High
Solo
Total
Medium
Solo
Total
Total Earnings
#50 All Time
Payouts
1st Places
2nd Places
3rd Places
All
Sherlock
Code4rena
CodeHawks
Oct '23
high
Implied Volatility can be manipulated and takes a long time to recover, which can lead to bad debt
high
Oracle.sol: manipulation via increasing Uniswap V3 pool observationCardinality
high
Borrower.sol: Health check uses stale liabilities
medium
governor can permanently prevent withdrawals in spite of being restricted
medium
Couriers can be cheated out of earning fees due to frontrunning
medium
Lender.sol: Incorrect rewards accounting for RESERVE address in _transfer function
medium
Oracle.sol: observe function has overflow risk and should cast to uint256 like Uniswap V3 does
Jul '23
16.55 USDC • 2 total findings • CodeHawks • HollaDieWaldfee
#67
May '23
high
BalancedVault.sol: loss of funds + global settlement flywheel / user settlement flywheels getting out of sync
medium
Missing Sequencer Uptime Feed check can cause unfair liquidations on Arbitrum
medium
ChainlinkAggregator: binary search for roundId does not work correctly and Oracle can even end up temporarily DOSed
medium
Payoff definitions that can cross zero price are not supported
medium
BalancedVault.sol: Early depositor can manipulate exchange rate and steal funds
medium
BalancedVault.sol: claim can be impossible due to unsigned integer underflow
Mar '23
high
Staking, unstaking and rebalanceToWeight can be sandwiched (Mainly rETH deposit )
high
Reth.sol: Withdrawals are unreliable and depend on excess RocketDepositPool balance which can brick the whole protocol
high
`WstEth` derivative assumes a ~1=1 peg of stETH to ETH
high
Price of sfrxEth derivative is calculated incorrectly
high
Users can fail to unstake and lose their deserved ETH because malfunctioning or untrusted derivative cannot be removed
medium
DoS due to external call failure
medium
Missing derivative limit and deposit availability checks will revert the whole `stake()` function
high
Carousel: enlistInRollover function sets wrong rollover queue index in the case of updating an existing rollover which bricks the rollover functionality
high
Carousel: minting ERC1155 performs callback which can cause revert and brick rollover queue and deposit queue which leads to complete loss of funds in the deposit queue
high
Carousel: When a rollover is delisted it can prevent another rollover from being processed
high
Carousel.mintRollovers function loses all profit when rolling over
high
Carousel: Deposit fee can be bypassed
medium
ControllerPeggedAssetV2: `triggerEndEpoch` function can be called even if epoch is null epoch leading to loss of funds
medium
VaultFactoryV2.changeTreasury function does not set correct treasury
medium
VaultV2: `epochHasNotStarted` and `epochHasStarted` modifiers are not well-defined which can lead to loss of user funds
medium
VaultV2: Ongoing epoch can be managed by non-whitelisted controller
medium
Carousel: emission tokens are lost if epoch has no deposits (NULL epoch)
medium
Carousel.mintRollovers function: relayerFee that is subtracted from assets is too high
medium
ControllerPeggedAssetV2: outdated price may be used which can lead to wrong depeg events
high
Protocol breaks with collateral that does not have 18 decimals
high
Missing input validation for _rewardProportion parameter allows keeper to escalate his privileges and pay back all loans
medium
SwapHandler.sol: Check that collateral token cannot be swapped is insufficient for tokens with multiple addresses
medium
BaseVault: liquidationSurcharge amount is too high if collateralToLiquidate gets capped
Feb '23
high
HatsSignerGateBase: signers can add / remove / swap signers which bypasses the HSG logic and can lead to multiple bad outcomes including DOS and increased control over Safe
high
HatsSignerGateBase: valid signer threshold can be bypassed because HSG checks signatures differently from Safe which allows exploitation
high
HatsSignerGate + MultiHatsSignerGate: more than maxSignatures can be claimed which leads to DOS in reconcileSignerCount
high
HatsSignerGateBase: reconcileSignerCount function might set threshold too high
high
Safe can no longer execute transactions when module other than HatsSignerCreate enables a module
high
Signers can backdoor the Safe by swapping modules to execute any transaction in the future without consensus
high
HatsSignerGateBase: _removeSigner function may revert so it is not possible to remove a signer
high
Hats.sol: linkedTreeRequests entry should be deleted when unlinking
medium
Hats.uri function can be DOSed by providing large details or imageURI string or cause large gas fees
medium
Hats.balanceOfBatch returns wrong result
medium
HatsSignerGateFactory: Should revert if there are more than 5 existing modules
high
Attacker can deposit and refund NFT which leads to DOS in claim functionality
high
Attacker can fund bounty with malicious ERC20 and block payouts
high
Unbounded loop in BounyCore.getLockedFunds function leads to DOS in DepositManagerV1.refundDeposit function
medium
Anybody can fund bounty with worthless NFTs thereby not allowing any further NFT funding
medium
When tokenAddresses set has reached TOKEN_ADDRESS_LIMIT, tokens that are contained in the tokenAddresses set cannot be used for funding
medium
Remaining funds cannot be refunded after partial refund
Jan '23
high
Basket range formula is inefficient, leading the protocol to unnecessary haircut
medium
RecollateralizationLib: Dust loss for an asset should be capped at its low value
medium
BackingManager: rTokens might not be redeemable when protocol is paused due to missing token allowance
medium
attacker can prevent vesting for a very long time
medium
BackingManager: rsr is distributed across all rsr revenue destinations which is a loss for rsr stakers
medium
BasketHandler: Users might not be able to redeem their rToken when protocol is paused due to refreshBasket function
medium
StRSR: seizeRSR function fails to update rsrRewardsAtLastPayout variable
high
PerpDepository: rebalance function is unusable with sqrtPriceLimitX96 parameter unequal 0 (slippage protection cannot be enabled)
high
If a user approves USDC to PerpDepository, anyone can call rebalance and rebalanceLite
medium
PerpDepository: _rebalanceNegativePnlWithSwap function deposits USDC amount denominated in 1e18 to vault
medium
PerpDepository: user can lose funds in _rebalanceNegativePnlLite function due to partial order execution
medium
PerpDepository: getDebtValue function uses wrong formula to calculate result
Dec '22
high
MinipoolManager: node operator can avoid being slashed
high
Hijacking of node operators minipool causes loss of staked funds
high
node operator is getting slashed for full duration even though rewards are distributed based on a 14 day cycle
high
AVAX Assigned High Water is updated incorrectly
medium
TokenggAVAX: maxDeposit and maxMint return wrong value when contract is paused
medium
MinipoolManager: recordStakingError function does not decrease minipoolCount leading to too high GGP rewards for staker
medium
wrong reward distribution between early and late depositors because of the late syncRewards() call in the cycle, syncReward() logic should be executed in each withdraw or deposits (without reverting)
medium
slashing fails when node operator doesn't have enough staked `GGP`
medium
State Transition: Minipools can be created using other operator's AVAX deposit via recreateMinipool
medium
Inflation rate can be reduce by half at most if it get called every 1.99 interval.
medium
Bypass `whenNotPaused` modifier
medium
`requireNextActiveMultisig` will always return the first enabled multisig which increases the probability of stuck minipools
medium
Coding logic of the contract upgrading renders upgrading contracts impractical
high
Malicious user can steal all assets in BondNFT
high
Lock.sol: assets deposited with Lock.extendLock function are lost
high
Not enough margin pulled or burned from user when adding to a position
medium
`safeTransferMany()` doesn't actually use safe transfer
medium
`executeLimitOrder()` modifies open-interest with a wrong position value
medium
Unreleased locks cause the reward distribution to be flawed in BondNFT
medium
Lock.sol: claimGovFees function can cause assets to be stuck in the Lock contract
high
`LPDA` price can underflow the price due to bad settings and potentially brick the contract
high
`saleReceiver` and `feeReceiver` can steal refunds after sale has ended
medium
Sale contracts can be bricked if any other minter mints a token with an id that overlaps the sale
medium
Creator can still "cancel" a sale after it has started by revoking permissions in `OpenEdition` contract
medium
Escher721 contract does not have setTokenRoyalty function
medium
Use of `payable.transfer()` Might Render ETH Impossible to Withdraw
Nov '22
high
Vault_Synths: false calculation of USD debt allows under-collateralized loans
high
Depositor.sol: Funds can be withdrawn from any Depositor contract leading to loss of rewards and funds
high
Depositor.sol: Allowing withdrawals when Depositor is approved is unsafe and can lead to loss of funds
medium
Virtual price is not updated correctly which leads to less interest that needs to be paid