state of DoS as the function executeCalls would consume all the gas as there is no upper limit on the number of calls that can be inside the array calls. Proof of Concept In the function here it perform a for loop and loops throu...

Relayer/executor-already-set Revert in setExecutor()

Lines of code Vulnerability details Summary The setExecutor function reverts if the executor variable has already been set. Impact If the executor variable has already been set and setExecutor is called again, the transaction will fail and any gas spent on the transaction will be lost...

ExecutorAware doesn't adequately validate sender for nonce

Lines of code Vulnerability details Impact Contracts on the execution chain are asked to inherit from ExecutorAware.sol. This gives them the ability to check msgSender and nonce pulled from the calldata in the format encoded by the executor. While the msgSender function adequately checks that the...

Nonce not properly checked in CrossChainExecutorArbitrum contract

Lines of code Vulnerability details Summary The CrossChainExecutorArbitrum contract does not properly check the nonce before executing calls. This allows a potential attacker to replay a batch of calls that have already been executed. Impact If a batch of calls is replayed, it could result in...