Immunefi Audit Competitions
Active Boosts
  • README
  • Alchemix
    • 30555 - [SC - Low] Precision loss when calculating the FLUX amount...
    • 30556 - [SC - Low] Past defeated proposals may become executable i...
    • 30565 - [SC - Low] veALCX does not comply with ERC breaking compos...
    • 30584 - [SC - Insight] Invalid check to make sure Minter is already in...
    • 30592 - [SC - Medium] DOS attack by delegating tokens at MAX_DELEGATE...
    • 30598 - [SC - Low] Access Control Flaw in _burn Function Leads to ...
    • 30613 - [SC - Medium] malicious user can front run any call to the sw...
    • 30634 - [SC - Critical] Unauthorized minting of unlimited FLUX in tran...
    • 30650 - [SC - Critical] Infinite minting of FLUX through voterpoke
    • 30651 - [SC - Critical] Insolvency in RevenueHandlersol because unclaim...
    • 30655 - [SC - Critical] Binary search does not correctly handle duplica...
    • 30667 - [SC - Medium] Unlimited gauge numbers can DoS users distribut...
    • 30671 - [SC - Critical] Reward token permanent freeze due to bulk call ...
    • 30682 - [SC - Critical] Insufficient slippage control in RevenueHandler...
    • 30683 - [SC - Critical] User can increase their unclaimed Flux token wi...
    • 30685 - [SC - Medium] The proposer can be impeded from submitting a p...
    • 30694 - [SC - Low] Users approved for a single token id cannot wit...
    • 30699 - [SC - High] Permanent freezing of unclaimed ALCX yield when...
    • 30704 - [SC - Medium] Griefing an account from getting votes delegate...
    • 30708 - [SC - Low] treasuryPct can be exceeded than BPS due to inc...
    • 30710 - [SC - Insight] The execution of the proposal has no expiration
    • 30711 - [SC - Low] The result of the AggregatorVInterface is not v...
    • 30781 - [SC - Low] It is possible to lower the quorum requirements...
    • 30788 - [SC - Critical] User can increase their unclaimed Flux token wi...
    • 30800 - [SC - Critical] Stealing FLUX by claiming then merging position...
    • 30814 - [SC - Critical] Wrong calculation of boost amount in Voterpoke
    • 30818 - [SC - Low] division before multiplication in theamountToRa...
    • 30825 - [SC - Critical] Users can get unlimited amounts of Flux tokens
    • 30826 - [SC - High] ALCK rewards are lost when merging tokens becau...
    • 30860 - [SC - Critical] Wrong timestamp for totalVoting
    • 30886 - [SC - Medium] Wrong totalWeight in Votersol
    • 30898 - [SC - Critical] Call the deposit function before the distribute...
    • 30906 - [SC - Critical] Voterpoke can be called at will leading to a us...
    • 30910 - [SC - High] Processing of voting results is not implemented...
    • 30918 - [SC - Insight] Incorrect implementation of ownerOf makes veALC...
    • 30919 - [SC - Critical] Front running of pokeTokens could lead to loss ...
    • 30920 - [SC - Low] User loses access to claims after merging of to...
    • 30921 - [SC - Low] Referential assignment causes incorrect block i...
    • 30922 - [SC - High] DOS of withdrawals through filling the userPoin...
    • 30925 - [SC - Critical] Manipulation of governance voting result by unl...
    • 30926 - [SC - Low] AlchemixGovernor updates to quorum can affect p...
    • 30939 - [SC - Critical] Misuse of curve pool calls results for precisio...
    • 30951 - [SC - Low] Incorrect ownerOf implementation makes veALCX n...
    • 30959 - [SC - Insight] Immutable gauges can break the state of the vot...
    • 30972 - [SC - Critical] Theft of unclaimed yield of the revenue in the ...
    • 30973 - [SC - Low] Incorrect Validation of treasuryPct in the Reve...
    • 30985 - [SC - Medium] Griefing attack prevents admins from disabling ...
    • 30990 - [SC - Critical] Users can use Voterpoke to accrue Flux tokens i...
    • 30992 - [SC - Insight] Inconsistent State Missing Event Emission in Fl...
    • 30999 - [SC - Critical] An edge-case mints times more FLUX than it should
    • 31008 - [SC - High] Alcx rewards are permanently frozen when two to...
    • 31042 - [SC - High] Claiming alchemic-token rewards can fail for so...
    • 31071 - [SC - Critical] User can steal bribes and prevent other users f...
    • 31076 - [SC - Critical] checkpointTotalSupply can checkpoint before a t...
    • 31077 - [SC - Critical] RevenueHandler counts unclaimed tokens as new r...
    • 31078 - [SC - High] withdraw doesnt claim all rewards before burnin...
    • 31079 - [SC - Critical] Claiming bribes for epochs you didnt vote for l...
    • 31080 - [SC - Insight] DoS in startCooldown when users want start cool...
    • 31082 - [SC - Critical] Expired locks can be used to claim rewards
    • 31085 - [SC - Critical] Malicious users can front-run the distribution ...
    • 31087 - [SC - Low] Colition between approve and _isApprovedOrOwner...
    • 31112 - [SC - Critical] Bribesolwithdraw doesnt update the totalVotings...
    • 31141 - [SC - Critical] Permanent freezing of unclaimed yield of reward...
    • 31149 - [SC - Critical] Manipulation of governance voting result by unl...
    • 31151 - [SC - Medium] Delegation Saturation Leading to Asset Freezing...
    • 31163 - [SC - Critical] Malicious actor can acquire bribe rewards by bl...
    • 31184 - [SC - Critical] Deflating the total amount of votes in a checkp...
    • 31189 - [SC - High] Voting algorithm does not apply maximum availab...
    • 31196 - [SC - Critical] Voterpoke does not check lastVoted resulting in...
    • 31198 - [SC - Critical] VotingEscrowmerge does not check whether the _f...
    • 31199 - [SC - Critical] Users might receive less rewars token after Vot...
    • 31211 - [SC - Critical] Inflation Of Total Votes and Potential Freeze o...
    • 31222 - [SC - Critical] Unlimited Flux minting
    • 31223 - [SC - Critical] Disproportionate Rewards Manipulation in Bribesol
    • 31226 - [SC - Insight] Missing Revert Message in require statement lea...
    • 31234 - [SC - Medium] Alchemix BlockSlope variable in checkpoint rou...
    • 31242 - [SC - Critical] RevenueHandlercheckpoint allows users to claim ...
    • 31249 - [SC - Critical] malicious user can back-run Voterdistribute to ...
    • 31253 - [SC - Critical] RevenueHandlercheckpoint isnt correctly
    • 31258 - [SC - High] Loss of Unclaimed Bribes After Burning veALCX T...
    • 31263 - [SC - Critical] RevenueHandlercheckpoint counts unclaimed rewar...
    • 31264 - [SC - Insight] Multiple Reports QALowOOS Medium
    • 31272 - [SC - Low] Approved user cant merge tokens not approved fo...
    • 31276 - [SC - High] BPT can be locked for only week resulting in u...
    • 31277 - [SC - Insight] The user can propose with less voting power tha...
    • 31280 - [SC - Critical] Malicious user can mint unlimited flux tokens
    • 31281 - [SC - Low] Approved spender cannot withdraw or merge
    • 31284 - [SC - Insight] cancel should allow to cancel the proposal of t...
    • 31293 - [SC - High] Voters who withdraw veLACX tokens risk losing g...
    • 31295 - [SC - High] Newly created gauge may missed out on its rewards
    • 31298 - [SC - Medium] Anyone can let users delegates reach the upper ...
    • 31309 - [SC - Critical] slippage protection is inaccurate
    • 31326 - [SC - High] Precision loss causes minor loss of FLUX when c...
    • 31329 - [SC - Critical] Attacker can gain infinitive FLUX by repeating ...
    • 31335 - [SC - High] getActualSupply should be used instead of total...
    • 31355 - [SC - Low] Past Defeated Proposals Can Be Executed in the ...
    • 31375 - [SC - Critical] Lack of Access control in poke function allows ...
    • 31377 - [SC - Critical] Stucked yield tokens upon withdrawal of votes f...
    • 31380 - [SC - High] FluxTokencalculateBPT uses wrong algorithm caus...
    • 31381 - [SC - Low] Alchemix Incorrect Initialisation of struct in...
    • 31382 - [SC - High] VotingEscrowupdateUnlockTime - Its possible for...
    • 31383 - [SC - Low] price feeds sanity checks isnt correct in funct...
    • 31385 - [SC - Low] RewardsDistributortokensPerWeek might be zero i...
    • 31386 - [SC - Critical] Malicious user can steal FLUX token by abusing ...
    • 31388 - [SC - Critical] Vulnerability in the poke function of Voting co...
    • 31390 - [SC - High] Precision Loss in FluxTokensolgetClaimableFlux
    • 31397 - [SC - Critical] In Bribesol _writeVotingCheckpoint isnt called ...
    • 31399 - [SC - High] RewardDistributor claims can be DoSed through e...
    • 31407 - [SC - Insight] Alchemist is given over Allowance through Reven...
    • 31408 - [SC - Critical] Killed Gauge continue to accrue and steal rewar...
    • 31409 - [SC - Critical] Users can grief Bribe rewards forcing them to b...
    • 31410 - [SC - Medium] Griefing Attack using delegate will expose User...
    • 31413 - [SC - Medium] DOS attack by delegating tokens at MAX_DELEGATES
    • 31416 - [SC - Insight] Impossible to set boostMultiplier to MIN_BOOST
    • 31417 - [SC - Insight] Compound claiming transactions will revert if u...
    • 31418 - [SC - Critical] the killed gauge collect claim amount
    • 31420 - [SC - Insight] No array lengths check in VotersolclaimBribes
    • 31425 - [SC - Medium] Users can call reset on their token even if the...
    • 31430 - [SC - Insight] QA
    • 31435 - [SC - High] ALCX rewards arent claimed for from token when ...
    • 31443 - [SC - Insight] Incorrect values of votingDelay and votingPerio...
    • 31444 - [SC - Critical] Manipulation of ve voting mechanism unlimited b...
    • 31447 - [SC - High] veALCX holders are able to withdraw rewards and...
    • 31448 - [SC - Medium] Bypassing the Governances proposal threshold to...
    • 31449 - [SC - Low] BribegetRewardForOwner should not revert if the...
    • 31451 - [SC - Insight] MAX_PROPOSAL_NUMERATOR is incorrectly set
    • 31453 - [SC - Critical] The balance of RevenueHandler can be drained
    • 31458 - [SC - Critical] Invalid handling of epochs revenue for tokens t...
    • 31460 - [SC - Insight] supportsInterface does not return typeIERCRecei...
    • 31461 - [SC - Critical] veALCX holder can mint Unlimited FLUX tokens
    • 31462 - [SC - Medium] Alchemix addReward access control can be bypas...
    • 31466 - [SC - Critical] Wrong reward calculation leads to rewards being...
    • 31470 - [SC - Critical] Bribing protocols pay bribes but dont get emiss...
    • 31472 - [SC - Critical] Stealing all revenue from the Alchemix protocol
    • 31478 - [SC - High] calculateBPT doesnt divide by basis points infl...
    • 31479 - [SC - High] alchemechNFT holder will get too little FLUX be...
    • 31480 - [SC - High] Miscalculation of global bias
    • 31481 - [SC - Critical] Undound FLUX accrual through reset and merge
    • 31483 - [SC - Critical] Users can vote multiple times in one epoch
    • 31484 - [SC - High] Rewards for the first epoch at rewards distribu...
    • 31485 - [SC - Critical] Miscalculation of distributed tokens at revenue...
    • 31486 - [SC - High] getClaimableFlux miscalculates claimable FLUX f...
    • 31487 - [SC - Low] Wrong condition check on RevenueHandlerconstruc...
    • 31488 - [SC - Critical] Merging tokens allows multiple Flux accruals wi...
    • 31494 - [SC - High] Alchemix The first epochs ALCX emissions of vo...
    • 31495 - [SC - Critical] Users cannot claim rewards from RevenueHandler ...
    • 31497 - [SC - Low] executeBatch lacks payable so ethers can not be...
    • 31498 - [SC - High] Alchemix ALCX rewards are currently subject to...
    • 31503 - [SC - Insight] Incorrect value of MAX_PROPOSAL_NUMERATOR in Al...
    • 31507 - [SC - Critical] Malicious user could flash-loan the veALCX to i...
    • 31512 - [SC - Critical] Infinite minting of FLUX through Merge
    • 31514 - [SC - Medium] Malicious users can cause pokeTokens to revert
    • 31519 - [SC - Low] Lack of revert statement in Votersolpoke result...
    • 31520 - [SC - Critical] Incorrect accounting of totalVoting leads to pe...
    • 31521 - [SC - Medium] Early return in RewardsDistributorclaim can cau...
    • 31523 - [SC - Low] USDT Approval will cause function failure
    • 31524 - [SC - High] Rounding down in getClaimableFlux leads to less...
    • 31526 - [SC - Critical] A user is able to claim more bribes than they h...
    • 31527 - [SC - Critical] No accounting for totalVoting in Bribesolwithdr...
    • 31539 - [SC - Medium] The Voterdistribute function can continue to fail
    • 31540 - [SC - Insight] Expired Token Locks Impacting Vote Weight Calcu...
    • 31541 - [SC - Critical] FluxTokens unlimited mint and Exploitation of g...
    • 31542 - [SC - Low] Bribeearned - L Its potentially possible to ear...
    • 31544 - [SC - High] Certain small amount of tokens are not accounte...
    • 31552 - [SC - Insight] Lack of the validation for a Flash token protec...
    • 31555 - [SC - Low] RewardsDistributoramountToCompound - L The stal...
    • 31556 - [SC - Critical] Unfair Revenue Distribution in Non-Alchemix Rev...
    • 31558 - [SC - Insight] Discrepancy in MAX_PROPOSAL_NUMERATOR Value in ...
    • 31559 - [SC - Low] Minter UpdatePeriod after weeks causes Rewards...
    • 31562 - [SC - Medium] Every consecutive epoch will have same number o...
    • 31563 - [SC - Low] Oracle days staleThreshold for priceTimestamp ...
    • 31566 - [SC - Medium] Checkpoints wont update block number in point b...
    • 31567 - [SC - Critical] VotingEscrowsolcheckpoint is completely broken
    • 31575 - [SC - Medium] depositIntoRewardPool and withdrawFromRewardPo...
    • 31579 - [SC - Critical] Infinite mint of FLUX using poke
    • 31583 - [SC - Insight] Off by one error while adding reward pool token
    • 31584 - [SC - Critical] Loss Of Boosted Weight When Poking In The Same ...
    • 31588 - [SC - Low] Users could start cooldown period for their wit...
    • 31592 - [SC - Insight] Collection of other important issues
    • 31594 - [SC - Insight] RewardPoolManager can only add RewardPoolToken ...
    • 31597 - [SC - High] Loss of precision while calculating claimable f...
  • BadgerDAO (eBTC)
    • 28546 - [SC - Insight] FlashLoan can be taken with no fee to be paid
    • 28605 - [SC - Insight] Reentrancy on ActivePool allows users to borrow...
    • 28659 - [SC - Insight] Reentrancy in BorrowerOperationsflashLoan enabl...
    • 28713 - [SC - Insight] Reentrancy on BorrowerOperations allows users t...
    • 28791 - [SC - Low] The system protects from any rounding issues wh...
    • 28823 - [SC - Insight] Lido slashing can negatively affect the whole l...
    • 28828 - [SC - Low] Use of deprecated Chainlink API can lead contra...
    • 28843 - [SC - Low] Canceled partial redeeming syncs the accounting...
    • 28849 - [SC - Low] Using batchRedemption even if the TCR becomes s...
    • 28853 - [SC - Insight] Trycatch will not function with internal type
    • 28858 - [SC - Insight] Execution of SortedCpds while command may cause...
    • 28862 - [SC - Insight] Static MIN_CHANGE threshold and lack of relativ...
    • 28864 - [SC - Insight] Unfair Liquidation when ICR equals TCR in redee...
    • 28890 - [SC - Insight] EBTCTokensol mint function lack of checks allow...
    • 28916 - [SC - Insight] Liquidation Abuse More than half of all assets ...
    • 28967 - [SC - Insight] When fallback oracle is frozen fetchPrice can r...
    • 28973 - [SC - Insight] Users CDPs can be removed unintentionally by CD...
    • 28980 - [SC - Insight] Ther is an invariant Check Failure in flashLoan...
    • 29000 - [SC - Insight] Potential for Denial-of-Service in the redeemCo...
    • 29002 - [SC - Insight] Incorrect implementation of EIP- domain separat...
  • DeGate
    • 25882 - [SC - Insight] Freezing of funds from the Default Deposit Cont...
    • 25885 - [SC - Insight] Prevent the operator from submitting blocks to L
    • 25886 - [SC - Insight] registerToken can be front-run causing token ca...
    • 25892 - [SC - Insight] A malicious user can DoS force withdraw request...
    • 25903 - [SC - Insight] Possible loss of user funds by front-runing the...
    • 25906 - [SC - Insight] setDelay function doesnt revert even when the d...
    • 25917 - [SC - Insight] Timelock can call transferProxyOwnership of Dep...
    • 25921 - [SC - Insight] Flaw in upgradeToAndCall leads to the proxy cal...
    • 25927 - [SC - Insight] MultiSig Owners can set malicious implementatio...
    • 25930 - [SC - Insight] Malicious owner can update the DepositParams st...
    • 25933 - [SC - Insight] The last person to confirm can control the exec...
    • 25935 - [SC - Insight] Permissive Fallback Function
    • 25952 - [SC - Insight] The smart contract could be inoperable due to w...
    • 26012 - [SC - Insight] getTransactionIds will break at some point runn...
    • 26017 - [SC - Insight] getTransactionCount will break at some point ru...
    • 26039 - [SC - Insight] Proxy contract deployments can be front-run to ...
    • 26066 - [SC - Insight] Timelock eta variable can be set further than i...
    • 26073 - [SC - Insight] The implementation upgrade must be done by call...
    • 26095 - [SC - Insight] ID Uniqueness Violations
    • 26104 - [SC - Insight] Governance mechanism could be exploited to free...
    • 26110 - [SC - Insight] All the funds from the DepositProxy contracts c...
    • 26116 - [SC - Insight] The MultiSigWalletgetTransactionIds function co...
    • 26124 - [SC - Insight] Some owners of the MultiSigWallet can bring the...
    • 26189 - [SC - Insight] Malicious Exchange Owner can sandwich-attack Et...
    • 26204 - [SC - Insight] DeGate Operator has capability to disable balan...
    • 26236 - [SC - Insight] Malicious DeGate Operator EOA can irreversibly ...
    • 26259 - [SC - Insight] txHash collision is possible
    • 26275 - [SC - Insight] Bad implementation of executeTransaction functi...
    • 26286 - [SC - Insight] Potential Signature Validation Bypass
    • 26422 - [SC - Insight] there is no explicit gas limit in external call...
    • 26423 - [SC - Insight] Timelock executeTransaction function will succe...
    • 26431 - [SC - Insight] High Risk in transfer of proxyOwnership
    • 26446 - [SC - Insight] Consider implementing a two step process in tra...
    • 26468 - [SC - Insight] Fee-on-transfer tokens can be used to steal oth...
    • 26479 - [SC - Insight] ExchangeV cannot be reinitialized after an upgrade
    • 26501 - [SC - Insight] Timelock should handle queuing transactions and...
    • 26502 - [SC - Insight] DeGate Exodus mode forcing study
    • 26509 - [SC - Insight] Exodus Mode Force
    • 26516 - [SC - Insight] Gnosis Multisig Contract can become unusable
    • 26519 - [SC - Insight] Consider introducing the ability to change requ...
    • 26520 - [SC - Insight] Multisig Contract onChain can be bricked
    • 26521 - [SC - Insight] ChainId is missing
    • 26527 - [SC - Insight] Possible emission of wrong data in cancelTransa...
    • 26529 - [SC - Insight] Mitigate Griefing Attacks Theft of Gas by Impl...
    • 26530 - [SC - Insight] Inefficiency in upgradeToAndCall
  • Firedancer v0.1
    • Boost _ Firedancer v0.1 33347 - [Blockchain_DLT - Medium] Integer underflow leading to memory corrup
    • Boost _ Firedancer v0.1 33348 - [Blockchain_DLT - Medium] Integer underflow leading to memory corrup
    • Boost _ Firedancer v0.1 33378 - [Blockchain_DLT - Medium] OOB Write leading to memory corruption in
    • Boost _ Firedancer v0.1 33586 - [Blockchain_DLT - Insight] fd_ebpf_static_link - possible disclosure
    • Boost _ Firedancer v0.1 33669 - [Blockchain_DLT - Medium] fd_quic_process_packet out of bounds read
    • Boost _ Firedancer v0.1 33717 - [Blockchain_DLT - Medium] Memory corruption caused by fully controll
    • Boost _ Firedancer v0.1 33718 - [Blockchain_DLT - Medium] The malicious fd_shred_t data passed betwe
    • Boost _ Firedancer v0.1 33774 - [Blockchain_DLT - Medium] The malicious fd_txn_p_t data passed betwe
    • Boost _ Firedancer v0.1 33862 - [Blockchain_DLT - Insight] Discord Server Vulnerable to Takeover in
    • Boost _ Firedancer v0.1 33936 - [Blockchain_DLT - Medium] shred tile fails to process zero sized udp
    • Boost _ Firedancer v0.1 34064 - [Blockchain_DLT - Medium] bank tile possible code execution
    • Boost _ Firedancer v0.1 34234 - [Blockchain_DLT - Insight] Setting the variable shred_cnt in the shr
    • Boost _ Firedancer v0.1 34272 - [Blockchain_DLT - Medium] Remote memory corruption in Shred tile
    • Boost _ Firedancer v0.1 34290 - [Blockchain_DLT - Medium] bank tile overflow
    • Boost _ Firedancer v0.1 34501 - [Blockchain_DLT - Medium] DoS in shreds validation
    • Boost _ Firedancer v0.1 34564 - [Blockchain_DLT - Medium] shred tile overflow
    • Boost _ Firedancer v0.1 34682 - [Blockchain_DLT - Medium] DoS in shreds validation
  • Folks Finance
    • Boost _ Folks Finance 33258 - [Smart Contract - Insight] Usage of floating pragma
    • Boost _ Folks Finance 33269 - [Smart Contract - Critical] Logic flaw in UserLoanincreaseCollateral leads to double-counting of effectiveCollateral of userLoan
    • Boost _ Folks Finance 33272 - [Smart Contract - Medium] FrontRunning Attack on createAccount
    • Boost _ Folks Finance 33280 - [Smart Contract - Low] NodeManagersupportsInterface doesnt follow EIP-
    • Boost _ Folks Finance 33311 - [Smart Contract - Critical] Infinite Interest rate bug
    • Boost _ Folks Finance 33353 - [Smart Contract - Low] Incorrect implementation of Time-Weighted Average Price for a Chainlink feed will lead to Incorrect Liquidation amount and breaks multiple price consumption based function
    • Boost _ Folks Finance 33356 - [Smart Contract - Low] All data in _userLoans mapping will not be deleted after calling deleteUserLoan
    • Boost _ Folks Finance 33376 - [Smart Contract - Insight] BridgeRouterreceiveMessage Allows Message Replay Across Different Adapters
    • Boost _ Folks Finance 33441 - [Smart Contract - Insight] Protocol uses Pyth to fetch price which is a pull based oracle and requires price updates to be pushed by the user which is not taken care off
    • Boost _ Folks Finance 33443 - [Smart Contract - Low] StalenessCircuitBreakerNode checks if the last update time of the parent node is less than the threshold but the publicTime could be greater than current blocktimestamp
    • Boost _ Folks Finance 33454 - [Smart Contract - Low] unsafe casting will lead to break of PythNode Oracle
    • Boost _ Folks Finance 33526 - [Smart Contract - Insight] Need to check returnAdapterId
    • Boost _ Folks Finance 33533 - [Smart Contract - Critical] depositDatainterestRate is not correct
    • Boost _ Folks Finance 33534 - [Smart Contract - Medium] denial of service vulnerability and possible griefing in cross-chain account creation
    • Boost _ Folks Finance 33540 - [Smart Contract - Low] ChainlinkNode uses cached decimals in the calculation instead of fresh one
    • Boost _ Folks Finance 33542 - [Smart Contract - Medium] Attacker can create loan before users tx is completed through bridge
    • Boost _ Folks Finance 33546 - [Smart Contract - Medium] Adversaries can manipulate victims stable rate to remain excessively high via flashloan
    • Boost _ Folks Finance 33566 - [Smart Contract - Low] RepayWithCollateral will almost always fail in partial repayment
    • Boost _ Folks Finance 33568 - [Smart Contract - Medium] Front-running vulnerability in cross-chain loan creation process could lead in funds loss for users
    • Boost _ Folks Finance 33588 - [Smart Contract - Insight] The liquidator can make the protocol incur bad debt by partially liquidating the position
    • Boost _ Folks Finance 33589 - [Smart Contract - Medium] Anyone can call the BridgeRouter Recieve function with malicious data to transfer funds
    • Boost _ Folks Finance 33596 - [Smart Contract - Low] Incorrect rounding direction in HubPoolLogicupdateWithRepayWithCollateral can lead to accounting error of total token amount in HubPool
    • Boost _ Folks Finance 33609 - [Smart Contract - Medium] Account creation can be frontrun making the users unable to create an account
    • Boost _ Folks Finance 33611 - [Smart Contract - Medium] Adversary can perform a DoS on users createLoan and createLoanAndDeposit operation sent from Spoke chain
    • Boost _ Folks Finance 33614 - [Smart Contract - Medium] Front-Running Vulnerability in createAccount Method
    • Boost _ Folks Finance 33630 - [Smart Contract - High] Incorrect calculation of loanBorrowbalance
    • Boost _ Folks Finance 33631 - [Smart Contract - Low] Wrong implementation of chainLink getTwapPrice Can lead to wrong price or latest price being used
    • Boost _ Folks Finance 33643 - [Smart Contract - Low] PriceFeed from PythNode will always revert for some pools
    • Boost _ Folks Finance 33644 - [Smart Contract - Insight] Insufficient msgvalue validation for Wormhole adapters will lead to Wormhole cross-chain messages being reverted
    • Boost _ Folks Finance 33645 - [Smart Contract - Medium] Griefing an user from creating an account
    • Boost _ Folks Finance 33652 - [Smart Contract - Insight] BridgeRouters Unprotected Reversal Function Compromises User Control
    • Boost _ Folks Finance 33665 - [Smart Contract - Critical] Collateral Inflation Exploit via Zero-Amount Deposits Allows An Attacker to Drain Any Pool
    • Boost _ Folks Finance 33670 - [Smart Contract - Insight] Violator can deny his liquidation by front running it and changing the loan borrow type
    • Boost _ Folks Finance 33675 - [Smart Contract - Low] PythNodeprocess can revert because of incorrect casting
    • Boost _ Folks Finance 33684 - [Smart Contract - Critical] Lack of available liquidity check when sending token back from Hub leads to first deposit and inflation attack
    • Boost _ Folks Finance 33687 - [Smart Contract - Medium] Loan creation can be frontrun preventing the users from creating loans
    • Boost _ Folks Finance 33694 - [Smart Contract - Medium] stableBorrowRates are manipulatable through flashloan attacks
    • Boost _ Folks Finance 33695 - [Smart Contract - Critical] Attacker can borrow more than the collateral deposit
    • Boost _ Folks Finance 33713 - [Smart Contract - Insight] Some transactions can revert when nodetype is PriceDeviationSameOracleCircuitBreakerNode
    • Boost _ Folks Finance 33746 - [Smart Contract - Insight] Rounding down to zero leads to liquidate function will be halted with Panic error
    • Boost _ Folks Finance 33778 - [Smart Contract - Medium] The loan creation process can be griefed
    • Boost _ Folks Finance 33779 - [Smart Contract - Medium] The account creation process can be griefed
    • Boost _ Folks Finance 33780 - [Smart Contract - Critical] Zero deposits can be used to artificially inflate a users collateral value allowing them to borrow excess funds
    • Boost _ Folks Finance 33787 - [Smart Contract - Low] Function PythNodeprocess doesnt handle correctly PRECISION pythDataexpo
    • Boost _ Folks Finance 33807 - [Smart Contract - Low] updateInterestRate uses incorrect reference of borrow interest rate to calculate deposit interest can lead to the loss of lenders unclaimed yield
    • Boost _ Folks Finance 33816 - [Smart Contract - Critical] Attacker can get unlimited loan for some minimum deposit due to the incorrect calculation of user health in getLoanLiquidity
    • Boost _ Folks Finance 33817 - [Smart Contract - High] Incorrect calculation of effective borrow value in getLoanLiquidity leads to protocol insolvency through wrong withdrawals and liquidations
    • Boost _ Folks Finance 33852 - [Smart Contract - Insight] Small positions will not get liquidated
    • Boost _ Folks Finance 33869 - [Smart Contract - Medium] loanIds are easy to reproduce and front-running enable malicious parties to lock user funds
    • Boost _ Folks Finance 33870 - [Smart Contract - Low] convToRepayBorrowAmount calculation is incorrect causing liquidators to repay extra instead of receiving a bonus
    • Boost _ Folks Finance 33880 - [Smart Contract - Medium] Front-Running Vulnerability in createUserLoan Method
    • Boost _ Folks Finance 33885 - [Smart Contract - Low] Incorrect prices will be returned if the NodeType is PRICE_DEVIATION_CIRCUIT_BREAKER
    • Boost _ Folks Finance 33893 - [Smart Contract - Medium] Malicious users can DoS loan creations and deposits causing temporary funds freezing and additional costs incurred for message reversals
    • Boost _ Folks Finance 33923 - [Smart Contract - Low] Function HubPoolLogicupdateWithWithdraw doesnt round up in favour of protocol if isFAmount false
    • Boost _ Folks Finance 33935 - [Smart Contract - Insight] Liquidations dont ensure the violator loan becomes healthy afterwards
    • Boost _ Folks Finance 33947 - [Smart Contract - Low] During liquidations when borrowToRepay collateral the liquidator pays more borrowAmount than they should and receives no bonus
    • Boost _ Folks Finance 33950 - [Smart Contract - Low] pythnode oracle unexpected revert
    • Boost _ Folks Finance 33953 - [Smart Contract - Low] Calling process function will not revert even if two oracle nodes of the same type are used
    • Boost _ Folks Finance 33970 - [Smart Contract - Medium] User deposits can be blocked
    • Boost _ Folks Finance 33978 - [Smart Contract - Critical] Attacker can Inflate effectiveCollateralValue
    • Boost _ Folks Finance 33981 - [Smart Contract - Low] The PythNode library process function implementation does not account for pythDataexpo being greater than PRECISION
    • Boost _ Folks Finance 33987 - [Smart Contract - Medium] Incorrect access control in receiveMessage leads to total loss of funds
    • Boost _ Folks Finance 34025 - [Smart Contract - Medium] Malicious user can DoS the creation of every account at no cost by front running it with the same accountId
    • Boost _ Folks Finance 34028 - [Smart Contract - Medium] Denial of Service DoS vulnerability in UserLoan creation due to front-running attack
    • Boost _ Folks Finance 34029 - [Smart Contract - Medium] Contract fails to mitigate potential critical state where anyone can call BridgeRouterHubreceiveMessage directly
    • Boost _ Folks Finance 34030 - [Smart Contract - Low] Incorrect rounding down in HubPoolLogicupdateWithWithdraw when users withdraw using underlying amount
    • Boost _ Folks Finance 34047 - [Smart Contract - Low] Adversaries can create a position that is nearly impossible to liquidate due to high gas consumption
    • Boost _ Folks Finance 34050 - [Smart Contract - High] Vulnerability in getLoanLiquidity leads to undervaluing stable debt
    • Boost _ Folks Finance 34052 - [Smart Contract - Low] withdraw doesnt round in favour of protocol for isFamountFalse
    • Boost _ Folks Finance 34054 - [Smart Contract - Low] In liquidation loanPoolcollateralUsed doesnt get reduced by collateralSeizedreserveAmount
    • Boost _ Folks Finance 34066 - [Smart Contract - Medium] Account Creation Front-Running Vulnerability Leading to Gas Fee Theft
    • Boost _ Folks Finance 34069 - [Smart Contract - Low] repayWithCollateral may revert when repay samll amount token
    • Boost _ Folks Finance 34074 - [Smart Contract - Critical] Hub missing check for available liquidity could lead to locked fund and utilization ratio exceeding
    • Boost _ Folks Finance 34076 - [Smart Contract - Low] Wrong way of deriving message keys using destination chains CCTP domain id
    • Boost _ Folks Finance 34085 - [Smart Contract - Low] partial repayment with collaterals will revert due to underflow
    • Boost _ Folks Finance 34122 - [Smart Contract - High] Wrong borrow balance calculation in the getLoanLiquidity function
    • Boost _ Folks Finance 34124 - [Smart Contract - Low] Smart contract cannot be accessed during the normal liquidation process that involves fully acquiring the borrowers balance
    • Boost _ Folks Finance 34127 - [Smart Contract - Low] Liquidator gets more debt than usual
    • Boost _ Folks Finance 34132 - [Smart Contract - Low] Liquidation bonus incorrectly inflates repayBorrowAmount instead of seizeUnderlyingCollateralAmount leading to wrong liquidations
    • Boost _ Folks Finance 34148 - [Smart Contract - Low] Full liquidations will fail for certain unhealthy positions
    • Boost _ Folks Finance 34150 - [Smart Contract - Low] Failed messages never expire and can be replayed by anyone potentially allowing users to be griefed
    • Boost _ Folks Finance 34153 - [Smart Contract - Low] TWAP query by chainlink is wrong according to chainlink docs
    • Boost _ Folks Finance 34158 - [Smart Contract - Low] NodeManagersupportsInterface returns false for typeIERCinterfaceId
    • Boost _ Folks Finance 34161 - [Smart Contract - Medium] Denial of Service via Front-Running in Loan Creation Mechanism
    • Boost _ Folks Finance 34169 - [Smart Contract - Low] Potential revert in PythNode library due to incorrect use of SafeCast toUint
    • Boost _ Folks Finance 34174 - [Smart Contract - Low] Bug in liquidation logic leads to stealing funds from liquidatorsunprofitable liquidations
    • Boost _ Folks Finance 34179 - [Smart Contract - High] Incorrect Updates to pooldepositDatatotalAmount and loancollateralUsed During Repayment with Collateral
    • Boost _ Folks Finance 34183 - [Smart Contract - Insight] rebalanceUp could be used to lower the userLoanstableInterestRates in certain conditions
    • Boost _ Folks Finance 34188 - [Smart Contract - Insight] BridgeRouterHub can add address adapter
    • Boost _ Folks Finance 34190 - [Smart Contract - Critical] Liquidated users can mix and manipulate stable and variable borrowings through exploitative liquidation process
  • Fuel Network | Attackathon
    • Attackathon _ Fuel Network 32269 - [Smart Contract - High] Incorrect fuel dce optimization register
    • Attackathon _ Fuel Network 32270 - [Smart Contract - Low] Inappropriate fuel dce on side affects
    • Attackathon _ Fuel Network 32271 - [Blockchain_DLT - Medium] Incorrect state range access helper
    • Attackathon _ Fuel Network 32275 - [Smart Contract - Medium] Various Sway Libs Bugs
    • Attackathon _ Fuel Network 32276 - [Smart Contract - Insight] wrong implementation in gt and lt func
    • Attackathon _ Fuel Network 32291 - [Blockchain_DLT - Insight] Profiling is incorrect for dependent g
    • Attackathon _ Fuel Network 32302 - [Smart Contract - Low] Src ContractConfigurables hash collision
    • Attackathon _ Fuel Network 32314 - [Smart Contract - Insight] Missing _disableInitializers in FuelER
    • Attackathon _ Fuel Network 32327 - [Websites and Applications - Low] REVISED Malicious Downtime via
    • Attackathon _ Fuel Network 32378 - [Smart Contract - Insight] Missing Zero-Check for Recipient Addre
    • Attackathon _ Fuel Network 32388 - [Smart Contract - Low] Buffer overflow in EncodeBufferAppend intr
    • Attackathon _ Fuel Network 32390 - [Smart Contract - Low] Unchecked Virtual Immediate Construction O
    • Attackathon _ Fuel Network 32412 - [Smart Contract - Insight] the IFP divide functions does not have
    • Attackathon _ Fuel Network 32438 - [Smart Contract - Low] Unhandled Bailout During AbstractInstructi
    • Attackathon _ Fuel Network 32439 - [Smart Contract - Low] Missing Alignment Check During AbstractIns
    • Attackathon _ Fuel Network 32453 - [Smart Contract - Low] Unhandled Side Effect During AbstractInstr
    • Attackathon _ Fuel Network 32459 - [Websites and Applications - Low] URGENT WEB funds drained using
    • Attackathon _ Fuel Network 32465 - [Blockchain_DLT - High] Abuse of CCP instruction to do cheap memo
    • Attackathon _ Fuel Network 32486 - [Blockchain_DLT - Medium] Public RPC node craches via GraphQL API
    • Attackathon _ Fuel Network 32491 - [Smart Contract - Low] Incorrect PushA PopA Mask Calculation
    • Attackathon _ Fuel Network 32536 - [Smart Contract - Insight] The control flow graph is incorrectly
    • Attackathon _ Fuel Network 32537 - [Smart Contract - Low] Different data types can be used when init
    • Attackathon _ Fuel Network 32548 - [Smart Contract - Low] Uncaught Integer Overflow During AbstractI
    • Attackathon _ Fuel Network 32612 - [Smart Contract - Low] Lack of slot hashing at adminsw can cause
    • Attackathon _ Fuel Network 32628 - [Blockchain_DLT - Medium] A GraphQL query crashes core process
    • Attackathon _ Fuel Network 32673 - [Smart Contract - Low] Missing array length check for non constan
    • Attackathon _ Fuel Network 32695 - [Blockchain_DLT - Insight] increasing processing for public nodes
    • Attackathon _ Fuel Network 32696 - [Smart Contract - High] incorrect setting of non_negative value i
    • Attackathon _ Fuel Network 32700 - [Smart Contract - High] double increasing underlying value in cei
    • Attackathon _ Fuel Network 32703 - [Smart Contract - Low] Unexpected variable shadowing during ir ge
    • Attackathon _ Fuel Network 32706 - [Smart Contract - High] the function subtract in signed libs like
    • Attackathon _ Fuel Network 32728 - [Smart Contract - Low] Incorrect literal type inference
    • Attackathon _ Fuel Network 32730 - [Smart Contract - Low] The Sway compiler currently disallows read
    • Attackathon _ Fuel Network 32768 - [Blockchain_DLT - Medium] WDCM and WQCM doesnt respect the fuel-s
    • Attackathon _ Fuel Network 32786 - [Smart Contract - Low] incorrect set of i bits to which it should
    • Attackathon _ Fuel Network 32812 - [Smart Contract - Low] Sway-libSRC- Buffer overflow in swap_confi
    • Attackathon _ Fuel Network 32825 - [Blockchain_DLT - High] Consensus between -bit and -bit system ca
    • Attackathon _ Fuel Network 32835 - [Smart Contract - Insight] sway compiler doesnt prevent function
    • Attackathon _ Fuel Network 32849 - [Smart Contract - Low] Insufficient array construction element ty
    • Attackathon _ Fuel Network 32854 - [Smart Contract - Low] Sway-libstd-libcompiler Storage collision
    • Attackathon _ Fuel Network 32859 - [Smart Contract - Low] Incorrect argument pointer creation
    • Attackathon _ Fuel Network 32860 - [Blockchain_DLT - Insight] Resource Abuse CCP instruction is load
    • Attackathon _ Fuel Network 32872 - [Smart Contract - High] Incorrect load_store_to_memcopy optimizat
    • Attackathon _ Fuel Network 32884 - [Smart Contract - Medium] Compilerstd-lib storage collison betwee
    • Attackathon _ Fuel Network 32886 - [Smart Contract - Medium] Incorrect function purity check
    • Attackathon _ Fuel Network 32924 - [Smart Contract - Insight] sways legacy storage namespacing is br
    • Attackathon _ Fuel Network 32935 - [Smart Contract - Insight] Insufficient trait duplication check
    • Attackathon _ Fuel Network 32937 - [Smart Contract - Insight] Fallback function can be directly call
    • Attackathon _ Fuel Network 32938 - [Smart Contract - Insight] Insufficient declaration shadowing che
    • Attackathon _ Fuel Network 32965 - [Blockchain_DLT - Critical] Messages to L included even on revert
    • Attackathon _ Fuel Network 32973 - [Smart Contract - Medium] Impl block dependency overwriting
    • Attackathon _ Fuel Network 32978 - [Blockchain_DLT - Insight] isolating the node from the networkcau
    • Attackathon _ Fuel Network 32979 - [Smart Contract - Low] operations with StorageVec incorrectly rev
    • Attackathon _ Fuel Network 32987 - [Blockchain_DLT - Insight] Sending a message with ETH and data to
    • Attackathon _ Fuel Network 33039 - [Smart Contract - High] The subtraction function is not correctly
    • Attackathon _ Fuel Network 33045 - [Smart Contract - Low] Compiler Dead Code Elimination inconsisten
    • Attackathon _ Fuel Network 33101 - [Smart Contract - Insight] Associated functions that were impleme
    • Attackathon _ Fuel Network 33139 - [Smart Contract - Insight] Unreachable panic in sway compiler whe
    • Attackathon _ Fuel Network 33140 - [Smart Contract - Insight] Sway compiler crash when compile malic
    • Attackathon _ Fuel Network 33168 - [Smart Contract - High] Incorrect Sign Determination In Multiply
    • Attackathon _ Fuel Network 33170 - [Smart Contract - Medium] UFP Exp In Sway-lib Logic Vulnerability
    • Attackathon _ Fuel Network 33171 - [Smart Contract - Insight] panic on unwrapping in decl_to_type_in
    • Attackathon _ Fuel Network 33172 - [Smart Contract - Insight] OOB in type_check_analyze of ImplTrait
    • Attackathon _ Fuel Network 33175 - [Smart Contract - High] Sway-lib Subtract i Logic Vulnerability
    • Attackathon _ Fuel Network 33181 - [Smart Contract - Insight] users messages might encode incorrect
    • Attackathon _ Fuel Network 33186 - [Smart Contract - Medium] _compute_bytecode_root goes to an infin
    • Attackathon _ Fuel Network 33191 - [Smart Contract - Insight] Sway Formatting Behaves Differently Ba
    • Attackathon _ Fuel Network 33193 - [Blockchain_DLT - Medium] Fuel SDKs ABI Decoder Behaves Different
    • Attackathon _ Fuel Network 33195 - [Smart Contract - High] Incorrect Calculations in Subtraction Fun
    • Attackathon _ Fuel Network 33203 - [Smart Contract - Insight] function inlining doesnt consider asm
    • Attackathon _ Fuel Network 33207 - [Smart Contract - Insight] users created message when withdrawing
    • Attackathon _ Fuel Network 33227 - [Smart Contract - High] Lack of overflow protection in the pow fu
    • Attackathon _ Fuel Network 33233 - [Smart Contract - Medium] Incorrect Implementation of Unsigned -b
    • Attackathon _ Fuel Network 33239 - [Smart Contract - Low] Incorrect Implementation of IFP Min Functi
    • Attackathon _ Fuel Network 33240 - [Smart Contract - Insight] Incorrect Bitness in IFP Types
    • Attackathon _ Fuel Network 33242 - [Smart Contract - High] Incorrect Implementation of IFP Multiply
    • Attackathon _ Fuel Network 33248 - [Smart Contract - High] Incorrect Implementation of IFP Floor and
    • Attackathon _ Fuel Network 33267 - [Smart Contract - High] Bug in Multiply and Divide function
    • Attackathon _ Fuel Network 33286 - [Smart Contract - Insight] panic on unwrapping in type_check_trai
    • Attackathon _ Fuel Network 33295 - [Smart Contract - Low] Bug in array decoding can lead to critical
    • Attackathon _ Fuel Network 33302 - [Smart Contract - Medium] Exp function does not work correctly
    • Attackathon _ Fuel Network 33303 - [Smart Contract - Medium] Incorrect sign change
    • Attackathon _ Fuel Network 33331 - [Smart Contract - High] Overflow in Types Less Than u
    • Attackathon _ Fuel Network 33346 - [Blockchain_DLT - Low] Incorrect error handling when executing bl
    • Attackathon _ Fuel Network 33351 - [Smart Contract - Critical] ABI supertraits methods are available
    • Attackathon _ Fuel Network 33360 - [Blockchain_DLT - Medium] The typescript SDK has no awareness of
    • Attackathon _ Fuel Network 33401 - [Smart Contract - Insight] insight compiler crash - trait dummy m
    • Attackathon _ Fuel Network 33407 - [Smart Contract - Insight] Missing Zero-Check for to Address in w
    • Attackathon _ Fuel Network 33433 - [Smart Contract - Low] Self-append in Bytes data structure causes
    • Attackathon _ Fuel Network 33444 - [Smart Contract - Insight] Sway compiler crash for access out-of-
    • Attackathon _ Fuel Network 33450 - [Blockchain_DLT - Insight] fuel_gas_price_algorithm AlgorithmV ma
    • Attackathon _ Fuel Network 33451 - [Smart Contract - Medium] Incorrect code size estimation can bypa
    • Attackathon _ Fuel Network 33487 - [Smart Contract - Insight] Flags Do Not Affect Types Less Than u
    • Attackathon _ Fuel Network 33488 - [Smart Contract - Medium] Insecure implementation of StorageMap c
    • Attackathon _ Fuel Network 33519 - [Smart Contract - Critical] Silent Stack overflow on variables be
  • IDEX
    • Boost _ IDEX 34239 - [Smart Contract - Insight] Dont validate stale price in Pyth Network
    • Boost _ IDEX 34428 - [Smart Contract - Insight] Incorrect Condition in validateExitQuoteQuantityAndC
    • Boost _ IDEX 34437 - [Smart Contract - Insight] User positions could be unfairly liquidated due to s
    • Boost _ IDEX 34494 - [Smart Contract - High] Tokens deposit in ExchangeStargateVAdapterlzCompose is
    • Boost _ IDEX 34566 - [Smart Contract - Insight] Withdrawingsolwithdraw_delegatecall - Its possible f
  • Immunefi Arbitration
    • 29318 - [SC - Insight] Timelock contract should use canExecuteTransact...
    • 29341 - [SC - Insight] Unsafe Downcast vulnerability this can lead to ...
    • 29347 - [SC - Insight] Chainlinks latestRoundData might return stale o...
    • 29348 - [SC - Insight] Token price returned by PriceConsumer may be in...
    • 29384 - [SC - Insight] Malicious project can remove the ImmunefiGuard ...
    • 29432 - [SC - Low] Malicious project can grief reward payouts from...
    • 29445 - [SC - Insight] latestRoundData Call May Result Stale
    • 29467 - [SC - Low] RewardTimelockexecuteRewardTransaction - L Inco...
    • 29483 - [SC - Insight] RewardTimelockcanExecuteTransaction - Reward tr...
    • 29484 - [SC - Insight] Potential Loss of Precision in Conversion from ...
    • 29513 - [SC - Insight] Critical reentrancy vulnerability in executeRew...
    • 29604 - [SC - Insight] VaultDelegatesendReward - Token fees not subtra...
    • 29738 - [SC - Low] Missing Chainlink circuit breaker check allows ...
    • 29744 - [SC - Insight] Projects can pay rewards at up to below market...
    • 29760 - [SC - Insight] Enforcing Multiple Rewards During Arbitration B...
  • Lido: Mellow Vault
    • Boost _ Lido_ Mellow Vault 34756 - [Smart Contract - Insight] Missing calldata forwarding in Vaultde
  • Mitigation Audit | Folks Finance
    • Mitigation Audit _ Folks Finance 34929 - [Smart Contract - Critical] Accounting Discrepancy in Fee R
    • Mitigation Audit _ Folks Finance 34942 - [Smart Contract - Insight] In function function getTwapPric
    • Mitigation Audit _ Folks Finance 35089 - [Smart Contract - Insight] Malicious actor can control inte
  • Puffer Finance
    • 28612 - [SC - Insight] EigenLayers share rate can be massively inflate...
    • 28613 - [SC - Medium] User will lose funds
    • 28623 - [SC - Low] Timelock transaction that consume more then _ g...
    • 28625 - [SC - Insight] Gas griefing is possible on external call
    • 28629 - [SC - Insight] Missing restricted modifier on claimWithdrawalF...
    • 28630 - [SC - Insight] Improper Validation for Partial Filling of INCH...
    • 28632 - [SC - Insight] Setting delay at MINIMUM_DELAY in timelock fails
    • 28645 - [SC - Insight] Attacker Prevents All Users From Withdrawing Fu...
    • 28646 - [SC - Insight] Resubmission with Pause Bypass Potential Exploi...
    • 28650 - [SC - Insight] Protocol Insolvency due to the over inflated ca...
    • 28656 - [SC - Insight] Blocking redeemwithdraw from vault
    • 28660 - [SC - Insight] pufETHsrcTimelock_setDelay - L State constant M...
    • 28663 - [SC - Low] Deposit of stETH fails due to LIDOs - wei corno...
    • 28665 - [SC - Low] Underflow risk in receive function due to discr...
    • 28687 - [SC - Low] Timelocks executeTransaction incorrectly delete...
    • 28688 - [SC - Insight] Unhandled Failure of _executeTransaction Call i...
    • 28689 - [SC - Medium] incorrect lidoLockedETH value can block full re...
    • 28695 - [SC - Insight] pufETHsrcTimelockexecuteTransaction - L The tim...
    • 28698 - [SC - Insight] User can frontrun claim transaction to make cla...
    • 28702 - [SC - Insight] Malicious users can frontrun permits to DoS swaps
    • 28729 - [SC - Insight] MINIMUM_DELAY uses incorrect value of days ins...
    • 28732 - [SC - Insight] External Call from Eigen Layer can fail silentl...
    • 28773 - [SC - Insight] The function claimWithdrawalFromEigenLayer can ...
    • 28775 - [SC - Insight] pufETHsrcTimelocksolexecuteTransaction - This b...
    • 28777 - [SC - Low] pufETHsrcTimelocksolexecuteTransaction - This b...
    • 28779 - [SC - Insight] Missing sender address check in receive may lea...
    • 28788 - [SC - Critical] Slash during a withdrawal from EigenLayer will ...
    • 28789 - [SC - Low] Return value of call is not checked causing fai...
    • 28792 - [SC - Low] Return value of low level isnt checked executio...
    • 28796 - [SC - Low] The PufferVaultgetPendingLidoETHAmount will ret...
    • 28813 - [SC - Insight] PufferVaultclaimWithdrawalFromLido according to...
    • 28827 - [SC - Insight] Multi requestid claims can trigger DOS
    • 28833 - [SC - Insight] Missing slippage protection in functions deposi...
    • 28852 - [SC - Insight] Reverting permit transactions caught in the cat...
    • 28921 - [SC - Medium] Possibly protocol insolvency during a LIDO slas...
    • 28934 - [SC - Insight] TimelockcancelTransaction does not check asser...
    • 28942 - [SC - Insight] Self Destruction of inchRouter can lead to loss...
    • 28946 - [SC - Low] The assets accounting of the vault can become o...
    • 28947 - [SC - Insight] Info
    • 28964 - [SC - Insight] Claiming withdrawals from Lido can lead to unbo...
    • 28971 - [SC - Low] Double spending or double execution of transact...
    • 28991 - [SC - Insight] Contract uint delay variable cannot be set to i...
    • 29006 - [SC - Medium] Lack of Success check of the Timelock executeT...
    • 29015 - [SC - Low] Boolean return value of addresscall function no...
    • 29017 - [SC - Insight] Timelock is not capable of performing payable t...
    • 29033 - [SC - High] Queued data will be lost if Tx is unsuccessful ...
    • 29054 - [SC - Medium] Lido discounted withdrawals are not accounted for
    • 29060 - [SC - Medium] initiateETHWithdrawalsFromLido decreases totalA...
    • 29067 - [SC - Low] Puffer Finance Missing Verification of Externa...
    • 29073 - [SC - Insight] excuteTransaction in timelock contract will una...
    • 29080 - [SC - Insight] Uninitialized uups upgradeable can lead to loss...
    • 29081 - [SC - Insight] No constructor should be used to set in upgrade...
    • 29082 - [SC - Insight] Restricted modifier should not be used with int...
    • 29099 - [SC - Insight] Actual amount of stETH deposited is less than t...
    • 29106 - [SC - High] Insufficient Handling of Partial Failures in Wi...
    • 29110 - [SC - Insight] Insecure Token Allowance Management in PufferDe...
    • 29111 - [SC - Insight] Silent Failure of ERC Permit Calls in PufferDep...
    • 29116 - [SC - Low] Using deposit results in more shares for the sa...
  • Shardeum Ancillaries
    • Boost _ Shardeum_ Ancillaries 33040 - [Websites and Applications - Low] API CSRF protection bypass leading to arbitrary operator-cli command execution
    • Boost _ Shardeum_ Ancillaries 33392 - [Websites and Applications - Insight] Validator GUI password bruteforcing is possible using the proxies
    • Boost _ Shardeum_ Ancillaries 33490 - [Websites and Applications - Insight] Abusing blacklist functionality to get victims IP to be banned
    • Boost _ Shardeum_ Ancillaries 33522 - [Websites and Applications - Insight] Exposed Redis Service Vulnerability on apishardeumorg
    • Boost _ Shardeum_ Ancillaries 33558 - [Websites and Applications - Insight] In some instances the socket can be made to hang
    • Boost _ Shardeum_ Ancillaries 33571 - [Websites and Applications - Medium] Taking down the websocket server via malicious methods object override
    • Boost _ Shardeum_ Ancillaries 33577 - [Websites and Applications - Insight] Taking down the HTTP server via jayson -day vulnerability
    • Boost _ Shardeum_ Ancillaries 33692 - [Websites and Applications - Low] Reflected XSS in validator node endpoints leads to node shutdown via validator-gui
    • Boost _ Shardeum_ Ancillaries 33809 - [Websites and Applications - Insight] Blocking the user from interacting with GUI via rate-limiting abuse
    • Boost _ Shardeum_ Ancillaries 34298 - [Websites and Applications - Medium] archive-server can be killed by connected shardus-instance
    • Boost _ Shardeum_ Ancillaries 34367 - [Websites and Applications - Low] CSRF vulnerability due to missing SameSiteStrict attribute resulting blackhat to perform authenticated action
    • Boost _ Shardeum_ Ancillaries 34392 - [Websites and Applications - Medium] JSON-RPC Complete Password Recovery Through Timing Attack
    • Boost _ Shardeum_ Ancillaries 34473 - [Websites and Applications - Low] Insight XSS in json rpc server without CSP bypass
    • Boost _ Shardeum_ Ancillaries 34474 - [Websites and Applications - Insight] SQL injection in json-rpc-server within thetxStatusSaver function via the IP argument leads to application shutdown
    • Boost _ Shardeum_ Ancillaries 34475 - [Websites and Applications - Low] CSRF in Json RPC Server allows requesting authenticated API endpoints
    • Boost _ Shardeum_ Ancillaries 34492 - [Websites and Applications - Insight] DoS via unbounded tx id list processing in api endpoints
    • Boost _ Shardeum_ Ancillaries 34508 - [Websites and Applications - Critical] Malicious archiver can overwtite account data on any active archiver
  • Shardeum Core
    • 32942 - [BC - Low] The ChainID and URL parameters that can modify ...
    • 32982 - [BC - Critical] Crashing all Validators Vulnerability in eth_g...
    • 32993 - [BC - Critical] Crashing Validators by triggering an uncaught e...
    • 33044 - [BC - Medium] Preventing the network from loading by disconne...
    • 33086 - [BC - Critical] Complete shutdown of the transaction processing...
    • 33151 - [BC - Critical] Front running initial account data distribution
    • 33222 - [BC - Critical] An attacker can control which nodes can and can...
    • 33254 - [BC - Medium] The signature used to Gossip an UnjoinRequest h...
    • 33277 - [BC - Critical] Validators can be crashed via GET
    • 33278 - [BC - Critical] Improper input validation leads to DOS and tota...
    • 33395 - [BC - Insight] DoS attack on peer nodes through gossip-valid-j...
    • 33424 - [BC - Critical] Improper input validation in safeJsonParse lead...
    • 33428 - [BC - Critical] Validators can be crashed via pp
    • 33473 - [BC - High] Cross-chain replay attacks are possible due to ...
    • 33483 - [BC - Critical] shardeum validator bypass loop breaking increme...
    • 33520 - [BC - Insight] Inconsistent consensus issue for BlakeF precomp...
    • 33576 - [BC - High] Lack of deduplication in joinarchiver requests ...
    • 33632 - [BC - Critical] Signature forgery on behalf of other nodes lead...
    • 33637 - [BC - Critical] In get_tx_timestamp a prototype pollution bri...
    • 33638 - [BC - Critical] In remove_timestamp_cache a prototype polluti...
    • 33655 - [BC - Critical] Complete shutdown of the transaction processing...
    • 33696 - [BC - Critical] Failure to validate golden ticket admin cert
    • 33735 - [BC - Insight] Network split due to the sync issue in PP modul...
    • 33745 - [BC - Critical] A math quirk in Javascript allows anyone to tak...
    • 33750 - [BC - Critical] Abusing setCertTime Transactions to drain node ...
    • 33766 - [BC - Critical] Improper input validation in TransactionConsenu...
    • 33813 - [BC - Insight] Double slashing of validators
    • 33848 - [BC - High] For the first cycles of the network a maliciou...
    • 33872 - [BC - Critical] Infinite loop in shardeum
    • 33922 - [BC - Critical] Steal Rewards and Take over Network by Faking A...
    • 33925 - [BC - Critical] Improper input validation in fixDeserializedWra...
    • 33941 - [BC - Critical] A missing check for the type of a variable allo...
    • 33946 - [BC - Critical] Lack of voter deduplication in sync_trie_hashes...
    • 33963 - [BC - Critical] Crashing the network by filling timestamp cache...
    • 33972 - [BC - Critical] Inflating the votes of the hash for a malicious...
    • 34012 - [BC - Critical] Improper input validation in repair_oos_account...
    • 34019 - [BC - Critical] Lack of vote validation in sync_trie_hashes lea...
    • 34020 - [BC - Critical] An alternative entry point with a separated but...
    • 34053 - [BC - Critical] Malicious HTTP responses allow systemic applica...
    • 34093 - [BC - Critical] lib-net can be used to force oom reap of shardu...
    • 34201 - [BC - Critical] Prototype pollution vulnerability in remove_tim...
    • 34252 - [BC - Critical] Bypass Certificate Signing Validation
    • 34349 - [BC - High] Archiver Join Limit Logic Error
    • 34353 - [BC - Critical] Killing nodes by polluting tx timestamp cache o...
    • 34364 - [BC - Insight] pp deserialization denial of service issue
    • 34422 - [BC - High] Forcing the new POQo system to fail preventing ...
    • 34456 - [BC - Critical] Lack of consensus validation in repair_oos_acco...
    • 34476 - [BC - Critical] remove_timestamp_cache prototype pollution lead...
    • 34481 - [BC - Critical] Bypassing sender verification in gossip-final-s...
    • 34484 - [BC - Critical] Tricking legit node to signed maliciously contr...
    • 34489 - [BC - Insight] ActivetsValidateRecordTypes do not check all th...
    • 34500 - [BC - Critical] Prototype pollution vulnerability in get_tx_tim...
  • ThunderNFT | IOP
    • IOP _ ThunderNFT 34455 - [Smart Contract - Low] Double Token Vulnerability leads to drain funds
    • IOP _ ThunderNFT 34496 - [Smart Contract - High] Users cant withdraw their funds for removed assets
    • IOP _ ThunderNFT 34519 - [Smart Contract - High] users cant withdraw their tokens when specific asse
    • IOP _ ThunderNFT 34522 - [Smart Contract - Low] Self-transfer would inflate the balance
    • IOP _ ThunderNFT 34534 - [Smart Contract - Critical] Maker will always only get token even if specif
    • IOP _ ThunderNFT 34542 - [Smart Contract - Insight] Not Handling Balance Entries Properly in the Wit
    • IOP _ ThunderNFT 34545 - [Smart Contract - Low] Smart contract can be taken over by malicious user b
    • IOP _ ThunderNFT 34560 - [Smart Contract - Critical] Updating sell-maker-orders does not provide ref
    • IOP _ ThunderNFT 34565 - [Smart Contract - High] Selling maker cant cancel to retrieve his funds whe
    • IOP _ ThunderNFT 34567 - [Smart Contract - Medium] users with current bid order can not update their
    • IOP _ ThunderNFT 34578 - [Smart Contract - Insight] unds Not Locked During Order Placement
    • IOP _ ThunderNFT 34585 - [Smart Contract - High] Permanent freezing of NFTS that seller deposit into
    • IOP _ ThunderNFT 34587 - [Smart Contract - High] Users might temporarily get their funds locked in P
    • IOP _ ThunderNFT 34605 - [Smart Contract - Critical] ERC tokens can be stolen because the amount is
    • IOP _ ThunderNFT 34629 - [Smart Contract - Critical] Theft of Deposited Funds
    • IOP _ ThunderNFT 34630 - [Smart Contract - Critical] Incorrect Token Sale Amount
    • IOP _ ThunderNFT 34636 - [Smart Contract - Critical] The amount is set to when creating the Executio
    • IOP _ ThunderNFT 34642 - [Smart Contract - High] strategy de-listing causes sellers NFTs locked on T
    • IOP _ ThunderNFT 34659 - [Smart Contract - Low] Pool Balance Inflation
    • IOP _ ThunderNFT 34677 - [Smart Contract - Insight] NFTs can not be canceled since the cancel_order
    • IOP _ ThunderNFT 34702 - [Smart Contract - Low] the function register_royalty_info does not allow to
    • IOP _ ThunderNFT 34714 - [Smart Contract - Medium] owner of NFT who have sell orderlisting NFT can n
    • IOP _ ThunderNFT 34736 - [Smart Contract - Critical] ERC tokens are stuck on the contract if more th
    • IOP _ ThunderNFT 34760 - [Smart Contract - Low] Off-by-one error in get_supported_asset
    • IOP _ ThunderNFT 34761 - [Smart Contract - Low] Off-by-one error in get_whitelisted_strategy
    • IOP _ ThunderNFT 34791 - [Smart Contract - Low] Incompatibility with SRC might lead to inability of
    • IOP _ ThunderNFT 34800 - [Smart Contract - Critical] Improper input validation in order update funct
    • IOP _ ThunderNFT 34816 - [Smart Contract - High] users cant call update_order to update the strategy
    • IOP _ ThunderNFT 34839 - [Smart Contract - Low] Royalty Fee limit is not enforced for registered col
    • IOP _ ThunderNFT 34848 - [Smart Contract - Low] Incorrect verification of deposit asset leads to cre
    • IOP _ ThunderNFT 34906 - [Smart Contract - Low] Existing Sell order can be executed despite payment
    • IOP _ ThunderNFT 34930 - [Smart Contract - Critical] User can only trade token when ERC is used
    • IOP _ ThunderNFT 34934 - [Smart Contract - Critical] thunder_exchangeupdate_order can be abused to s
    • IOP _ ThunderNFT 34943 - [Smart Contract - High] User cant withdraw asset from pool after asset_mana
    • IOP _ ThunderNFT 34949 - [Smart Contract - Critical] Missing proper validation when updating order
    • IOP _ ThunderNFT 34955 - [Smart Contract - Critical] Nfts of type may be stolen by updating an order
    • IOP _ ThunderNFT 34957 - [Smart Contract - Critical] executionResults always returns an amount of le
    • IOP _ ThunderNFT 34958 - [Smart Contract - Critical] Incorrect Setting of Amount in ExecutionResult
    • IOP _ ThunderNFT 34962 - [Smart Contract - Low] tranfer_from function have critical issue which lead
    • IOP _ ThunderNFT 34963 - [Smart Contract - Insight] Invalid orders persist in storage maps with no i
    • IOP _ ThunderNFT 34964 - [Smart Contract - Low] Faulty Index out of Bounds
    • IOP _ ThunderNFT 34966 - [Smart Contract - High] Royalty or protocol fee of will DoS executing order
    • IOP _ ThunderNFT 34967 - [Smart Contract - Insight] Insights Report
    • IOP _ ThunderNFT 34973 - [Smart Contract - Low] royalty_managerregister_royalty_info might not work
    • IOP _ ThunderNFT 34975 - [Smart Contract - Low] Read out of index
    • IOP _ ThunderNFT 34980 - [Smart Contract - Critical] Order side manipulation can lead to theft of NF
  • ZeroLend
    • 28875 - [SC - Medium] Unauthorized minting of vested NFTs
    • 28885 - [SC - Medium] Lack of check for Lockend in merge LockerToken ...
    • 28892 - [SC - Medium] ZeroLockermerge can make a voting lock last lon...
    • 28910 - [SC - High] Bool check wrong in registerGauge
    • 28912 - [SC - Critical] Attackers can control the vote result and ampli...
    • 28938 - [SC - Medium] Attacker can invalidate users supplyWithPermit ...
    • 28943 - [SC - Medium] DoS when user want to supply repay asset using...
    • 28955 - [SC - High] Malicious user can transfer all unclaimed rewar...
    • 28970 - [SC - Medium] Attacker can grief a user by making his supplyW...
    • 28987 - [SC - Medium] Manipulation of governance is possible by minti...
    • 28988 - [SC - High] Mechanism for distributing extra reward tokens ...
    • 28992 - [SC - High] Permanent freezing of additional reward tokens
    • 29012 - [SC - High] Votes manipulation in PoolVoter
    • 29019 - [SC - High] The ZeroLendToken contract in the Governance mo...
    • 29026 - [SC - High] Hackers can steal the unclaimed yield to get th...
    • 29031 - [SC - Critical] VestedZeroNFT tokens can be directly stolen thr...
    • 29047 - [SC - Insight] Reward is lost when totalSupply
    • 29052 - [SC - Medium] Pool funds could be locked due to Division by zero
    • 29059 - [SC - Medium] Race condition in StakingBonus will result in s...
    • 29062 - [SC - Critical] Attacker can steal locked balance of staked nft...
    • 29068 - [SC - Medium] AaveOracle contract does not verify price stale...
    • 29069 - [SC - Medium] Ability to deny users from repaying and supplyi...
    • 29078 - [SC - High] Theft of unclaimed yield due to the wrong calcu...
    • 29095 - [SC - High] The lockers supply can be arbitrarily inflated ...
    • 29101 - [SC - High] Staking in BaseLocker is broken
    • 29103 - [SC - Critical] Omnichain Stakers can permanently lose access t...
    • 29120 - [SC - High] Bug in reward distribution logic leads to theft...
    • 29121 - [SC - High] Any rewards sent to the PoolVoter will be undis...
    • 29122 - [SC - High] All reward tokens can be stolen by an attacker ...
    • 29123 - [SC - Medium] Griefing attack for VestedZeroNFT
    • 29130 - [SC - Medium] Unlimited Minting of VestedZeroNFT
    • 29135 - [SC - Critical] OmnichainStakingsolunstakeLP and OmnichainStaki...
    • 29137 - [SC - High] ZeroLend token is not behaving properly while c...
    • 29139 - [SC - Medium] Griefing attack to cause users to suffer penalt...
    • 29145 - [SC - High] zeroLendToken is bricked to use for whitelisted...
    • 29149 - [SC - Insight] DoS in Zero Registry configuration updation
    • 29170 - [SC - Medium] DoS by front-runnable externall call
    • 29175 - [SC - Insight] Granting DEFAULT_ADMIN_ROLE to the deployer in ...
    • 29181 - [SC - High] Tautology in PoolVoterregisterGauge makes it im...
    • 29186 - [SC - Insight] ValidationLogicvalidateBorrow - L-L Incorrect i...
    • 29188 - [SC - Insight] StakingBonuscalculateBonus wrongly utilizes BPS
    • 29189 - [SC - High] ZeroLendToken doesnt allow whitelisted users to...
    • 29190 - [SC - Insight] Permanent freezing of up to wei of yield each ...
    • 29198 - [SC - Medium] Griefing attack to cause the rewards of a user ...
    • 29204 - [SC - Critical] Direct theft of Users VestedZeroNFT by using sp...
    • 29211 - [SC - Critical] Voting manipulation cause by the possibility to...
    • 29213 - [SC - High] The function always revert if _stakeNFT True d...
    • 29225 - [SC - Insight] EarlyZEROVesting is having a rounding issue and...
    • 29244 - [SC - Insight] Using permit inside the function can lead to Do...
    • 29249 - [SC - Insight] Using permit inside the function can lead to Do...
    • 29262 - [SC - Insight] Some users can get more rewards than others whi...
    • 29267 - [SC - High] Wrong implementation causing some functions in ...
    • 29270 - [SC - High] The main functionality of the contract EarlyZER...
    • 29286 - [SC - Medium] MultiSigWalletremoveOwner - L The bug allows th...
    • 29288 - [SC - Critical] all NFTs can be stolen by calling VestedZeroNFT...
    • 29322 - [SC - Insight] Use safeTransfer instead of transfer
    • 29328 - [SC - Insight] zkSync ACLManager EOA as EMERGENCY_ADMIN
    • 29329 - [SC - Insight] Manta ACLManager EOA as EMERGENCY_ADMIN
    • 29331 - [SC - Insight] Manta ACLManager EOA as RISK_ADMIN
    • 29332 - [SC - Insight] Manta ReservesSetupHelper EOA as owner
    • 29342 - [SC - Insight] Lack of chainID validation allows reuse of sign...
    • 29344 - [SC - Insight] Price assets deposited manipulation
  • Swaylend | IOP
    • #35853 [SC-Medium] permissonless constructor always for front-running owner initialization.
    • #36034 [SC-Medium] truncation in the `present_value_borrow()` can lead to loss of accrued borrow interests.
    • #35908 [SC-Low] If the collateral token''s decimal is <= the base token decimal in a market, `collateral_value_to_sell()` will always revert & `available_to_borrow()` will return a wrong amount tha...
    • #35732 [SC-Low] Withdrawals can not be paused which could lead to protocol insolvency in case of issues
    • #35768 [SC-Insight] `Market.set_pyth_contract_id` should emit an event
    • #35831 [SC-High] By bypassing base_borrow_min limitation borrows can create inabsorbable loans
    • #35684 [SC-Critical] Incorrect Pyth Oracle Price Feed Process Leads to Wrong Collateral Value Calculation
    • #36158 [SC-Low] `Market.collateral_value_to_sell` will always revert if collateral_configuration
    • #36138 [SC-Insight] `Market.update_collateral_asset` should reuse old configuration's `asset_id`
    • #36137 [SC-Medium] `absorb_internal` might be DOSed
    • #36117 [SC-High] Permanent freezing of tokens when user sends extra tokens as update fee
    • #36108 [SC-Insight] `recipient` with a NULL address will lead to permanent loss of minted coins
    • #35724 [SC-Low] Users can withdraw collateral even when the admin pauses the contract.
    • #36065 [SC-Insight] `Market.update_market_configuration` should reuse old configuration's `base_token.decimals`
    • #35815 [SC-Medium] `Market.present_value_borrow` should be roundUp
    • #35760 [SC-Low] `market::available_to_borrow()` compares the collateral in USD against the borrow in base units
    • #35758 [SC-Critical] Loss of yield to the protocol due to incorrect interest rate applied
    • #35999 [SC-Insight] Incorrect event name
    • #35750 [SC-High] User loss due to Pyth oracle update fee being smaller than the msg amount sent
    • #35794 [SC-Insight] `Market.absorb` can be called when `Market.supply_collateral` is paused
    • #35767 [SC-Critical] constanct value is used to check `price.confidence`
    • #35876 [SC-High] Users will lose funds on calls to critical functions if the prices are not updated
    • #35793 [SC-High] `src-20.burn` should use "==" instead of ">="
    • #35761 [SC-Low] Unhandled smaller base decimals than 6 or bigger than the collateral's decimals
    • #35708 [SC-Insight] Adding too many collaterals will halt the protocol operation
  • Acre
    • #34836 [SC-Medium] Malicious party can make it impossible for debt to be completely repaid by donating a few tbtc to `stBTC.sol`
    • #34959 [SC-Low] `mintDebt` returns a wrong value
    • #35014 [SC-Low] incorrect rounding in mintdebt function might allow minimal shares dilution
    • #34978 [SC-Low] protocol runs insolvent due to incorrect reliance on depositbalance which doesn t match holder balances
    • #35026 [SC-Low] `repayDebt` in stbtc returns a worng value
    • #34995 [SC-Low] `mintDebt()` and `repayDebt()` should return `assets` and not `shares`
    • #34712 [SC-Medium] Malicious users can block repay debt transactions with no cost
    • #34998 [SC-Insight] Deposited assets in an old dispatcher may be lost when swapping to a new dispatcher
    • #34672 [SC-Low] Protocol runs insolvent due to incorrect reliance on depositBalance which doesn't match holder balances
    • #34999 [SC-Low] The tBTC in the MezoAllocator itself is not considered in the withdrawal function
    • #34748 [SC-Low] Last withdrawer can be prevented from withdrawing their assets
    • #34729 [SC-Low] `releaseDeposit` will likely fail, putting funds in MezoAllocator at risk of being permanently stuck
    • #34851 [SC-Low] Adversary can freeze users' fund in stBTC using donation attack on MezoAllocator
  • Shardeum Core II
    • #36029 [BC-Insight] Node.js crash on counterMap overflow
    • #35696 [BC-Critical] Specifically crafted penalty TX may cause total network shutdown.
    • #35694 [BC-Critical] Consensus can be bypassed by single validator node from transaction execution group
    • #35601 [BC-Critical] Consensus algorithm doesn't deduplicate votes, allowing a malicious validator to completely falsify transactions
    • #35695 [BC-Critical] validateTxnFields check for internal transactions can be bypassed
    • #35531 [BC-Critical] Absence of signature deduplication for receipt in the binary_repair_oos_accounts P2P handler
    • #36024 [BC-Insight] Use of Vulnerable function results in prediction of archivers
    • #35965 [BC-Insight] Unverified data in safety sync
    • #35707 [BC-Critical] Reusing old transaction receipt to rollback account balance
    • #35415 [BC-Insight] [Informational] debugMiddleware query parameters can be partially modified by request submitter or via MITM
    • #35839 [BC-Critical] Slash avoidance: Ineffective controls on unstaking allow unstaking before taking an action that should be slashed
    • #35526 [BC-Critical] An attacker can change the account balance after the transaction has been processed.
    • #35641 [BC-Insight] node p2p remote denial of service
    • #35697 [BC-Insight] [Informational] Code logic contains potential risk of full network shutdown
    • #35710 [BC-Insight] addressToPartition input is unsanitized, allowing to take whole network down
  • Shardeum Ancillaries II
    • #35598 [W&A-Insight] Access to debug endpoints without any protection
    • #35351 [W&A-Insight] Password Length Bypass in Shardeum Authentication System
    • #35537 [W&A-Insight] json rpc server websocket remote crash
    • #35996 [W&A-Insight] malicious explorer can cause denial of service in json rpc server and even cras
    • #35979 [W&A-High] malicious archiver malicious validator can overwrite data on any active archiver
    • #36025 [W&A-Critical] A malicious validator can overwrite the account data of any archive server connected to it.
    • #35452 [W&A-High] Admin Panel Accessed
    • #36005 [W&A-Insight] Reflected URL Manipulation and Phishing Risk
    • #35972 [W&A-Insight] Operator-GUI Weak JWT Token Generation Led To Generate same JWT Tokens Even if The User Has it's Unique "nodeId"
    • #35447 [W&A-High] Zero Click Full Account Takeover
    • #35446 [W&A-Insight] IDOR Able to change other user information
    • #35903 [W&A-High] SQL Injection Allows a Malicious Archiver to Overwrite Receipt/originalTxData Database on Any Active Archiver in the Network
    • #35824 [W&A-Medium] `/set-config` replay attack is possible in production mode after archiver restart
    • #35157 [W&A-Insight] Unauthorized Access to Shardeum Config Store using default credentials
    • #35709 [W&A-Critical] Potential DoS of archiver-server during network restoration via get_account_data_archiver call
    • #35534 [W&A-Insight] json rpc server remote crash
  • Anvil
    • #36303 [SC-Medium] attackers can cause griefing attack to cause stake transactions of timebasedcolla
    • #36501 [SC-Medium] Signature Front-Running Vulnerability in CollateralVault
    • #36268 [SC-Medium] stake with signature can be front-run lead to user's stake failed
    • #36267 [SC-Insight] tokens can be stuck forever in uniswapliquidator because function retrievetokens
    • #36136 [SC-Insight] Fee calculation error in withdraw function of collateralVault contract
    • #36092 [SC-Insight] Collateralizable Contracts May Retain Status Unconditionally
    • #36540 [SC-Insight] users can withdraw funds at incorrect fee rate
    • #36567 [SC-Insight] Anyone can cancel anyone's LOC
    • #36554 [SC-Critical] Time Based Collateral Pool Users can release more than their due share of the pool, drawing from the due share of other users
    • #36552 [SC-Medium] DoS for the user's calling `stake` and `stakeReleasableTokensFrom` function
    • #36532 [SC-Medium] Frontrun to invalidate collateralizable approval signature
    • #36306 [SC-Insight] Incorrect nonce value emitted in `TimeBasedCollateralPool::_resetPool` event
    • #36475 [SC-Medium] Token allowance signature can be front-run
    • #36450 [SC-Low] contract timebasedcollateralpool will be unable to process new user transactions
    • #36346 [SC-Insight] Typehash Discrepancy in CollateralizableTokenAllowanceAdjustment
    • #36340 [SC-Insight] TimeBasedCollateralPool::_resetAccountTokenStateIfApplicable does not adjust tokenEpochExitBalances after redeeming the account's unstake Units
    • #36309 [SC-Low] TimeBasedCollateralPool: After _resetPool gets called (internally) a depositor can break most functionalities of the smart contract
  • Anvil: Letters of Credit
    • #36807 [SC-Critical] attackers can create dynamic loc with any credited amount with very small co...
    • #36931 [SC-Critical] critical creators can modifyloccollateral of dynamic loc to release ....
    • #36910 [SC-Critical] LoC: The creator can withdraw the entire collateral of a Dynamic LoC making it insolvent
    • #36970 [SC-Insight] Missing `_disableInitializer()` implementation
    • #36999 [SC-Insight] Incomplete Adjustment of `globalAmountInDynamicUse` During LOC Liquidation Causes Accumulated Dust and DoS Risk
  • Fluid Protocol
    • #36922 [SC-Insight] the function claim_collateral in borrowOperation have read only attribute while the invoked claim_collateral function have write attribute, this lead to compiler-time error
    • #37056 [SC-Insight] `require_at_least_min_net_debt` did not emit correct error message
    • #37139 [SC-Insight] insight inefficient use of storage reentrancy locks
    • #37192 [SC-Low] Trove that under MCR might be redeemed.
    • #37276 [SC-Medium] Redstone's price feed is used incorrectly.
    • #37202 [SC-Insight] some checks can be removed since its not required(best practice report, not an issue)
    • #37283 [SC-Low] Improper Trove Validation Check Allows Low-Cost Griefing Attack to Block Protocol Redemptions
    • #37343 [SC-Insight] inaccurate check leading to debt miscalculation
    • #37323 [SC-Critical] Permanent dead Lock in internal_redeem_collateral_from_trove
    • #37354 [SC-Low] Single below MCR trove temporarily blocks redemptions
    • #37382 [SC-Insight] Inconsistent Collateral Ratio Checks in Stability Pool Withdrawals Lead to Fund-Locking DoS
    • #37409 [SC-Low] Can not redeem when all `current_cr` less than `MCR`.
    • #37425 [SC-Insight] redeem collateral does not redeem collateral from riskiest trove but wrongly redeem
    • #37452 [SC-Critical] `trove-manager-contract.redeem_collateral_from_trove` can be locked forever
    • #37595 [SC-Insight] `require_caller_is_bo_or_tm_or_sp_or_pm` did not emit correct message
    • #37607 [SC-Low] bricking redeem function
    • #37624 [SC-Critical] lock issue bricks the redeem functionality
    • #37650 [SC-Low] redeem functionality partially failing
    • #37668 [SC-Low] Incorrect Scale Factor value leads to early scale change
    • #37671 [SC-Critical] CRITICAL-02 / The contract could be permanently locked due to not reseting the boolen lock
  • Folks: Liquid Staking
    • #37660 [SC-High] incorrect tracking of `TOTAL_ACTIVE_STAKE` leads to permanent freezing of funds
    • #37661 [SC-High] Incorrect `total_active_stake` reduction causes loss of funds for the users and excessive fees collection over time
    • #37768 [SC-Insight] Missing Event Emission when proposer are added prevents safe retrieval of index for subsequent operations
    • #37775 [SC-High] Accounting Discrepancy in `consensus_v2.py::burn()`can potentially cause underflow and lead to temporary Denial of Service and a deliberate DOS Attack
    • #37791 [SC - Insight] consensus contract distributes algo for proposers that are offline that cause losing of reward
    • #37807 [SC-Insight] Truncation of mint_amount to zero leading to potential stake loss
    • #37852 [SC-High] The accumulation of rewards is being decreased from the active stake which could leave out users unable to redeem xAlgo
    • #37854 [SC-Insight] Missing state validation upon Upgrade
    • #37864 [SC-Insight] Over-charging users on delayed mint
    • #37863 [SC-High] Underflow in burn method prevents all xALGO from being burnt
    • #37867 [SC-Low] Contract upgrade failing due to SHA256 failing because of AVM byte width limits
    • #37889 [SC-High] Underflow in `burn()` function will cause user funds to partially frozen
    • #37903 [SC-High] "Potential Underflow Vulnerability in burn Function for total_active_stake_key"
    • #37893 [SC-Insight] inflation attack in xalgo
    • #37940 [SC-High] freezing of user funds when reward accumulated or added
  • Jito Restaking
    • #36675 [SC-Insight] Missing revoke instruction leads to Old delegate accounts have unlimited number of token allowance
    • #37315 [SC-High] Theft of Unclaimed Yields Due to Improper Reward Distribution in Vault Program
    • #36787 [SC-Insight] The vault program don't support token2022 transfer
    • #36903 [SC-High] The vault reward mechanism can be sandwiched by MEV
    • #37079 [SC-Insight] Withdrawals can be DOSed by reviving tickets in the same burn tx
    • #37311 [SC-High] Attackers can steal rewards by depositing, updating vault balance and withdrawing immediately after a large reward is deposited
    • #37295 [SC-High] Rewards can be stolen by depositing immediately after reward tokens get sent to vault
    • #37314 [SC-High] Vault creators can not withdraw their fees without being recursively charged (vault and program) fees on their own fees which causes permanent loss of funds
  • SwayLend frontend
    • #37822 [W&A-Insight] insight incorrect amounts displayed to foreign users
    • #37196 [W&A-Insight] DOS due to Misleading 'CircularProgressBar' Display Due to Rounding of 'supplyUsed"
  • Celo
    • #37058 [SC-High] Theft of remuneration through claims processing loops.
    • #37010 [SC-High] Rollback of the incorrect state interferes with the progress of the epoch process, prevents the user from receiving rewards, blocks the launch of the associated contract function, etc
    • #37206 [SC-Medium] Overflow due to lack of checks leading to incorrect price calculation
    • #37251 [SC-Critical] Fraudulent padding of governance voting power
    • #37285 [SC-Critical] Incorrect Delegation State After Slashing in LockedGold Contract
    • #37391 [SC-High] Early Reward Accrual Undermines Validator Group Performance Incentives
    • #37443 [SC-Insight] Race Condition in KeyedBroadcaster Implementation
    • #37427 [SC-Critical] Delegation is not updated on slash and unlock
  • Stacks I Attackathon
    • #38516 [BC-High] Signer can censor transactions and halt the network by providing an invalid nonce or too many nonces
    • #37545 [BC-Medium] Deposits with a lock_time of 16 cannot be processed
    • #38003 [BC-Medium] A malicious coordinator calling `Emily::update_deposits` can make the entire Signers network inoperable
    • #37479 [BC-High] A single signer can lock users' funds by not notifying other signers of the executed `sweep` transaction
    • #38398 [BC-High] Malicious Signers can initiate repeated contract calls to cause the multi-sign wallet to lose tx fee
    • #37530 [BC-Insight] Deposits can be completely DoSed due to incorrect transaction construction
    • #38160 [BC-Insight] Governance calling `sbtc-registry.update-protocol-contract` may cause Stacks' events to be ignored by the signer
    • #37500 [BC-Low] Blocklist can be circumvented due to incorrect blocking logic in `request_decider::can_accept_deposit_request`
    • #38690 [BC-Insight] A malicious coordinator can run multiple DKG coordination in parallel and manipulate their order to break the signers network
    • #38270 [BC-Medium] A signer can send a large number of junk `WstsNetMessage::NonceRequest` through P2P to make other signers run out of memory
    • #38223 [BC-Insight] Attackers can disrupt the tag order of gossip messages to bypass signature verification
    • #37470 [BC-Medium] SBTC Signers do not page through pending deposit requests making it trivially easy to block legit deposits by spamming Emily API
    • #38551 [BC-Medium] A signer can request stacks tx nonces in batches in advance and then DoS other signers' sBTC contract calls
    • #38111 [BC-High] Attackers can send a very large event in a Stacks block so that the Signer can never get the Stacks event
    • #38477 [BC-High] A single signer can abort every attempted signing round by providing an invalid packet once the coordinator requests signature shares
    • #38460 [BC-Low] The coordinator can set a higher BTC tx fee than the current network to make users to pay more fees to the BTC miner
    • #37384 [BC-Medium] Attacker can front-run call to emily api with incorrect data, preventing legit user from registering their deposit
    • #38133 [BC-Medium] A rogue Signer can censor any deposit request from being processed and fullfilled on the Stacks blockchain
    • #38053 [BC-High] A single signer can continuously prevent signatures from being finalized, halting network operations
    • #38740 [BC-High] The missing check in Deposits::DepositScriptInputs::parse() permits losing funds by sending them to an invalid principal
    • #38030 [BC-Insight] Coordinator can be crashed by signers on DKG
    • #38028 [BC-Low] There is a Partial Network Degradation Due to DynamoDB GSI Throttling Under High Traffic
    • #38458 [BC-Critical] The coordinator can submit empty BTC transactions to drain BTC tokens in the multi-sign wallet
    • #38671 [BC-Insight] Signer key rotation is not possible due to deadlock between submitting key rotation to Stacks and retrieving it
    • #38392 [BC-High] Signer can steal STX tokens in multi-sign wallet by setting a high stacks tx fee
    • #37861 [BC-Critical] SBTC Signer WSTS implementation allows nonce replays such that a malicious signer can steal all funds
    • #38605 [BC-Low] Lack of fee_rate/last_fees validation in handle_bitcoin_pre_sign_request ebables rogue signer to cause financial loss to depositors
    • #38582 [BC-High] The `BitcoinCoreClient::get_tx_info` does not support coinbase transactions, which may cause sBTC to be attacked by btc miners or sBTC donations to be lost
    • #37814 [BC-High] Signers can crash other signers by sending an invalid `DkgPrivateShares` due to missing check before passing the payload to `SignerStateMachine::process`
    • #37777 [BC-Medium] `Emily.create_deposit` can overwrite any deposit to the Pending state
    • #37811 [BC-High] Missing length check when parsing `SignatureShareRequest` in the signers allows the coordinator to halt other signers, shutting down the network
    • #37718 [BC-High] Key rotations bricks the system due to incorrect `aggregate_key` being used to spend the `peg UTXO` when signing a sweep transaction
  • Lombard
    • #38012 [SC-Insight] Unused Function in CLAdapter Contract
    • #38066 [SC-Medium] `ProxyFactory` is vulnerable to DoS/Address Hijacking
    • #38102 [SC-Insight] Due to incorrect design in `BasculeV2::validateWithdrawal` valid transactions will be reverted, which will make protocol unable to mint tokens
    • #38116 [SC-Insight] Partner vaults don't account for FireBridge fees, forcing LBTC burn to never work
    • #38137 [SC-Low] `RateLimits` library incorrectly reset the consumed amount when the limit is updated
    • #38148 [SC-Insight] Unnecessary Storage Pointer Declaration batchMintWithFee
    • #38154 [SC-Medium] The offchain data provided to the CLAdapter isn’t properly validated and can be from a different CCIP message, resulting in the freezing of funds
    • #38189 [SC-Insight] Attacker can grief calls to `lbtc.mintWithFee()`
    • #38231 [SC-Low] Due to incorrect design in `Consortium::setNextValidatorSet` the validator set could not be set in certain valid scenarios
    • #38225 [SC-Insight] user funds will get stuck if `removeDestination` executes before notarization and withdraw.
    • 38286 [SC-Low] bitcoinutils getdustlimitforoutput calculate wrongly the dust limit for a given bitcoin script public key
    • #38257 [SC-Insight] Freezing of msg.value passed in Bridge.deposit() if adapter is address zero
    • #38341 [SC-Insight] Suboptimal gas usage and ambiguous behavior during fee estimation
    • 38335 [SC-Medium] attacker can exploit partnervault mint small amount to cause lbtc depeg or protocol insolvency
    • #38342 [SC-Medium] Interchanging `offchainTokenData` between two valid messages
    • #38363 [SC-Medium] LBTC cross-chain transfer can be DOSed
    • #38344 [SC-Low] Old validated messages can not pass proof check when new validators are set
    • #38634 [SC-Medium] Insufficient validation on offchainTokenData in TokenPool.releaseOrMint allows CCIP message to be executed with mismatched payload potentially leading to loss of funds in cross-ch...
    • #38370 [SC-Insight] Issue Between Comment and Code in Consortium
    • #38644 [SC-Insight] Q&A
  • Butter
    • #39181 [SC-Insight] Bond Fund will be Lost When Question is Asked Again
    • #39153 [SC-Insight] Unauthorized Token Creation and Minting Vulnerability
    • #39243 [SC-Insight] Misleading Comment in merge Function Regarding Token Transfers to wrapped1155Factory
    • #39271 [SC-Insight] Check `numericAnswer` before external call to check answer is valid or not
    • #39487 [SC-Insight] flatCfmImplementation and conditionalScalarMarketImplementation contracts can be initialized by anyone
    • 39495 [SC-Low] flatcfm cannot be resolved in case answer of questionid are in greater or equal to 2 outcome count and answer 2 outcome count is 0
    • #39528 [SC-Insight] Lack of Validation for Min and Max Values in FlatCFMFactory leads to wrong payouts
    • #39524 [SC-Insight] Incorrect Outcome Formatting in Reality Adapter Leads to Wrong Number of Outcomes
    • #39539 [SC-Insight] Insufficient validation of tokens when created in `PlayCollateralTokenFactory::createCollateralToken`
  • Zano IOP
    • #41027 [BC-Insight] Breaking asset surjection proof assumptions
    • #40530 [W&A-High] JWT Salt Expiration isn't entirely correct in wallet_rpc_server::auth_http_request
    • #40990 [BC-Insight] Security best practices
    • #40970 [BC-Insight] Double spending by using 0-point stealth address and signature elements in CLSAG-GGX proof verification
    • #40794 [W&A-Insight] Unsecured Wallet Voting Configuration Allows Unauthorized Vote Manipulation Despite Password Protection
  • Shardeum Ancillaries III
    • #39360 [W&A-Insight] getRandomActiveNodes may return inconsistent results
    • #39993 [W&A-Low] node-fetch without response limit
    • 39829 [W&A-Critical] dos archiver via data subscription channel due to broken safestringfy
    • #40004 [W&A-Critical] Multiple vulnerabilities in signature verification during receipt processing on the archiver server
    • #39942 [W&A-Medium] Archiver is still vulnerable to replay attack to `/set-config`
    • #39980 [W&A-Critical] Malicious validator can inject its own cycle record into connected archiver
    • #39434 [W&A-Critical] Improper serialization can create an out-of-memory (OOM) issue on the archive server.
    • 39944 [W&A-Insight] incorrect default configuration leading to dead code
    • 39893 [W&A-Critical] malicious validator can modify txid in global transactions
    • #39910 [W&A-Medium] Numerous replay attacks (with arbitrary data) to protected endpoints are possible
    • 39872 [W&A-Critical] bypass receipt signing validation
    • #39814 [W&A-Low] Prevent new validators from joining the network by a DOS of the archiver
    • #39284 [W&A-Medium] Arbitrarily set any archiver config and remotely turning it off
    • #39109 [W&A-Insight] syncStateDataGlobals will not work, effectively DoS'ing nodes
    • #39623 [W&A-Low] Blocking the victim's account address from sending transactions via JSON-RPC
    • 39626 [W&A-Critical] malicious validator can overwrite any cycle data
    • #39820 [W&A-Medium] Blocking all users from interacting with particular contracts/protocols via JSON-RPC server
  • Shardeum Core III
    • #39873 [BC-Critical] Lack of validation of node activation time in `InitRewardTimes` allows to steal rewards
    • #39811 [BC-Critical] inducing large memory allocation via join endpoint
    • #39921 [BC-Critical] accountDeserializer isn't type safe
    • #39913 [BC-Medium] No rate Limiting in resource-intensive endpoint
    • #39885 [BC-Critical] Signature forgery on behalf of network nodes using binary_sign_app_data endpoint
    • #39876 [BC-Critical] Receiving rewards multiple times for the same period
    • #39871 [BC-Critical] Lack of consensus voting in best cycle calculation allows a malicious validator to fake cycle data and crash all nodes
    • #39838 [BC-Critical] Bypass certificate signing validation by double counting signatures due to signature malleability
    • #39813 [BC-Critical] Bypass `SetCertTime` transaction signature check #2
    • #39103 [BC-Insight] Unchecked data size in "getStakeTxBlobFromEVMTx()" can use lots of CPU resources
    • #39791 [BC-Critical] Filling the queue with "setCertTime" stop the network from processing new transactions
    • 39679 [BC-Critical] bypass certificate signing validation by double counting signatures due to ignor
    • #39678 [BC-Critical] Bypass certificate signing validation by double counting signatures due to capitalization
    • #39675 [BC-Critical] Reward Exploitation via Unvalidated Node Status in "initRewardTX"
    • 39164 [BC-Insight] service point exhaustion
    • #39875 [BC-Critical] Lack of validation of node deactivation time in `ClaimRewards` allows to steal rewards
    • 39882 [BC-Insight] data unsubscribe same node replay
    • 39027 [BC-Insight] abusive join request handler node
    • #39149 [BC-High] EIP-2930 transactions with 20k-address overload the nodes and force the network into "safety" mode
    • #39850 [BC-Medium] Bypass TransferFromSecureAccount transaction validations
    • #39507 [BC-Critical] Insufficient validation on ClaimReward transaction allows attacker to claim an inflated reward OR prevent all nodes from being rewarded
    • #39364 [BC-Critical] Trusting heavily on "appData" enables infinite SHM duplication through double-spend exploit
    • 39355 [BC-Critical] tricking legit node to sign their own apoptosis request payload
    • #39812 [BC-Critical] Bypass `SetCertTime` transaction signature check #1
    • #39994 [BC-Critical] Tricking nodes into signing nearly-arbitrary data
    • 40005 [BC-Critical] removal of node out of network via remove by app gossip and signature duplicat
    • #39973 [BC-Critical] Standard node rewarding flow can be blocked
    • #40000 [BC-Critical] Improper input validation in fixDeserializedWrappedEVMAccount leads to DOS and total network shutdown
    • #39511 [BC-Critical] malicious node can drain balance of other node s nominator evm address
    • #39463 [BC-Insight] `multiSendWithHeader` and `sendWithHeader` have JSON injection vulnerability
    • #39395 [BC-Medium] got.get without response limit
    • #39465 [BC-Critical] Lack of authorization on InitClaimReward transaction allows attacker to prevent all nodes from being rewarded
    • #39752 [BC-Insight] There is an issue related to incorrect version parsing and comparison logic lead to incorrect node validation,
    • #39191 [BC-Critical] JoinRoute: Attacker reachable input serialization
    • #40007 [BC-Critical] Drain node staking account due to improper validation of SetCertTime internal transaction
    • #39979 [BC-Critical] Total network shutdown via fixDeserializedWrappedEVMAccount call through binary_repair_oos_accounts endpoint
  • IOP CircuitDAO
    • #43705 sc critical attackers can exploit lack of validation in byc coin issuance pro
    • #44355 sc high announcer owner can inflate announcers registry entries via mutate and register loop
    • #44324 sc medium atom announcer owner can nulify financial penalty
Powered by GitBook
On this page
  • #43705 [SC-Critical] Attackers can exploit Lack of Validation in BYC Coin Issuance Process to Issue arbitrary amount of BYC Coin
  • Description
  • Short summary
  • Background Information
  • The vulnerability
  • Severity assessment
  • Proof of Concept
  • Proof of concept

Was this helpful?

  1. IOP CircuitDAO

#43705 sc critical attackers can exploit lack of validation in byc coin issuance pro

PreviousIOP CircuitDAONext#44355 sc high announcer owner can inflate announcers registry entries via mutate and register loop

Was this helpful?

#43705 [SC-Critical] Attackers can exploit Lack of Validation in BYC Coin Issuance Process to Issue arbitrary amount of BYC Coin

Submitted on Apr 10th 2025 at 07:33:14 UTC by @perseverance for

  • Report ID: #43705

  • Report Type: Smart Contract

  • Report severity: Critical

  • Target: https://github.com/immunefi-team/CircuitDAO-IoP/tree/main/circuit_puzzles

  • Impacts:

    • Protocol insolvency

    • Permanent significant depeg of stablecoin (BYC), e.g. by forcing undercollateralization

Description

Short summary

The BYC coin issuance process in the Circuit DAO protocol allows users to borrow BYC coins while providing collateral. However, there is a critical vulnerability in the validation process that could allow attackers to exploit Lack of Validation of amount in byc_issuing_coin_info BYC Coin Issuance Process to Issue arbitrary amount of BYC Coin. This attack can also depeg BYC because BYC will be under collaterized.

Background Information

In the case of BYC Issuance, the delta is 0. (please note delta is extra_delta mentioned in docs: https://chialisp.com/cats/ ).

This is correct according to the design and explanation of Circuit DAO team explanation.

anyone can create a new BYC coin on-chain by simply spending a standard XCH coin and giving it the puzzle hash of a BYC coin, but this coin is unspendable unless it's tail is revealed, which ensures that the spend is allowed. if it is, the child coin of the issuance coin is 'issued', i.e. it can now be spent via inner puzzle & solution only as its parent coin is now a CAT. The delta (called extra delta in the documentation) is 0 in case of an issuance because the issuance coin has the same amount as the issued coin.

The flow of code is as below:

  1. So when a user want to borrow BYC, he create a Vault and deposit XCH into the Vault as Collateral. The puzzle will call the vault_borrow with some input parameters.

Here we focus on 2 input parameters:

  • borrow_amount : The amount user want to borrow

  • byc_issuing_coin_info : as commented is the BYC issuing coin information : parent_id amount inner_puzzle_hash . Please note that amount is the amount of BYC that was issued

https://github.com/immunefi-team/CircuitDAO-IoP/blob/d2c3171f08864c29fdd436e25a39c95b371df860/circuit_puzzles/programs/vault_borrow.clsp#L1-L20

;; Mint BYC to borrow and update the principal and other state variables accordingly
(mod
  (
    CAT_MOD_HASH BYC_TAIL_MOD_HASH RUN_TAIL_MOD_HASH
    (@ VAULT_STATE
      (
       COLLATERAL PRINCIPAL AUCTION_STATE INNER_PUZZLE_HASH
       STATUTES_STRUCT DISCOUNTED_PRINCIPAL statutes_puzzle_hash
      )
    )
    (@ args
      (
         borrow_amount ; amount of byc to be issued to borrower ; @audit borrow_amount 
         minimum_debt_amount liquidation_ratio price_info
         byc_issuing_coin_info  ; -> (parent_id amount inner_puzzle_hash) ; @audit amount is the amount of BYC that was issued
         statutes_cumulative_stability_fee_df
         current_stability_fee_df current_timestamp
      )
    )
  )
  1. The Vault coin will verify the borrow_amount that should be backed by enough collateral and the ratio is lower than the configured LTV (Loan to Value) ratio. After the verification done, the Vault will send the message to issue the BYC as below

https://github.com/circuitdao/puzzles/blob/ad9df3df71048c96b7511fd1ec20b1b41c1b5b88/circuit_puzzles/programs/vault_borrow.clsp#L69-L75

; signal to tail that it can issue BYC with certain amount
          (list SEND_MESSAGE 0x3f
            (concat PROTOCOL_PREFIX
              (sha256tree (c STATUTES_STRUCT (c "i" borrow_amount)))
            )
            byc_issuing_coin_id
          )

https://github.com/circuitdao/puzzles/blob/ad9df3df71048c96b7511fd1ec20b1b41c1b5b88/circuit_puzzles/programs/vault_borrow.clsp#L48-L57

    ; calculate the coin id for the new BYC coin by enforcing the tail hash
    byc_issuing_coin_id (calculate-byc-coin-id
      CAT_MOD_HASH
      byc_tail_hash
      (list
        (f byc_issuing_coin_info)
        (r byc_issuing_coin_info)
        RUN_TAIL_MOD_HASH
      )
    )

So the byc_issuing_coin_id is important that only that BYC coin can receive the message. It is important to prevent unauthorized issuing of the BYC.

  1. Now as commented above by the CircuitDAO team, the BYC can be issued by anyone. But to spend the BYC, he need to reveal the tail that means run the tail.

https://github.com/immunefi-team/CircuitDAO-IoP/blob/d2c3171f08864c29fdd436e25a39c95b371df860/circuit_puzzles/byc_tail.clsp#L1-L20

(mod (RUN_TAIL_MOD_HASH ; fixed
      STATUTES_STRUCT
      Truths
      parent_is_cat
      lineage_proof
      delta
      inner_conditions
      (@ solution
        (
          vault_parent_id
          vault_mod_hash
          vault_curried_args_hash
          vault_amount
          statutes_inner_puzzle_hash
          approval_mod_hashes
          current_coin_amount
          new_byc_coin_amount ; new amount of BYC coin being issued or melted from
        )
      )
     )

And in this tail coin, the message is received or consumed.

https://github.com/immunefi-team/CircuitDAO-IoP/blob/d2c3171f08864c29fdd436e25a39c95b371df860/circuit_puzzles/byc_tail.clsp#L62-L73

(list RECEIVE_MESSAGE 0x3f
            (concat
              PROTOCOL_PREFIX
              (sha256tree
                (c STATUTES_STRUCT ; need to tie it to statutes struct
                  (c (if (> 0 delta) "x" "i")
                    (if (> 0 delta) delta new_byc_coin_amount)
                  )
                )
              )
            )
            vault_coin_id

So if the Tail coin run succesfully, means spent, then the BYC can be sent to the user and he can own the BYC and use as a stable coin with value of 1 USD.

The vulnerability

Vulnerability Details

I notice the vulnerability exists here is that the amount in byc_issuing_coin_info is not verified in the coin Vault_borrow coin.

In the vault_borrow, there is only verification against the borrow_amount.

In the byc_tail.clsp, the amount is also not verified against the new_byc_coin_amount.

So this bug enables the attacker to execute following attack in the POC section below.

Severity assessment

Bug Severity: Critical

Impact category:

Protocol insolvency

Permanent significant depeg of stablecoin (BYC), e.g. by forcing undercollateralization

Because the attacker can issue arbitrary amount of BYC .

Likelihood: High

  • No special privileges required

  • it is profittable so the likelyhood is high

Proof of Concept

Proof of concept

As explained in the report above.

Step 1: For example, using XCH to issue 10_000_000_000 BYC. This number 10_000_000_000 can be any number.

According to the comment from Circuit DAO team, this can be done by anyone.

1 CAT is 1000 mojo so it is cheap to do this, because  1 BYC later can be exchanged for 1 USD. 
The value of 1000 mojo is `10 USD / 10^9` with the price of XCH is 10.4 USD (https://www.spacescan.io/). 
So to mint 10_000_000_000 cost about 104 USD.

Step 2: Attacker create a Vault and deposit 1 XCH and borrow 1 BYC. This is valid because 1 XCH is 10.4 USD and he borrow only 1 BYC.

The attacker input the byc_issuing_coin_info with valid parent_id


borrow_amount = 1 
byc_issuing_coin_info ; @note amount =  10_000_000_000  

So the vault_borrow will send the message of with borrow_amount of 1 to the BYC coin.

Step 3: The attacker reveal the tail and send the BYC to his address

In the byc_tail the check for message will pass.

So the whole process will run succesfully.

The below mermaid and attached sequence diagram (generated from mermaid) helps to illustrate this bug.


sequenceDiagram
    participant Attacker
    participant Vault
    participant BYC_CAT
    participant BYCTail    

    Note over Attacker: Step 1: Create BYC Coin
    Attacker->>BYC_CAT: Create BYC Coin (10_000_000_000)
    BYC_CAT-->>Attacker: The coin 10_000_000_000 BYC created but cannot be spend. Need to reveal Tail
    Note over BYCTail: Anyone can create BYC coin<br/>Cost: ~104 USD (1000 mojo)

    Note over Attacker: Step 2: Create Vault & Borrow
    Attacker->>Vault: Create Vault & Deposit 1 XCH
    Attacker->>Vault: Request Borrow (1 BYC)
    Note over Vault: byc_issuing_coin_info:<br/>- parent_id: valid<br/>- amount: 10_000_000_000
    Vault->>Vault: Validate borrow_amount 
    Note over Vault: Validation passed:<br/>1 XCH = 10.4 USD > 1 BYC
    Vault->>BYCTail: Send Message to BYC Coin of byc_issuing_coin_info (borrow_amount = 1)
    

    Note over Attacker: Step 3: Reveal Tail & Spend
    Attacker->>BYCTail: Reveal Tail
    BYCTail->>BYCTail: Validate Message
    Note over BYCTail: Critical Issue:<br/>- No validation of amount in byc_issuing_coin_info<br/>- No check against borrow_amount
    BYCTail-->>BYCTail: Message Valid
    BYCTail-->>Attacker: The coin 10_000_000_000 BYC can be spend

    Note over Attacker: Step 4: Result
    Note over Attacker: Successfully issued 10_000_000_000 BYC<br/>with only 1 XCH collateral
    Note over Vault: Protocol state compromised:<br/>- Undercollateralization<br/>- BYC depegging risk
IOP | CircuitDAO