overflow in buy function

Lines of code Vulnerability details Impact the function doesn't check if the input is more the supply Proof of Concept the function doesn't have any condition check of amount Tools Used manually Recommended Mitigation Steps check the input for maximum or requirement for max supply --- The text wa...

WPunk will become locked if liquidator ops to receive the underlying token instead of nToken

Lines of code Vulnerability details Impact WPunks received directly as the result of liquidation will be unable to be withdrawn Proof of Concept function withdrawPunkuint256 calldata punkIndexes, address to external nonReentrant INToken nWPunk = INToken Pool.getReserveDataaddressWPunk.xTokenAddre...

Implementing Security Restrictions and Owner Access Controls on LPDA Smart Contract.

Lines of code Vulnerability details Vulnerability details Impact The new changes to the contract add an additional layer of security and restrict access to certain privileged functions. The buy function now requires that only the owner can purchase tokens, which prevents malicious actors from...

Ether can be lost in LPDA contract if sale.dropPerSecond is set improperly

Lines of code Vulnerability details Impact Function createLPDASale requires only sale.dropPerSecond 0 but if sale.dropPerSecond sale.startPrice / sale.endTime - sale.startTime function getPrice will revert except the case when all editions are sold before reaching negative price. Therefore, the b...

Router.exactInputInternal doesn't check that swapped amount is same as amountIn provided by user

Lines of code Vulnerability details Impact Router.exactInputInternal doesn't check that swapped amount is same as amountIn provided by user. In case if it's not, then exact function doesn't do what it should. It doesn't trade exact amount of tokens. Proof of Concept If user calls...

Dangerous casting from i256 to u256 of the price returned by the Chainlink oracle

Lines of code Vulnerability details Impact Referring to the docs, Chainlink oracles are returning the price as an int256, which means that the answer can be a negative price. Later, this price is casted as an uint256 in the case of an oracle that is set, which overflows when price 0. Any price...

The Ether for an LPDA mint sale can be locked in the LPDA contract indefinitely

Lines of code Vulnerability details Impact After a mint sale using LPDA, all the Ether can be locked in the LPDA contract indefinitely. Proof of Concept In the src/minters/ contracts, the .transfer function is used for sending Ether. It is used for sending fees to the feeReceiver, and in the...

saleReceiver and feeReceiver can steal refunds after sale has ended

Lines of code Vulnerability details First, lets go over how a buy happens. A buyer can buy NFTs at a higher price and then once the auction ends they can use refund to return the over payments. The effect is that they bought the NFTs at the lowest price Lowest Price Dutch Auction. Now, let's move...

Buys and refunds can get stuck forever if the parameters are not set sensibly in the LPDA

Lines of code Vulnerability details Impact In the LPDA contract, there is a function called getPrice which returns the price of one token by taking into account the drop in price per second of the Dutch auction. It basically calculates how much time was elapsed since the start of the sale, to...

NFTFloorOracle's asset and feeder structures can be corrupted

Lines of code Vulnerability details NFTFloorOracle's addAsset and addFeeder truncate the assets and feeders arrays indices to 255, both using uint8 index field in the corresponding structures and performing uint8assets.length - 1 truncation on the new element addition. 2^8 - 1 looks to be too tig...

Wrong logic in function _removeFeeder() cause feeders unable to be removed.

Lines of code Vulnerability details Impact In NFTFloorPrice, there are multiple components to allow easy adding/removing keepers address public feeders - List of all keepers' address mappingaddress = FeederPositionindex, register private feederPositionMap When adding new keeper, new keeper addres...

Use of payable.transfer() may lock user funds

Lines of code Vulnerability details Impact The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient has a payable callback, only provides 2300 gas for its operation. This means the following cases can cause the...

MintableIncentivizedERC721 incorrectly implements safe transfers

Lines of code Vulnerability details Impact MintableIncentivizedERC721 incorrectly implements safeTransfer and safeTransferFrom by simply replicating the unsafe transfer/transferFrom function. Raising as medium because as a consequence of this, these ERC721 tokens may end up locked in contracts th...

Oracle will become invalid much faster than intended on non-mainnet chains

Lines of code Vulnerability details Description NFTFloorOracle is in charge of answering price queries for ERC721 assets. EXPIRATIONPERIOD constant is the max amount of blocks allowed to have passed for the reading to be considered up to date: uint256 diffBlock = currentBlock - priceInfo.updatedA...

Missing ReEntrancy Guard to executeAcceptBidWithCredit function

Lines of code Vulnerability details Impact if the mint was initiated by a contract, then the contract is checked for its ability to receive ERC721 tokens. Without reentrancy guard, onERC721Received will allow an attacker controlled contract to call the mint again, which may not be desirable to so...

MintableIncentivizedERC721 and NToken do not comply with ERC721, breaking composability

Lines of code Vulnerability details Description MintableIncentivizedERC721 implements supportsInterface as below: / @dev See IERC165-supportsInterface. / function supportsInterfacebytes4 interfaceId external view virtual overrideIERC165 returns bool return interfaceId ==...

Compromised admin can instantly take all NFTs held in NToken contracts

Lines of code Vulnerability details Description executeAirdrop is a function admin may call in order to collect airdrops for NFTs held in ParaSpace's nToken contract. function executeAirdrop address airdropContract, bytes calldata airdropParams external override onlyPoolAdmin require...

Bad debt will likely incur when multiple NFTs are liquidated.

Lines of code Vulnerability details Description getUserBalanceForERC721 in GenericLogic gets the value of a user's specific ERC721 xToken. It is later used for determining the account's health factor. In case isAtomicPrice is false such as in ape NTokens, price is calculated using: uint256...

Buy can be executed after sale end

Lines of code Vulnerability details Impact In LPDA.sol buy function when all tokens are minted, the final price is set and the ether from the sale and fee is sent to the saleReceiver and feeReceiver addresses. Since there is no check to validate if sale has ended the function can be executed with...

Pausing assets only affects future price updates, not previous malicious updates.

Lines of code Vulnerability details Description NFTFloorOracle retrieves ERC721 prices for ParaSpace. It is pausable by admin on a per asset level using setPauseasset, flag. setPrice will not be callable when asset is paused: function setPriceaddress asset, uint256 twap public onlyRoleUPDATERROLE...

THE FUNCTION LOGIC OF _REMOVEFEEDER() IS FLAWED

Lines of code Vulnerability details Impact When the admin calls removeFeeder, it will internally call removeFeeder that will have the feeder removed from feeders before getting its UPDATEROLE revoked. In the midst of doing this, the protocol forgets to update index of feederPositionMap belonging ...

Actor can input malicious data in the swap function inputs

Lines of code Vulnerability details Impact Function swap has a data input parameter, which can be defined by the caller. Any user could therefore define a token address that they will send. By doing so user could create their own token and send it instead of tokenA and receive tokenB for free. By...

Anyone can call addLiquidity function and be the router

Lines of code Vulnerability details Impact Anyone can call addLiquidity, meaning that when IAddLiquidityCallbackmsg.sender.addLiquidityCallbacktokenAAmount, tokenBAmount, data; is called, the msg.sender can be a contract that a malicious user has deployed and has a addLiquidityCallbacktokenAAmoun...

Actor can send an arbitrary token when adding liquidity

Lines of code Vulnerability details Impact Anyone can call addLiquidity directly and can input tokenId, params and data. The data inputs are never checked, so the user can send anything in there. Since the erc20 tokens routed are defined in the data parameter, user could send any token. Since the...

Upgraded Q -> M from #508 [1670444214372]

Judge has assessed an item in Issue 508 as M risk. The relevant finding follows: 508 --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from #454 [1670445333683]

Judge has assessed an item in Issue 454 as M risk. The relevant finding follows: L‑01 Don't use payable.transfer/payable.send The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient is either an EOA account, or...

Upgraded Q -> H from #439 [1670433195074]

Judge has assessed an item in Issue 439 as H risk. The relevant finding follows: L02 - close should not be able to close a specific id credit line As per the docs: Can a Borrower chose to repay any debt in any order? No. The app automatically selects which credit line can be repaid using a...

Upgraded Q -> M from #366 [1670366311052]

Judge has assessed an item in Issue 366 as M risk. The relevant finding follows: 5. Cannot cancel mutual consent Mutual consent works by using two TXs with the same msg.data. However, when first one call, there is no way to cancel it. First caller might send wrong msg.data or later caller change...

Upgraded Q -> M from #366 [1670366212013]

Judge has assessed an item in Issue 366 as M risk. The relevant finding follows: 1. Not support fee-on-transfer tokens Every tokens of credit line will be transferred from lender to LineOfCredit first, then to borrower later. These 2-transfer steps will make the tax for some fee-on-transfer token...

Upgraded Q -> M from #76 [1670347574630]

Judge has assessed an item in Issue 76 as M risk. The relevant finding follows: L02 address.callvalue:x should be used instead of payable.transfer Impact The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient...

Upgraded Q -> M from #35 [1670345543949]

Judge has assessed an item in Issue 35 as M risk. The relevant finding follows: No. 2 Any smart contract that uses transfer or send is taking a hard dependency on gas costs by forwarding a fixed amount of gas: 2300. If gas costs are subject to change, then smart contracts can’t depend on any...

Payable functions do not refund excess and locks in

Lines of code Vulnerability details Impact All payable functions addCredit, increaseCredit, depositAndClose, depositAndRepay, closehttps://github.com/debtdao/Line-of-Credit/blob/698...

CrossChainRelayerArbitrum.processCalls() can be invoked multiple times.

Lines of code Vulnerability details Impact In the CrossChainRelayerArbitrum contract once a Call has been relayed using the relayCalls function, processCalls can be invoked multiple times by anyone for the respective Call. Due to this redundant IInbox.createRetryableTicket calls are triggered and...

Upgraded Q -> M from #400 [1670235895275]

Judge has assessed an item in Issue 400 as M risk. The relevant finding follows: L01 - EOA restriction of wallet representative can be bypassed A node operator can call registerBLSPublicKeys to register a node runner to LSD and create a new smart wallet. The protocol only allows EOAs to be...

Potential security issues in CallLib solidity library

Lines of code Vulnerability details Description: The CallLib solidity library contains several potential security issues that could be exploited by attackers. Issue 1: The executeCalls function does not check if the sender parameter is the contract owner before allowing the calls to be executed...

Possible DoS On executeCalls() function

Lines of code Vulnerability details Impact The contract can be in a state of DoS as the function executeCalls would consume all the gas as there is no upper limit on the number of calls that can be inside the array calls. Proof of Concept In the function here it perform a for loop and loops throu...

Incorrect behavior in CrossChainExecutorPolygon contract

Lines of code Vulnerability details Description: We have discovered an issue with the CrossChainExecutorPolygon contract. When a message with a nonce that has already been executed is received, the contract does not prevent the message from being processed or display an error message. This issue...

ExecutorAware doesn't adequately validate sender for nonce

Lines of code Vulnerability details Impact Contracts on the execution chain are asked to inherit from ExecutorAware.sol. This gives them the ability to check msgSender and nonce pulled from the calldata in the format encoded by the executor. While the msgSender function adequately checks that the...

Nonce not properly checked in CrossChainExecutorArbitrum contract

Lines of code Vulnerability details Summary The CrossChainExecutorArbitrum contract does not properly check the nonce before executing calls. This allows a potential attacker to replay a batch of calls that have already been executed. Impact If a batch of calls is replayed, it could result in...

Relayer/executor-already-set Revert in setExecutor()

Lines of code Vulnerability details Summary The setExecutor function reverts if the executor variable has already been set. Impact If the executor variable has already been set and setExecutor is called again, the transaction will fail and any gas spent on the transaction will be lost...

Potential security issues in CrossChainExecutorOptimism contract

Lines of code Vulnerability details Title: Potential security issues in CrossChainExecutorOptimism contract Product: CrossChainExecutorOptimism contract Version: 0.8.16 Summary: The CrossChainExecutorOptimism contract contains several potential security issues that could allow unauthorized or...

Incorrect gas limit check

Lines of code Vulnerability details Summary The relayCalls function incorrectly checks the gas limit provided in the gasLimit parameter against the maxGasLimit variable instead of checking if it is less than or equal to the msg.gas value. Impact This bug allows the caller of relayCalls to specify...

Upgraded Q -> M from #251 [1670231833702]

Judge has assessed an item in Issue 251 as M risk. The relevant finding follows: AutoPxGlp.setPlatform and AutoPxGmx.setPlatform break the vaults functionalities. Looking at AutoPxGlp.setPlatform: this admin setter allows the owner to change the pirexGmx address in AutoPxGlp. The issue is that it...

Replay Attack possible by processCalls function

Lines of code Vulnerability details Impact Calls can be processed multiple times Proof of Concept The processCalls function uses the require function to check whether the nonce and calls values have been relayed, but it does not check whether the sender value is the same as the msg.sender value...

CrossChainExecutorPolygon does not implement the executeCalls function

Lines of code Vulnerability details Impact The CrossChainExecutor contracts in the codebase are meant to follow the CrossChainExecutor interface as defined in EIP-5164. Each L2 network specific CrossChainExecutor contract is also expected to inherit and follow the ICrossChainExecutor interface...

relayCalls won't work for expensive operations

Lines of code Vulnerability details relayCalls won't work for expensive operations Vulnerability Details With maxGasLimit assigned to more than typeuint32.max and relayCalls being called with gasLimit equal or greater than typeuint32.max + 1, it will revert because of the overflow at casting. Thi...

CrossChainExecutor contracts do not update the necessary states for failing transactions.

Lines of code Vulnerability details Impact The CrossChainExecutorArbitrum and CrossChainExecutorOptimism contracts both use CallLib library to invoke Calls on external contract. As per the CallLib library implementation, any failing Call results in the entire transaction getting reverted. The...

Current implementation may be vulnerable to griefing attacks

Lines of code Vulnerability details Impact EIP 5164 states that: CrossChainExecutors SHOULD revert with a CallFailure error if a call fails. The current implementation of EIP-5164 makes the assumption CallLib.solL61-L72 that all call data are legitimately crafted. For context-agnostic protocols,...

Cross-chain request does not have expiration time

Lines of code Vulnerability details Impact Cross-chain request does not have expiration time Proof of Concept In the current implementation, a caller in source chain can perform a relayer call to starts a cross-chain request. But it is not clearly when the executor will be executing the...

ProcessedCalls Event Emission Vulnerability

Lines of code Vulnerability details Summary The contract is vulnerable to reentrancy attacks through the ProcessedCalls event. The event is emitted with the ticketId of the newly created retryable ticket, which can be used by an attacker to reenter the contract. Impact An attacker could exploit...