sherlock-audit 2023-12-avail-judging issues

sherlock-audit / 2023-12-avail-judging

4 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

m4ttm - Lack of zero checks in updateTokens allows AvailBridge assetId to be set

#134 sherlock-admin2 closed 8 months ago
1
Avci - the nonce value doesnt increace and its always == 1

#133 sherlock-admin closed 8 months ago
1
Udsen - THERE IS NO MAXIMUM UPPERBOUND RESTRICTION FOR THE `feePerByte` VALUE WHEN IT IS BEING SET

#132 sherlock-admin2 closed 8 months ago
1
JP_Courses - `AvailBridge::sendMessage()` Sending messages of still VALID length `data.length == MAX_DATA_LENGTH` will trigger tx revert, effectively DoS-ing the passing of arbitrary data from Ethereum to Avail

#131 sherlock-admin closed 8 months ago
5
0xMR0 - verification of bridge leaf will always fail due to unhashed leaf input argument

#130 sherlock-admin2 closed 8 months ago
4
kgothatso - `AvailBridge :: withdrawFees` can be called by anyone and can cause front-running ans a DOS attack

#129 sherlock-admin closed 8 months ago
1
John_Femi - No check between Avail token and ERC20 Token

#128 sherlock-admin2 closed 8 months ago
1
rekxor - AvailBridge.sol :: receiveAVAIL() has a wrong check in the if condition L219

#127 sherlock-admin closed 8 months ago
1
Udsen - MERKLE LEAVES HAVE THE SAME LENGTH OF 64BYTES AS THE PARENT NODES IN THE `AvailBridge._checkDataRoot` FUNCTION THUS VALIDATING FRAUDULENT MERKLE PROOF

#126 sherlock-admin2 closed 8 months ago
1
jasonxiale - AvailBridge doesn't return overpayment

#125 sherlock-admin closed 8 months ago
1
alexzoid - `sendMessage()` Allow Spamming of Off-Chain Infrastructure

#124 sherlock-admin2 closed 8 months ago
1
Damiclone - potential theft of bridges fee due to poor withdrawal design

#123 sherlock-admin closed 8 months ago
1
jasonxiale - assets might be stuck in the AvailBridge

#122 sherlock-admin2 closed 8 months ago
1
m4ttm - Excess funds are lost when using sendMessage

#121 sherlock-admin closed 8 months ago
1
404Notfound - Merkle leaf values for `dataRootCommitment` are 64 bytes before hashing which can lead to merkle tree collisions

#120 sherlock-admin2 closed 8 months ago
1
dermaroller5 - sendMessage will wrongfully fail in a scenario where a user sends max data length

#119 sherlock-admin closed 8 months ago
1
ten-on-ten - Denial of Service when vectorx address is changed

#118 sherlock-admin2 closed 8 months ago
2
Udsen - THERE IS NO LOGIC IN THE `AvailBridge` CONTRACT TO WITHDRAW THE LOCKED FUNDS, IN THE EVENT, THE CONTRACT IS PAUSED DUE TO AN EMERGENCY

#117 sherlock-admin closed 8 months ago
1
m4ttm - Reverse order of constructor arguments for ERC20 name and symbol

#116 sherlock-admin2 closed 8 months ago
8
dermaroller5 - WithdrawFees can be called by anyone which can lead to loss of funds.

#115 sherlock-admin closed 8 months ago
1
m4ttm - Incorrect use of >= to check against MAX_DATA_LENGTH

#114 sherlock-admin2 closed 8 months ago
1
Jaraxxus - Excess msg.value is not refunded when calling sendMessage, which will affect fees calculation as well

#113 sherlock-admin closed 8 months ago
1
DenTonylifer - Loss of funds when sending a message

#112 sherlock-admin2 closed 8 months ago
1
Jaraxxus - Usage of 64 bytes before hashing can lead to merkle tree collisions

#111 sherlock-admin closed 8 months ago
1
Udsen - THE `msg.sender` OF THE `AvailBridge.sendMessage` TRANSACTION WILL LOSE THE EXCESSIVE NATIVE ETH FUNDS TRANSFERRED TO THE TRANSACTION SINCE THIER IS NOT LOGIC TO REFUND THE EXCESSIVE AMOUNT

#110 sherlock-admin2 closed 8 months ago
1
jasonxiale - Messages are vulnerable to cross-chain replay attacks

#109 sherlock-admin closed 8 months ago
1
Udsen - `AvailBridge.receiveETH` FUNCTION DOES NOT PERFORM INPUT VALIDAITON CHECK ON RECIPIENT ADDRESS FOR `address(0)` THUS COULD LEAD TO LOSS OF FUNDS

#108 sherlock-admin2 closed 8 months ago
1
evmboi32 - Excess funds are not returned to the msg.sender when sending a message

#107 sherlock-admin closed 8 months ago
1
Bauer - Merkle leaf values are 64 bytes before hashing which can lead to merkle tree collisions

#106 sherlock-admin2 closed 8 months ago
1
DenTonylifer - Lack of balance check

#105 sherlock-admin closed 8 months ago
1
evmboi32 - No way to recover funds from the failed bridge transaction.

#104 sherlock-admin2 closed 8 months ago
1
Udsen - `AvaildBridge.initialize` FUNCTION DOES NOT CHECK THE RETURN BOOLEAN VALUE OF `_grantRole(PAUSER_ROLE, pauser)` CALL FOR SUCCESS THUS PUTTING THE ENTIRE BRIDGE IN DANGER IN THE EVENT OF AN EMERGENCY

#103 sherlock-admin closed 8 months ago
1
0xWallSecurity - [M-2] Users can send empty messages without paying fees

#102 sherlock-admin2 closed 8 months ago
1
John_Femi - Bridge can only be done in one direction

#101 sherlock-admin closed 8 months ago
1
0xWallSecurity - [M-1] ERC20 Tokens sent over the bridge may get locked, if the allowed token-list updates, before the ERC20 are received.

#100 sherlock-admin2 closed 8 months ago
1
Udsen - __gap VARIABLE IS NOT DEFINED IN THE `AvailBridge` UPGRADEABLE CONTRACT

#99 sherlock-admin closed 8 months ago
1
0xhashiman - Lack of __gap Variable

#98 sherlock-admin2 closed 8 months ago
2
0xlamide - Users funds can be lost if transaction reverts on the receiving chain

#97 sherlock-admin closed 8 months ago
1
0xlamide - Users fy

#96 sherlock-admin2 closed 8 months ago
1
KiteWeb3 - Potential Denial-of-Service (DoS) Risk Due to Lack of Upper Limit and Absence of Event Emission in ```AvailBridge::updateFeePerByte()```

#95 sherlock-admin closed 8 months ago
1
r0ck3tz - Missing initialization of implementation contract

#94 sherlock-admin2 closed 8 months ago
1
KiteWeb3 - Incorrect Data Length Validation in ```AvailBridge::sendMessage``` function

#93 sherlock-admin closed 8 months ago
1
0xC - Integer Overflow in `sendERC20` Function

#92 sherlock-admin2 closed 8 months ago
1
0xC - Integer Overflow in `sendETH` Function

#91 sherlock-admin closed 8 months ago
1
0xC - Integer Overflow in `sendAVAIL` Function

#90 sherlock-admin2 closed 8 months ago
1
0xC - Integer Overflow in `sendMessage` Function

#89 sherlock-admin closed 8 months ago
2
gqrp - Invalid

#88 sherlock-admin2 closed 8 months ago
1
caventa - receiveETH could spend fee

#87 sherlock-admin closed 8 months ago
5
0x52 - Not requiring approvals for wAVAIL bridges make the token dangerous in some existing defi platforms

#86 sherlock-admin2 closed 8 months ago
2
0x52 - Very large sends from AvailBridge will break receiving bridge and cause loss of funds

#85 sherlock-admin closed 8 months ago
5