Smart Contract Audits and Findings by 0xJuancito Reach out on Twitter @0xJuancito for security consulting and private audits. Audit Competitions 🔐 +100 High/Medium severity bugs found in public competitions Notes: 🏆 Selected for Report Project Severity Finding Notes EigenLayer High It is impossible to slash queued withdrawals that contain a malicious strategy due to a misplacement of the ++i increment 🏆 EigenLayer Medium Conflicting strategy can lead to reverting the whole withdrawal and temporary freeze user assets from other strategies EigenLayer QA QA Report Lens Protocol Medium Lens Handles from v1 can be minted by other users on v2 before they are migrated to their corresponding owner Lens Protocol Medium Users can make any user follow them via FollowNFT::tryMigrate() without their consent 🏆 Lens Protocol Medium Users can self-follow via FollowNFT::tryMigrate() on Lens V2 🏆 Lens Protocol Medium Implementation error of EIP-712 due to wrong Typehash can lead to tx reverts Lens Protocol Medium Missing pause modifier on important LensV2Migration and FollowNFT functions Lens Protocol QA QA Report Chainlink Report 2nd Best Report 🥈 Ajna High Anyone can call memorializePositions() on behalf of other user's position due to lack of access control Ajna Medium Adversary can prevent the creation of any extraordinary funding proposal by frontrunning proposeExtraordinary() 🏆 Lybra High Missmatch in supportVotes[] order in LybraGovernance Lybra Medium Incorrect use of token.decimals() leads to error in rewards calculation and distribution Lybra Medium StakingRewardsV2 does not impose any restriction regarding esLBRBoost unlock time Lybra Medium It is impossible to mint PeUSD tokens via the LybraRETHVault and LybraWBETHVault contracts due to incorrect interface Stader Labs Medium addBid() does not increment the endBlock of the auction when it is close to the end, preventing the protocol from capturing extra value Stader Labs Medium Stale or incorrect results from data feeds can affect assets and shares calculation on deposits and withdrawals Stader Labs Medium Lack of Pause and Unpause Functionality in Auction Contract Stader Labs QA QA Report Stader Labs Gas Gas Report Dopex High All options settlements can be blocked with a permanent DOS of the settle() function Dopex Medium Missing slippage parameter on Uniswap addLiquidity() function 🏆 Dopex Medium The owner of RPDX Decaying Bonds is not updated on token transfers 🏆 Dopex QA QA Report 🏆 Frankencoin High Fresh positions can be instantly challenged leading to unrestricted minting of ZCHF tokens Frankencoin High Position owners can perform a sandwich attack against challengers to steal their collateral Frankencoin High Adjusting position prices can lead to unavertable challenges that the protocol will have to pay for Frankencoin High Lack of validation in opening positions parameters can lead to critical vulnerabilities at protocol level Frankencoin Medium restructureCapTable() only wipes out the first address on the list Frankencoin Medium No way to transfer minter role or rennounce to it Frankencoin QA QA Report 🏆 NextGen High Max minting limit can be bypassed via re-entrancy NextGen High Ether from the Auction contract can be stolen on the block the auction ends NextGen High Highest bidder can cancel their bid to win auctions for free NextGen High Adversary can block claimAuction() due to push-strategy to transfer assets to multiple bidders 🏆 NextGen Medium The owner of the auctioned token does not receive the funds after an auction ends NextGen Medium Artist signatures can be forged to impersonate the artist behind a collection 🏆 NextGen Medium Auction winner can prevent payments via safeTransferFrom callback 🏆 NextGen QA QA Report 🏆 ReNFT Mitigation High All orders can be hijacked to lock rental assets forever by tipping a huge amount of small ERC20 tips AI Arena High Non-transferable Game Items can be transferred using safeBatchTransferFrom() AI Arena High FighterFarm security checks for transfers can be avoided by using the version of safeTransferFrom() with data AI Arena High Incrementing a fighter type generation will brick the element attribute selection forever because of a missing function to update numElements AI Arena High Users with minting passes can mint fighters that are both Dendroids and Icons AI Arena High Fighters can be rerolled with a different fighterType than their own AI Arena High Users redeeming a mint pass can mint Icon fighters with any iconsType, including inexisting ones AI Arena High Precision error in curStakeAtRisk AI Arena Medium The rarity of the last physical attribute in the probability array is undermined AI Arena Medium Fighters can be minted with out of range weight, and element attributes via MergingPool::claimRewards() AI Arena Medium Rerolling allows users to outwin the pseudo-randomness of fighters DNA to mint NFTs with the best stats AI Arena Medium Roles can't be revoked AI Arena QA QA Report Althea Medium setDistributableERC20s() should check there is no ongoing distribution to prevent bricking the contract Althe Medium ERC20 tokens should be distributed before removing them from LiquidInfrastructureERC20 Althea Medium Withdrawals can be bricked if releasing more than one NFT during ongoing withdrawal Salty High Users can avoid liquidations by abusing the cooldown mechanism Salty High USDS is sent to the wrong contract when repaying borrowed USDS Salty Medium Adversary can prevent updating price feed addresses by creating poisonous proposals ending in _confirm 🏆 Salty Medium DOS of proposals by abusing ballot names without important parameters 🏆 Salty Medium Proposals that didn't reach quorum should be able to be finalized without changes when the voting phase ends Salty Medium Wallet proposals aren't reset when they are rejected Salty Medium Chainlink price feed uses BTC/USD feed instead of one with WBTC Salty Medium Pools reserves can be manipulated because of failed check of remaining reserves on removeLiquidity() Salty Medium proposeWallets enters in a deadlock if the proposed wallet doesn’t call changeWallets() Salty QA QA Report 🏆 USSD High USSDRebalancer::getOwnValuation() is easy to manipulate as it doesn't use TWAP for getting the pool price USSD High USSD::UniV3SwapInput() executes swaps with no slippage protection USSD High The protocol can't rebalance because USSD::UniV3SwapInput() will revert as it is missing the deadline when creating the ExactInputParams for the swap USSD High StableOracleWBTC::getPriceUSD() is using ETH/USD as its price feed USSD High getPriceUSD in StableOracleDai is miscalculated with wrong decimals from the priceFeedDAIETH Chainlink feed USSD High StableOracleDAI calculates getPriceUSD with inverted base/rate tokens for Chainlink price 🏆 USSD High Static oracles in StableOracleDAI and StableOracleWBGL have wrong addresses USSD High ethOracle is not defined in StableOracleDAI making getPriceUSD always revert USSD High Missing access control on burnRebalancer allows unrestricted burning of USSD tokens by anyone affecting pool balance on rebalance USSD High Missing access control on mintRebalancer allows unrestricted minting of USSD tokens by anyone affecting pool balance on rebalance USSD Medium latestRoundData from Chainlink might return stale or incorrect results USSD Medium There is no method for redeeming DAI to prevent negative scenarios described in the whitepaper USSD Medium Collateral tokens will be stuck on the contract and will be unusable after calling USSD::removeCollateral() Footium Medium Some ERC20 tokens can get permanently stuck in the contract due to use of transfer() Footium Medium Increasing _maxGenerationId allows extra minting of academy players on previous seasons Footium Medium One extra academy player can be minted per season due to mischeck in mintPlayers Gravita Low Out of gas in collectFees Teller High Borrowers can steal lenders principal without providing collateral by frontrunning lenderAcceptBid and updating the bid Teller High Adversary can modify the commited collateral of any bid at any time leading to lost or locked assets and DOS of the protocol Teller Medium Marketplaces owners can frontrun submitBid to steal collateral by modifying market parameters Caviar Private Pools Medium Adversary can prevent the creation of any private pools by frontrunning the deployer Canto Identity Subprotocols Medium Users can end up buying and paying for a different Tray than the one they were trying to acquire 🏆 Neo Tokyo High A malicious user can mint a huge amount of BYTES 2.0 tokens for himself Neo Tokyo High Malicious users can claim BYTES rewards after withdrawing all of their LP stake Wenwin QA QA Report Hats Medium Transactions will be frozen if incorrect settings are used during a deployment on HatsSignerGateFactory Biconomy QA QA Report Polynomial High KangarooVault.removeCollateral doesn't remove the collateral from the position Polynomial Medium Invalid and stale prices from Synthethix are not validated Polynomial Medium Spamming deposit and withdraw queues Polynomial QA QA Report Asymmetry High Adversary can alter derivatives balances in contracts to steal Ether Asymmetry Medium Precision loss in stake function affects share calculation Asymmetry Medium Remaining dust from Ether deposits is not returned to users Asymmetry QA QA Report Arcade QA Report TBA 🏆 reNFT High Report TBA reNFT High Report TBA reNFT High Report TBA reNFT Medium Report TBA reNFT Medium Report TBA reNFT Medium Report TBA reNFT Medium Report TBA reNFT Medium Report TBA reNFT QA Report TBA zkSync Era Medium Report TBA zkSync Era Medium Report TBA zkSync Era QA Report TBA Chainlink Staking Medium Report TBA Chainlink Staking Medium Report TBA Chainlink Staking Medium Report TBA Chainlink Staking Medium Report TBA Chainlink Staking QA Report TBA Rubicon v2 High Report TBA Rubicon v2 Medium Report TBA Rubicon v2 Medium Report TBA Contest 225 High Report TBA Contest 225 High Report TBA Contest 225 High Report TBA Contest 225 High Report TBA Contest 225 High Report TBA Contest 225 High Report TBA Contest 225 Medium Report TBA Contest 225 Medium Report TBA Contest 225 QA Report TBA