Posted Updated solidity2 minutes read (About 369 words)

Audit review for 2024-03-zivoe from sherlcok

https://github.com/sherlock-audit/2024-03-zivoe-judging/issues

1.DAO unable to withdraw their funds due to Convex admin action

summary

The administrator can cause a DoS (Denial of Service) in the protocol by passing malicious parameters

root cause

according to docs : admin’s action is RESTRICTED

learned

When a role’s behavior is RESTRICTED, it is necessary to examine the consequences of any suspicious actions

2.Inadequate Allowance Handling in convertAndForward Function of OCT_DAO & OCT_YDL

summary

stricted allowance assertion check lead to transaction failed

root cause

protocol suffers from inadequate handling of token allowances for the 1inch router,however they are not reset afterward.

learned

take care of the allowance assertion check

3.cannot forward extra rewards from both OCY_Convex to OCT_YDL

summary

1
2
-               if (rewardAmount > 0) { IERC20(rewardContract).safeTransfer(OCT_YDL, rewardAmount); }
+               if (rewardAmount > 0) { IBaseRewardPool_OCY_Convex_C(rewardContract).rewardToken().safeTransfer(OCT_YDL, rewardAmount); }

root cause

use safeTransfer in a none erc20 contract

learned

4.ZivoeYDL::earningsTrancheuse() always assumes that daysBetweenDistributions have passed, which might not be the case

summary

The protocol relies on keepers to call distributeYield. However, there is no guarantee that the keeper will make the call immediately.

root cause

The calculation of the APY depends on block.timestamp.

learned

When the calculation of APY depends on the timestamp, ensure it is called immediately

5.ZivoeYDL::distributeYield yield distribution is flash-loan manipulatable

summary

distributeYield is depends on totalSupply, however totalSupply can be manipulable through a flashloan.A 1-transaction inflated staked amount allows to inflate stakers distribution at the loss of vesters distribution

root cause

distributeYield amount is calculated with totalSupply

6.distributeYield() calls earningsTrancheuse() with outdated emaSTT & emaJTT while calculating senior & junior tranche yield distributions

summary

The earningsTrancheuse function uses emaSTT and emaJTT to calculate earnings, and then updates the latest emaSTT and emaJTT. It is recommended to update the latest values first and then use them to calculate earnings.

root cause

the value is not lastest need to be updated.

7.User cannot withdraw stakingToken due to incorrect calculation of _totalSupply

summary

When the user revokes a stake, the total amount is subtracted instead of the currently withdrawable amount, leading to an overflow DoS.

root cause

logic error

#

Comments

Follow

Categories

Recents

Archives

Tags

CREATE21
CTFs4
ERC201
React1
access control1
airdrop1
aptos1
audit2
blast1
chainlink1
chatGPT1
code4rena3
concordium1
conrtact1
damnvulnerabledefi4
dataFeed1
defi11
flashloan1
gas saving2
google spread sheet1
hackathon6
layerzero1
merkle tree1
openzeppelin1
pancakeswap2
pyth1
reserve2
safe1
sam altman1
smart rouetr1
solidity37
vulnerable1
web323
web3 security5

Subscribe for updates

follow.it

×