DateFindingImpact
October 8, 2024Deposit amount is not validated against message funds Critical October 8, 2024The FEE_COLLECTOR address can drain dojoswap_pair contracts High October 8, 2024Final withdraw sends tokens to itself Low October 8, 2024Address-string comparison Low October 8, 2024Fewer tokens sent than required in migrate_staking Low September 20, 2024Anyone can vote on any majority amendment proposal with arbitrary voting power High September 20, 2024Incorrect calculation about voting power Medium September 20, 2024RestrictedTokenAllocation lacks repurchase deadline check Medium September 20, 2024Accumulation of vested or unlocked tokens Medium September 20, 2024The authority may not be able to recreate a set Low September 20, 2024The updateFunctionCondition function does not check the return value of checkCondition Low September 20, 2024Misleading exercisePrice comment Low September 20, 2024The function removeMilestone does not remove milestones from the array Low September 20, 2024Possibility for users to buy tokens from MetaVesT for free High September 20, 2024Incorrect calculation in terminate function High September 20, 2024Reward tokens corresponding to removed milestones are locked Critical September 20, 2024Unable to unlock milestone High September 20, 2024The grantee cannot revoke consent to the amendment Medium September 20, 2024The authority can execute majority-consented proposals with arbitrary data High September 20, 2024Removing confirmed milestones is possible High September 20, 2024The function proposeMajorityMetavestAmendment cannot identify expired proposals High September 16, 2024Direct usage of transferFrom Medium September 16, 2024Unneeded receive function Low September 6, 2024NFT boosting can be applied multiple times with one NFT Medium September 6, 2024Incorrect calculation of the minimum amount for Yeet Medium September 6, 2024Unoptimized getClaimableAmount function Medium September 6, 2024Bias of the draftWinners function in the Yeetback contract Medium September 6, 2024Precision loss in getDistribution resulting in revert Low September 4, 2024Fixed depositor reentrancy can take all the ETH Critical September 4, 2024Unsafe handling of over-100% early exit fees Critical September 4, 2024Clone construction leaves constants uninitialized High September 4, 2024Quadratic-complexity logic risks gas-limit attacks High September 4, 2024Inconsistent division of fixed-side withdrawals High September 4, 2024Variable-side yield on yield is unfairly split Medium September 4, 2024Variable side cannot always withdraw fee share Medium September 4, 2024Open receive function can lock native ETH Low September 4, 2024Implementation contract can be used Low September 4, 2024Incorrect withdrawnFeeEarnings after finalization Low September 4, 2024Reentrancy can falsify isStarted in emitted event Low September 4, 2024Inactive variable depositor locks protocol fees Low August 16, 2024ERC-1155 mint can be reentered with Critical August 16, 2024Possible fee leeching Medium August 16, 2024Possible DOS Medium August 16, 2024The costSharePrice is not properly maintained Low July 12, 2024The transferFrom function could fail Medium July 12, 2024The approve function could fail Medium July 12, 2024Rounding errors in computing fee Medium July 8, 2024Potential vulnerability in _aggregatePubkey update mechanism Critical July 8, 2024Lack of proof-of-possession verification High July 8, 2024Incorrect curve mapping Medium July 8, 2024Bias in hashToField function Low July 1, 2024Improper bounds on collateral and liquidation base points High July 1, 2024Zero close factor allows admin to block liquidations High July 1, 2024Position can be in shortfall after removing collateral Low June 18, 2024Unsound native-function declaration leading to critical verifier bypass Critical June 18, 2024Infinite recursion possible with module dependencies Critical June 18, 2024Unchecked UTF-8 decoding enables memory corruption Critical June 18, 2024Missing gas charge on memo in native_nft_transfer High June 18, 2024Next zapping ID potentially duplicated High June 18, 2024Published module names do not necessarily match binary module High June 18, 2024Ability to bypass swap fees Low June 18, 2024Module can be duplicated in module publish requests Low June 18, 2024Hex decode accepting invalid characters Low June 18, 2024Stablepools can be created with one or no assets High June 18, 2024Bad decimal-parsing function accepts multiple dots Low June 18, 2024Potential out-of-gas reversion when checking object permissions Low June 18, 2024Stablepool swap can be called, repeating the same asset High June 18, 2024Incorrect string-formatting helper Low June 18, 2024Incorrect minimum-TVL module-parameter check Low June 18, 2024Frozen module coin store can cause chain halt High June 18, 2024Malicious proposer can skip fee check High June 18, 2024A malicious user can become a permissioned relayer for IBC Medium June 18, 2024Move coins can be burned twice High June 18, 2024Move coin transfer can bypass blocked accounts Medium June 18, 2024Error not checked when fetching starting info Low June 18, 2024Move coins are case-insensitive in cosmos Low June 18, 2024Query gas limit not enforced through bank module High June 18, 2024Incorrect signer check for shorthand accounts High June 18, 2024Validator set updates can skip current validators High June 18, 2024Challenger can increase the next output index Medium June 18, 2024Missing token pair will crash the bridge executor Medium June 18, 2024Withdrawal hash clash using variable-length fields High June 14, 2024Fake pool could drain all the pool's tokens Critical June 14, 2024The redeemShort function is available before the pool is closed Critical June 14, 2024Simultaneous pool starting and closing is possible High June 14, 2024Order could be executed after the end of the pool's duration Medium June 14, 2024Bounty does not work with low-decimal tokens Medium June 14, 2024Lack of check that an order has already been canceled Low June 14, 2024Redeem functions do not work correctly Critical June 5, 2024Missing constraints in the copy circuit for MCOPY allow inserting illegitimate entries in the rw table Critical June 5, 2024Lack of constraints specific to transient storage and transaction receipts in the state circuit Critical June 5, 2024Source address is not constrained for ErrorOOGMemoryCopyGadget, allowing illegitimate reverts on MCOPY Critical June 5, 2024Step transition for end_tx not constrained Critical June 5, 2024Completeness issue for some out-of-gas cases for MCOPY Medium June 4, 2024Lack of stale price check in getAssetPrice function High June 4, 2024Unnecessary parameter usage in getRoundData function Low June 4, 2024Centralization risk in setPyth function Low May 22, 2024The supply limit limits issue, not supply High May 22, 2024Anyone can create tokens before initialization High May 22, 2024The `AssertContractInitialized` function should check `Initialized` High May 22, 2024Calling `ChangeOwner` may lock ownership upon user error Medium May 22, 2024No guard on admin-set fee rate Medium May 22, 2024Deadline-enforcement unit is inconsistent Low May 21, 2024Wrong fee mechanism in redeemBackSPCT Medium May 21, 2024Transfer event is emitted twice for minting or burning USDz Medium May 21, 2024Protection logic in rescueERC20 can be bypassed Low May 20, 2024Verification-batching implementation unsound Critical May 20, 2024Proving fails for public inputs that are all zero Medium May 9, 2024Centralization risk Medium May 9, 2024Underflow Medium April 19, 2024Reentrancy in withdrawals Critical April 19, 2024Centralization Risk High April 19, 2024Nonpayable `bridgeTokenConnext` function Low April 19, 2024Nonpayable `bridgeTokenArb` function Medium April 19, 2024Allowance given to incorrect address Medium April 16, 2024Successful swaps do not update spread High April 16, 2024Griefing potential High April 16, 2024The fallback function can collide with selectors Medium April 16, 2024Halving spread in base-to-base may be unsafe Medium April 16, 2024Chainlink data staleness Medium April 16, 2024Sandwich attack can affect base-to-base swap fee Low April 16, 2024Arbitrary calldata in `externalSwap` may be unsafe Low April 12, 2024Double spend for multi-input-actions Critical April 12, 2024Note-footer reuse within same action High April 12, 2024Note footer reuse in DarkpoolAssetManager High April 12, 2024Uniswap liquidity fee manipulation Medium April 12, 2024No slippage limits in UniswapLiquidityAssetManager Medium April 12, 2024Relayers can drain Curve asset managers Medium April 12, 2024Transfer and approval done by `_transferERC20` Medium April 12, 2024Low-entropy note generation Medium April 12, 2024Pool parameters are not verified Low April 12, 2024Signatures in circuits are not domain separated Low April 12, 2024Incomplete asset-validation logic Low April 12, 2024Reentrancy in withdrawals leading to double-spend Critical April 12, 2024Uniswap liquidity positions stealable Critical April 12, 2024Lack of wraparound protection in circuits Critical April 12, 2024Uniswap swaps can get stolen Critical April 12, 2024Fund lock via dummy notes in curve\_add\_liquidity Critical April 12, 2024Reentrancy for multi-asset-actions Critical April 12, 2024Relayers can steal from users/relayers Critical April 12, 2024Note footers not checked by `uniswapCollectFees` High April 11, 2024No withdrawal function High March 28, 2024Calling reconcile can lead to stuck funds High March 28, 2024First depositor Issue Low March 13, 2024Deposit/stake functions are front-runnable High March 13, 2024Updating when `TRIGGERED` High March 13, 2024Centralized control of fee-dripping model High March 13, 2024round-issue-in-reward Medium March 13, 2024Fee dripped in any state Medium March 13, 2024Wrong ERC bricks fee system Medium March 13, 2024Deprivileging manager by owner Low March 13, 2024Deterministic address Low March 5, 2024Owner set for implementation instead of proxy Medium March 5, 2024Using deprecated Chainlink function Medium March 5, 2024Using invalid Maker token address Low February 28, 2024Origin spoofing High February 28, 2024Improper URL handling High February 28, 2024Improper host High February 28, 2024Suboptimal symmetric key derivation Medium February 28, 2024Suboptimal symmetric key derivation Medium February 28, 2024Calm period detection Critical February 28, 2024TWAP interval High February 28, 2024Balances discontinuous High February 28, 2024Calm period not checked High February 28, 2024Paused state Medium February 28, 2024Withdrawals might revert Medium February 28, 2024Withdraw might not add liquidity again Low February 28, 2024Vault withdraw slippage Low February 28, 2024Deposit rounding Low February 28, 2024Uniswap mint edge case Low February 22, 2024Traders can increase collateral Critical February 22, 2024Order ID reuse due to multiple `PriceUpkeeps` Critical February 22, 2024Incorrect funding-rate calculation High February 22, 2024Total open PNL improperly adjusted at zero price High February 22, 2024Vault PNL per token is only scaled if negative High February 22, 2024The `maxAllowedCollateral` check could be bypassed Medium February 22, 2024Premium price feeds are not used Medium February 22, 2024Value of `groupsCollaterals` could exceed Medium February 22, 2024Extra `PRECISION_6` divides `utilizationFee` Medium February 22, 2024Incorrect funding-rate calculation due to rounding Medium February 22, 2024Centralization risk of trusted owner Medium February 22, 2024Any allowance allows unlimited withdrawal changes Low February 22, 2024Market-close time-out reissuance can be skipped Low February 22, 2024Unexecutable trades added to `tradesToTrigger` Low February 22, 2024No penalty for missed withdrawals from OstiumVault Low February 22, 2024Trade closing can revert in `sendAssets` Low February 22, 2024Locked deposit-discount accounting time Low February 22, 2024Erroneous token transfer in `UpdateTokenShares` High February 22, 2024The `_toLower` incorrectly handles Unicode Medium February 14, 2024Session key `maxAmount` parameter is not stateful Critical February 12, 2024Potential DOS Critical February 12, 2024Preferential swaps Critical February 12, 2024Withdraw leads to loss of stake Critical February 12, 2024Centralization risks High February 6, 2024Potential front-running for `buy` Medium January 26, 2024Invariant may be calculated incorrectly Medium January 26, 2024Incorrect operator in `_tweakPrice` Low January 9, 2024Centralization risk Critical January 9, 2024Incorrect down payment calculation Critical January 9, 2024Unused on-chain interest calculation High January 9, 2024Zero interest automatically changed to maximum Low January 9, 2024Loss of precision Low January 9, 2024Missing length check Low January 9, 2024Initializers not disabled Low January 9, 2024User is able to revert a position being closed Medium December 21, 2023Lack of input validation Low December 21, 2023Reentrancy in the `manage` function Low December 8, 2023Calls may be queued multiple times High December 8, 2023Funds may be trapped in the protocol Medium December 8, 2023Broker fees are not taken from swap amount Critical December 4, 2023Removal-of-owners underflow Medium December 4, 2023Wrong parameter used in revert Low December 4, 2023Entries of `eoaOwners` not checked Low November 24, 2023Anyone can become a validator Critical November 24, 2023Storage not set properly High November 24, 2023Out-of-bounds access High November 24, 2023Inaccurate handling in `findModelerUpperBound` Medium November 24, 2023Storage gaps improperly defined Medium November 24, 2023Incorrect removal logic Medium November 24, 2023Properties should be updated in `updateModel` Low November 14, 2023No enforced minimum value on `fixedPriceMarkup` Medium November 14, 2023Multiple events in the same TX cause loss of funds Critical November 14, 2023TSS funds migration may not be done correctly Medium November 14, 2023ZRC-20 mapping is overwritten on new deployment Medium November 14, 2023ZRC-20 paused status can be bypassed High November 14, 2023No slippage limit set in Uniswap swap Medium November 14, 2023Median gas-price threshold Medium November 14, 2023ZetaChain pays gas costs for EVM-to-zEVM transfers High November 9, 2023Possible DOS on cross-chain messages Critical November 9, 2023Large withdrawal may be blocked High November 9, 2023No health checks High November 9, 2023The `ecrecover` malleability Medium November 9, 2023Function inputs need validation High November 9, 2023Nonces not used in signatures Medium November 9, 2023Default blocking behavior on LZ High November 9, 2023Restore frozen balance Medium November 7, 2023Incorrect trade-volume calculation High November 6, 2023Missing selector validation High November 6, 2023Potential guardian deanonymization risk Low October 30, 2023Addition for equal summands wrong High October 30, 2023Signatures with large `r` rejected High October 30, 2023Validity of public keys High October 30, 2023Collateral inflation Critical October 30, 2023Free liquidation Critical October 30, 2023Interest theft Critical October 30, 2023Centralized pricing arbitrage High October 30, 2023Slippage is set to zero during swap High October 30, 2023EIP-712 fork replayable signature High October 30, 2023Assure debtors are auctionable Medium October 30, 2023Calculations reduce value of user collateral Low October 30, 2023ERC-4626 vault inflation Medium October 30, 2023Emissions can be claimed multiple times Critical October 30, 2023Value can be artificially inflated High October 30, 2023The lack of token addresses' verification High October 30, 2023The lack of verification of the payload data High October 30, 2023Incorrect loop implementation in function Low October 30, 2023Array out-of-bound exception in `_removeVaults` Low October 30, 2023The function `_removeVaults` returns early Low October 30, 2023The `weightStrategy` range violation Low October 30, 2023Incompatibility with USDT token Medium October 30, 2023Conversion does not account for token decimals Medium October 30, 2023Malicious users can profit Medium October 30, 2023Incorrect `weights` calculation Medium October 30, 2023Incorrect return value in `fetchEpochIds` Medium October 20, 2023Attacker-deployed ERC-20s High October 20, 2023Arbitrage opportunities bypass deposit limits High October 20, 2023Bundler calls can be identified and front-run Low October 20, 2023Operation with zero joinsplits can be tampered Low October 20, 2023Note encryption is unconstrained Low October 16, 2023Denial of service Low October 2, 2023Insufficient test coverage Low September 21, 2023Vester incorrect burn High September 21, 2023Cancellation still allows rewards to be claimed Medium Sept 13, 2023First depositor issue Low August 14, 2023Signature bypass Critical August 14, 2023PasskeyDecodeError High August 14, 2023Missing tests Medium August 14, 2023Modexp gas limit High August 14, 2023CurveTestFailures High July 25, 2023Risk of unintended token minting High July 25, 2023Possible DOS Medium July 25, 2023No storage gap Medium July 12, 2023Migrate recalled Medium July 12, 2023Param limit Low July 11, 2023Initializer High July 11, 2023Fee-on-transfer tokens Low July 10, 2023Insecure default value for JWT secret Medium July 5, 2023Inconsistencies in signers and roles Medium July 5, 2023Lack of input validation Low July 3, 2023Margin ratio not checked Critical July 3, 2023Iterating over maps High July 3, 2023AMM price manipulation Critical July 3, 2023Sender is not checked Critical July 3, 2023Wasm bindings validation Critical July 3, 2023Incorrect TWAP price High July 3, 2023Panic in `EndBlock` hooks High July 3, 2023TWAP not updated High July 3, 2023`BeginBlocker` chain halt High July 3, 2023Large `rewardSpread` High June 30, 2023`ZetaSent` events from arbitrary contracts are processed Critical June 30, 2023No panic handler in Zetaclient may halt cross chain communication High June 30, 2023Ethermint Ante handler bypass High June 30, 2023Unbonded validators prevent the TSS vote from passing Medium June 30, 2023Bonded validators can trigger reverts for successful transactions Critical June 30, 2023Sending ZETA to a bitcoin network results in BTC being sent instead Critical June 30, 2023Race condition in Bitcoin client leads to double spend Critical June 30, 2023Not waiting for minimum number of block confirmations results in double spend Critical June 30, 2023Multiple events in the same transaction causes loss of funds and chain halting Critical June 30, 2023Missing authentication when adding node keys Critical June 30, 2023Missing `nil` check in zeta client High June 30, 2023Case-sensitive address check allows for double signing High May 25, 2023Emergency withdraw functions are missing zero address checks Medium May 25, 2023Paymaster data is parsed without performing a length check Low May 24, 2023Protocol owner can drain pools Critical May 24, 2023Extraneous approval during withdrawal Critical May 24, 2023The underlying vault admin can drain pools Critical May 24, 2023Missing slippage limits allow front-running Medium May 24, 2023Unenforced assumptions about Definitive behavior Medium May 24, 2023Excessive owner responsibility creates deployment risks Medium May 24, 2023Staking manager may become locked Medium May 12, 2023Missing registry check in `restrict` Low May 12, 2023Restriction pattern creates centralization risk Low May 4, 2023Lack of input validation leading to potentially dangerous calls High April 18, 2023Iteration over options can prevent withdraws High April 18, 2023Fee manager upgrades allow factory owner to change fees and prevent option exercise High April 18, 2023Locking to Solidity version 0.8.x Medium April 18, 2023Usage of transfer to send ETH can prevent receiving Medium April 18, 2023Protocol does not check return value of ERC20 swaps Medium April 18, 2023Factory update logic of option NFT enables owner to steal funds High April 18, 2023Pool toggling functionality may allow factory owner to lock exercising of options High April 13, 2023ABI-encoded inputs can mismatch specified amount High April 13, 2023Inconsistent coding conventions Medium April 13, 2023Possible denial of service in `claim` Medium April 13, 2023Protocol does not check return value of ERC20 swaps Medium April 13, 2023High minimum investment amount Medium March 14, 2023Transfer functionality Low March 9, 2023Missing valid vault address check in processDepositQueue High March 9, 2023A malicious or compromised trader admin may lead to locked funds Medium March 9, 2023The vaultAddress validity check can be bypassed Medium March 9, 2023Ability to deposit on other users' behalf Medium March 9, 2023Missing status check in openVaultDeposits Low March 9, 2023Missing sanity checks for crucial protocol parameters Medium March 9, 2023Gas griefing using zero-value deposits and withdrawals Low February 13, 2023Malformed responses Medium February 13, 2023Low password complexity Low February 13, 2023Cleartext password in the browser's session storage Low February 13, 2023RPC responses Low December 5, 2022Missing check in `process_transfer` Critical December 5, 2022Missing check in `process_withdraw` Critical December 5, 2022Missing public key check High December 5, 2022Information leak Low December 5, 2022Withdrawal instructions ignore constraints Low December 5, 2022Confidential public key not validated Low November 3, 2022Computation inaccuracy Low November 3, 2022Implicit precision loss Low November 3, 2022Incorrect rouding behavior Low November 3, 2022Function should be a friend Low November 2, 2022Bond can be in the past Medium November 2, 2022Inconclusive removal Medium November 2, 2022Data desynchronization Low October 26, 2022Incorrect implementation of iterator High October 26, 2022Duplicate call in coin register High October 26, 2022Potential frontrunning High October 26, 2022Incorrect order size High October 26, 2022Incorrect queue implementation Medium October 26, 2022ERC20 token heist Critical October 26, 2022Redeem implementation High October 26, 2022RefundGas miscalculation Medium October 26, 2022PostRelayedCall access High October 26, 2022Upgrade limitations Medium October 26, 2022PaymentsFacet access High October 26, 2022Multicall msg.value High October 26, 2022Broken maxWithdraw Low October 26, 2022PreviewBuyNow incorrect order Low October 26, 2022Blanket ERC20 approval Low October 26, 2022Junior IR interest Low October 26, 2022TransferReserve collateral heist Critical October 26, 2022ERC20 transfer validation Low October 26, 2022Reentrancy Medium October 26, 2022buyNow validation Critical October 26, 2022No timelocks Critical October 26, 2022Depositor misaccounting Critical October 26, 2022Lost totalUnbonding assets Critical October 26, 2022Vtoken loss of funds Critical October 26, 2022Interest double payment High October 26, 2022Stale price oracle High October 25, 2022Forgable key High October 25, 2022Incorrect expression values Medium October 25, 2022Faulty comparison function Medium October 25, 2022Incorrect use of comparison function Low October 25, 2022Inconsistent stale entry check Low October 21, 2022Tortuga coin initialization Medium October 21, 2022Protocol configurations Medium October 21, 2022Payouts round down Low October 21, 2022Centralization risk Low September 28, 2022Missing validation check Critical September 28, 2022Incorrect asset tracking Critical September 28, 2022Failure to cancel orders Medium September 28, 2022Can allow dangerous calls Low September 28, 2022Centralization risk Low September 28, 2022Inconsistent interest calculations Low September 28, 2022Incomplete functionality Low August 1, 2022Same token swap allowed Low July 1, 2022migratePool loss of funds Medium July 1, 2022Swap lacks slippage Low July 1, 2022Centralization risk Low May 19, 2022Unexpected reverts Medium May 19, 2022Improperly set parameter Medium May 19, 2022Lack of input validation Low May 19, 2022Centralization risk Low May 19, 2022Missing coverage Low May 16, 2022Deposits potentially frontrun High May 16, 2022Centralization risks High May 16, 2022Unwanted deposits High May 16, 2022Emergency-only functions Medium May 16, 2022Invalid business logic Medium May 16, 2022Unaccounted dust Low May 16, 2022Missing account reload Low April 27, 2022Possible usage of stale price information Critical April 27, 2022IPyth interface and implementation do not follow the recommended best practices Low April 27, 2022Limited test-suite and code coverage Low April 25, 2022Griefing opportunity High April 25, 2022Batched mints can be rejected Low April 15, 2022Out-of-bounds write High April 15, 2022Lack of rent exemption enforcement High April 15, 2022Inefficient algorithm Low March 18, 2022Claim rewards without risk High March 18, 2022Lack of slippage checks High March 18, 2022FractalVaultV1 potential lock-up Medium March 18, 2022AnySwap potential lock-up Low March 14, 2022Insufficient validation Low March 14, 2022Undocumented code Low March 14, 2022Internal discrepancy Low March 14, 2022Methods not exposed Low March 14, 2022Insufficient test coverage Low