019bab3b-ac24-703a-981b-8dea6c2cb808
Open this run to answer one question: is this real attacker-relevant behavior with real impact, or just normal contract plumbing?
| ID | Type | Status | Attempts | Heartbeat |
|---|---|---|---|---|
| 38709 | artifact.fetch | complete | 1 / 3 | 3 months ago |
| 38710 | proxy.resolve | complete | 1 / 3 | 3 months ago |
| 38711 | tool.cast_disasm | complete | 1 / 3 | 3 months ago |
| 38712 | analysis.bundle | complete | 1 / 3 | 3 months ago |
| 38713 | capability.graph | complete | 1 / 3 | 3 months ago |
| 38714 | detector.run | complete | 1 / 3 | 3 months ago |
| 38715 | validation.fork | complete | 1 / 3 | 3 months ago |
| 39149 | report.consolidate | complete | 1 / 6 | 3 months ago |
| 39150 | tool.slither | failed | 2 / 2 | 3 months ago |
{
"method": "etherscan+onchain",
"status": "confirmed",
"etherscan_hint": {
"source": "etherscan",
"etherscan": {
"proxy_flag": true,
"implementation": "0xc1c5b18774d0282949331b719b5ea4a21cbc62c8"
}
},
"implementation": "0xc1c5b18774d0282949331b719b5ea4a21cbc62c8",
"onchain_method": "eip1967"
}
Traceback (most recent call last):
File "/var/www/tripwire/worker/worker.py", line 198, in main
payload = dispatch_job(job_type, job_id, job_meta, run_data, config, laravel_client)
File "/var/www/tripwire/worker/worker.py", line 114, in dispatch_job
return slither_run.run(job_id, job_meta, run_data, config, log, laravel_client)
~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/www/tripwire/worker/jobs/slither_run.py", line 1084, in run
stdout_text, stderr_text, result_json = _run_slither(
~~~~~~~~~~~~^
workspace,
^^^^^^^^^^
...<4 lines>...
target_path=target_path,
^^^^^^^^^^^^^^^^^^^^^^^^
)
^
File "/var/www/tripwire/worker/jobs/slither_run.py", line 958, in _run_slither
raise RuntimeError(f"slither failed (exit {result.returncode}): {stderr_text or stdout_text}")
RuntimeError: slither failed (exit 1): 'forge clean' running (wd: /tmp/slither-wur0kaqm)
'forge config --json' running
'forge build --build-info --skip ./test/** ./script/** --force' running (wd: /tmp/slither-wur0kaqm)
Traceback (most recent call last):
File "/var/www/tripwire/.venv/bin/slither", line 10, in <module>
sys.exit(main())
~~~~^^
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/slither/__main__.py", line 776, in main
main_impl(all_detector_classes=detectors, all_printer_classes=printers)
~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/slither/__main__.py", line 882, in main_impl
) = process_all(filename, args, detector_classes, printer_classes)
~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/slither/__main__.py", line 96, in process_all
compilations = compile_all(target, **vars(args))
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/crytic_compile.py", line 722, in compile_all
compilations.append(CryticCompile(target, **kwargs))
~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/crytic_compile.py", line 211, in __init__
self._compile(**kwargs)
~~~~~~~~~~~~~^^^^^^^^^^
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/crytic_compile.py", line 633, in _compile
self._platform.compile(self, **kwargs)
~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/platform/foundry.py", line 102, in compile
hardhat_like_parsing(
~~~~~~~~~~~~~~~~~~~~^
crytic_compile, str(self._target), build_directory, str(self._project_root)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
)
^
File "/var/www/tripwire/.venv/lib/python3.13/site-packages/crytic_compile/platform/hardhat.py", line 52, in hardhat_like_parsing
raise InvalidCompilation(txt)
crytic_compile.platform.exceptions.InvalidCompilation: Compilation failed. Can you run build command?
/tmp/slither-wur0kaqm/out/build-info is not a directory.
{"no_findings":false,"summary":"Identified share-pricing rounding undercharges, fee-on-transfer accounting gaps, and oracle-rate trust assumptions that can distort share issuance/redemption.","findings":[{"severity":"medium","category":"math","title":"Mint path rounds down, allowing underpayment for shares","exploit_scenario":"When share price is not an exact multiple of the asset unit (or when base→asset conversion truncates), a user can mint shares while paying slightly fewer assets than the fair value. By repeating mints (especially when share price is low), the attacker accumulates discounted or even zero-cost shares and later captures a larger portion of vault assets/yield, diluting existing holders.","recommendation":"Use rounding up for mint calculations end-to-end: compute required baseAssets with ceiling rounding and convert base→asset with rounding up as well (or perform a balance-delta check and revert if the paid amount is insufficient). Align previewMint and mint to be conservative.","evidence":"mint() uses Math.Rounding.Floor for _convertToAssets, and convertBaseToAsset always floors the asset amount.","locations":["src/BaseVault.sol:300","src/library/VaultLib.sol:189"]},{"severity":"medium","category":"other","title":"Deposits assume full transfer amount, enabling share inflation with fee-on-transfer tokens","exploit_scenario":"If a listed asset charges transfer fees or otherwise delivers less than `assets`, the vault still mints shares and increments totalAssets based on the requested amount. An attacker can deposit such a token, receive excess shares relative to actual assets received, and then redeem for more value than they contributed, diluting or draining other users.","recommendation":"Either disallow fee-on-transfer/rebasing tokens explicitly or calculate shares from the actual received amount by measuring vault balance before/after the transfer. Update totalAssets based on the received amount.","evidence":"_deposit increments total assets and mints shares based on the requested `assets` before/without checking the actual balance increase from safeTransferFrom.","locations":["src/BaseVault.sol:458","src/BaseVault.sol:470"]},{"severity":"medium","category":"oracle","title":"Share pricing fully trusts provider rates without safeguards","exploit_scenario":"If the rate provider can be manipulated (e.g., spot DEX price or a weak oracle), an attacker can inflate the rate for a deposit asset to mint excess shares, then redeem into the default asset once rates normalize, extracting value from the vault.","recommendation":"Ensure the provider uses manipulation-resistant oracles (TWAP, bounded updates, and/or multi-source validation). Consider adding sanity bounds or rate staleness checks before using rates for share pricing.","evidence":"convertAssetToBase/convertBaseToAsset use IProvider.getRate directly with no validation or bounds.","locations":["src/library/VaultLib.sol:177","src/library/VaultLib.sol:189"]}]}
OpenAI Codex v0.77.0 (research preview)
--------
workdir: /tmp/codex-c00oc8f7
model: gpt-5.2-codex
provider: openai
approval: never
sandbox: read-only
reasoning effort: high
reasoning summaries: auto
session id: 019babd5-1202-7312-b072-4131c5a25885
--------
user
Context: The user requested the proxy at 0x01ba69727e2860b37bc1a2bd56999c1afb4c15d8.
Audit the implementation at 0xc1c5b18774d0282949331b719b5ea4a21cbc62c8.
Findings should refer to the implementation unless explicitly about proxy mechanics.
You are a security auditor. Audit this Solidity codebase for exploitable vulnerabilities.
Focus on: reentrancy, access control, upgradeability/proxy issues, signature validation, oracle manipulation,
accounting/invariant breaks, external call patterns, unchecked return values, and dangerous delegatecall.
Scope rules:
- You MUST fully read `AUDIT_BUNDLE.txt` before concluding. It contains the complete contents of all first-party Solidity sources in this workspace.
- Treat `lib/` and `@openzeppelin/` as third-party dependencies; skip them unless there is a concrete misuse angle in first-party code.
- If there are only dependency files and no first-party sources, set no_findings=true and explain in summary.
Output MUST be valid JSON matching the provided schema.
- If you find nothing meaningful: set no_findings=true and findings=[].
- Otherwise: set no_findings=false and include findings with severity/category/title and file/line locations when possible.
Output constraints (IMPORTANT):
- severity MUST be exactly one of: info, low, medium, high, critical (lowercase).
- category MUST be exactly one of: access_control, reentrancy, math, oracle, upgradeability, auth, other.
Keep summary short and concrete.
mcp startup: no servers
thinking
**Searching for bundle files**
exec
/bin/bash -lc ls in /tmp/codex-c00oc8f7 succeeded in 7ms:
AUDIT_BUNDLE.txt
codex-output-schema.json
lib
src
exec
/bin/bash -lc 'rg --files' in /tmp/codex-c00oc8f7 succeeded in 29ms:
AUDIT_BUNDLE.txt
codex-output-schema.json
src/Vault.sol
src/BaseVault.sol
src/interface/IValidator.sol
src/interface/IProvider.sol
src/interface/IVault.sol
src/interface/IStrategy.sol
src/library/VaultLib.sol
src/Common.sol
src/module/Guard.sol
src/module/FeeMath.sol
lib/openzeppelin-contracts/contracts/interfaces/IERC4626.sol
lib/openzeppelin-contracts/contracts/interfaces/IERC1967.sol
lib/openzeppelin-contracts/contracts/interfaces/IERC20Metadata.sol
lib/openzeppelin-contracts/contracts/interfaces/IERC20.sol
lib/openzeppelin-contracts/contracts/interfaces/draft-IERC6093.sol
lib/openzeppelin-contracts/contracts/interfaces/IERC5267.sol
lib/openzeppelin-contracts/contracts/interfaces/IERC165.sol
lib/openzeppelin-contracts/contracts/access/AccessControl.sol
thinking
**Reading AUDIT_BUNDLE.txt**
exec
/bin/bash -lc 'cat AUDIT_BUNDLE.txt' in /tmp/codex-c00oc8f7 succeeded in 6ms:
This file concatenates the full contents of first-party Solidity sources for auditing.
Do not treat dependency code under lib/ or @openzeppelin/ as first-party.
================================================================================
FILE: src/BaseVault.sol
================================================================================
// SPDX-License-Identifier: BSD-3-Clause
pragma solidity ^0.8.24;
import {
AccessControlUpgradeable,
ERC20PermitUpgradeable,
ERC20Upgradeable,
IERC20,
IERC20Metadata,
Math,
ReentrancyGuardUpgradeable,
SafeERC20
} from "src/Common.sol";
thinking
**Reading large file in chunks**
exec
/bin/bash -lc "sed -n '1,400p' AUDIT_BUNDLE.txt" in /tmp/codex-c00oc8f7 succeeded in 7ms:
This file concatenates the full contents of first-party Solidity sources for auditing.
Do not treat dependency code under lib/ or @openzeppelin/ as first-party.
================================================================================
FILE: src/BaseVault.sol
================================================================================
// SPDX-License-Identifier: BSD-3-Clause
pragma solidity ^0.8.24;
import {
AccessControlUpgradeable,
ERC20PermitUpgradeable,
ERC20Upgradeable,
IERC20,
IERC20Metadata,
Math,
ReentrancyGuardUpgradeable,
SafeERC20
} from "src/Common.sol";
thinking
**Needing more input**
exec
/bin/bash -lc "sed -n '400,800p' AUDIT_BUNDLE.txt" in /tmp/codex-c00oc8f7 succeeded in 5ms:
* @return bool True if the vault is paused, false otherwise.
*/
function paused() public view returns (bool) {
return _getVaultStorage().paused;
}
/**
* @notice Returns the address of the provider.
* @return address The address of the provider.
*/
function provider() public view returns (address) {
return _getVaultStorage().provider;
}
/**
* @notice Returns the address of the buffer strategy.
* @return address The address of the buffer strategy.
*/
function buffer() public view virtual returns (address) {
return _getVaultStorage().buffer;
exec
/bin/bash -lc "sed -n '800,1200p' AUDIT_BUNDLE.txt" in /tmp/codex-c00oc8f7 succeeded in 29ms:
* @notice Processes a series of calls to target contracts.
* @param targets The addresses of the target contracts.
* @param values The values to send with the calls.
* @param data The calldata for the calls.
* @return returnData The return data from the calls.
*/
function processor(address[] calldata targets, uint256[] memory values, bytes[] calldata data)
external
virtual
onlyRole(PROCESSOR_ROLE)
returns (bytes[] memory returnData)
{
return VaultLib.processor(targets, values, data);
}
constructor() {
_disableInitializers();
}
/**
exec
/bin/bash -lc "sed -n '1200,1600p' AUDIT_BUNDLE.txt" in /tmp/codex-c00oc8f7 succeeded in 11ms:
event SetBuffer(address indexed buffer);
event SetAlwaysComputeTotalAssets(bool alwaysComputeTotalAssets);
event NewAsset(address indexed asset, uint256 decimals, uint256 index);
event ProcessSuccess(address[] targets, uint256[] values, bytes[] data);
event Pause(bool paused);
event SetProcessorRule(address indexed target, bytes4, FunctionRule);
event NativeDeposit(uint256 amount);
event ProcessAccounting(uint256 timestamp, uint256 totalAssets);
event UpdateAsset(uint256 indexed index, address indexed asset, AssetUpdateFields fields);
event DeleteAsset(uint256 indexed index, address indexed asset);
event SetBaseWithdrawalFee(uint64 oldFee, uint64 newFee);
// 4626-MAX
function getAssets() external view returns (address[] memory list);
function getAsset(address asset_) external view returns (AssetParams memory);
function getProcessorRule(address contractAddress, bytes4 funcSig) external view returns (FunctionRule memory);
function previewDepositAsset(address assetAddress, uint256 assets) external view returns (uint256);
function depositAsset(address assetAddress, uint256 amount, address receiver) external returns (uint256);
function provider() external view returns (address);
function buffer() external view returns (address);
thinking
**Continuing to read file end**
exec
/bin/bash -lc "sed -n '1600,1675p' AUDIT_BUNDLE.txt" in /tmp/codex-c00oc8f7 succeeded in 29ms:
error BufferExceedsMax(uint256 bufferAvailable, uint256 bufferMax);
error WithdrawalExceedsBuffer(uint256 withdrawalAmount, uint256 bufferAvailable);
error StartMustBeLessThanEnd(uint256 start, uint256 end);
error UnsupportedFeeType(FeeType feeType);
uint256 public constant BASIS_POINT_SCALE = 1e8;
function linearFee(uint256 amount, uint256 fee, FeeType feeType) internal pure returns (uint256) {
if (feeType == FeeType.OnRaw) {
return feeOnRaw(amount, fee);
} else if (feeType == FeeType.OnTotal) {
return feeOnTotal(amount, fee);
} else {
revert UnsupportedFeeType(feeType);
}
}
function feeOnRaw(uint256 amount, uint256 fee) internal pure returns (uint256) {
return amount.mulDiv(fee, BASIS_POINT_SCALE, Math.Rounding.Ceil);
}
thinking
**Analyzing Vault contract vulnerabilities**
thinking
**Reviewing storage, accounting, and access nuances**
I’m parsing through potential accounting inconsistencies with cached totalAssets missing strategy-held assets, plus storage slot uniqueness and nuanced access control checks that may affect vault behavior. I’m weighing design tradeoffs around stale totalAssets causing share price distortions and edge cases in Guard’s calldata validation while noting some limits only admins can mishandle.
thinking
**Examining asset management and provider reliance risks**
There is a nuanced issue with asset duplicate detection allowing re-adding deleted assets, plus complexities if assets still reside in strategies though removed from active list. I’m also considering how trusting an external provider’s rates introduces potential oracle manipulation risks affecting share pricing, and subtle rounding or allowance mismatches that might cause minor edge-case inconsistencies.
thinking
**Identifying rounding and accounting inconsistencies impacting share minting**
I’m analyzing how the vault’s rounding choices—especially flooring assets required on mint—can let users mint shares for fewer assets than their true value, causing subtle dilution. Combined with how conversions always floor asset amounts, this may let small share mints effectively happen at zero or undervalued cost, which could be exploited to gain unfair shares.
thinking
**Examining rounding impact on small share minting and fee handling**
I'm considering how asset conversion rounding to zero for tiny baseAssets can make minting shares effectively free, especially under certain decimal and rate setups. I’m also reviewing fee calculations for edge cases like 100% fees and how initializer protections relate to proxy usage, preparing to locate concrete code references for findings.
exec
/bin/bash -lc "nl -ba src/BaseVault.sol | sed -n '120,260p'" in /tmp/codex-c00oc8f7 succeeded in 7ms:
120 return _getVaultStorage().decimals;
121 }
122
123 /**
124 * @notice Returns the total assets held by the vault denominated in the default asset.
125 * @dev The ERC4626 interface underyling asset is the default asset.
126 * @return uint256 The total assets.
127 */
128 function totalAssets() public view virtual returns (uint256) {
129 return VaultLib.convertBaseToAsset(asset(), totalBaseAssets());
130 }
131
132 /**
133 * @notice Returns the total assets held by the vault denominated in the Base Asset.
134 * @dev Either returns the cached total assets or computes them in real-time
135 * based on the alwaysComputeTotalAssets setting.
136 * @return uint256 The total base assets.
137 */
138 function totalBaseAssets() public view virtual returns (uint256) {
139 if (_getVaultStorage().alwaysComputeTotalAssets) {
thinking
**Checking Mint function location**
exec
/bin/bash -lc "nl -ba src/BaseVault.sol | sed -n '280,360p'" in /tmp/codex-c00oc8f7 succeeded in 6ms:
280 * @notice Deposits a given amount of assets and assigns the equivalent amount of shares to the receiver.
281 * @param assets The amount of assets to deposit.
282 * @param receiver The address of the receiver.
283 * @return uint256 The equivalent amount of shares.
284 */
285 function deposit(uint256 assets, address receiver) public virtual nonReentrant returns (uint256) {
286 if (paused()) {
287 revert Paused();
288 }
289 (uint256 shares, uint256 baseAssets) = _convertToShares(asset(), assets, Math.Rounding.Floor);
290 _deposit(asset(), _msgSender(), receiver, assets, shares, baseAssets);
291 return shares;
292 }
293
294 /**
295 * @notice Mints a given amount of shares and assigns the equivalent amount of assets to the receiver.
296 * @param shares The amount of shares to mint.
297 * @param receiver The address of the receiver.
298 * @return uint256 The equivalent amount of assets.
299 */
thinking
**Reviewing deposit function details**
exec
/bin/bash -lc "nl -ba src/BaseVault.sol | sed -n '420,520p'" in /tmp/codex-c00oc8f7 succeeded in 12ms:
420 * @return shares The equivalent amount of shares.
421 */
422 function previewDepositAsset(address asset_, uint256 assets) public view virtual returns (uint256 shares) {
423 (shares,) = _convertToShares(asset_, assets, Math.Rounding.Floor);
424 }
425
426 /**
427 * @notice Deposits a given amount of assets for a specific asset and assigns shares to the receiver.
428 * @param asset_ The address of the asset.
429 * @param assets The amount of assets to deposit.
430 * @param receiver The address of the receiver.
431 * @return uint256 The equivalent amount of shares.
432 */
433 function depositAsset(address asset_, uint256 assets, address receiver)
434 public
435 virtual
436 nonReentrant
437 returns (uint256)
438 {
439 if (paused()) {
thinking
**Summarizing potential vulnerabilities and classifications**
I'll outline findings on mint rounding issues causing share inflation, fee-on-transfer token risks affecting share mint accuracy, and oracle manipulation risks, assigning categories and severity while referencing specific code locations for clarity.
exec
/bin/bash -lc "nl -ba src/library/VaultLib.sol | sed -n '120,220p'" in /tmp/codex-c00oc8f7 succeeded in 6ms:
120 emit IVault.NewAsset(asset_, decimals_, index);
121 }
122
123 /**
124 * @notice Updates an existing asset's parameters in the vault.
125 * @param index The index of the asset to update.
126 * @param fields The AssetUpdateFields struct containing the updated fields.
127 */
128 function updateAsset(uint256 index, IVault.AssetUpdateFields calldata fields) public {
129 IVault.AssetStorage storage assetStorage = getAssetStorage();
130 if (index >= assetStorage.list.length) {
131 revert IVault.InvalidAsset(address(0));
132 }
133
134 address asset_ = assetStorage.list[index];
135 IVault.AssetParams storage assetParams = assetStorage.assets[asset_];
136 assetParams.active = fields.active;
137 emit IVault.UpdateAsset(index, asset_, fields);
138 }
139
thinking
**Summarizing security findings for vault contract**
codex
{"no_findings":false,"summary":"Identified share-pricing rounding undercharges, fee-on-transfer accounting gaps, and oracle-rate trust assumptions that can distort share issuance/redemption.","findings":[{"severity":"medium","category":"math","title":"Mint path rounds down, allowing underpayment for shares","exploit_scenario":"When share price is not an exact multiple of the asset unit (or when base→asset conversion truncates), a user can mint shares while paying slightly fewer assets than the fair value. By repeating mints (especially when share price is low), the attacker accumulates discounted or even zero-cost shares and later captures a larger portion of vault assets/yield, diluting existing holders.","recommendation":"Use rounding up for mint calculations end-to-end: compute required baseAssets with ceiling rounding and convert base→asset with rounding up as well (or perform a balance-delta check and revert if the paid amount is insufficient). Align previewMint and mint to be conservative.","evidence":"mint() uses Math.Rounding.Floor for _convertToAssets, and convertBaseToAsset always floors the asset amount.","locations":["src/BaseVault.sol:300","src/library/VaultLib.sol:189"]},{"severity":"medium","category":"other","title":"Deposits assume full transfer amount, enabling share inflation with fee-on-transfer tokens","exploit_scenario":"If a listed asset charges transfer fees or otherwise delivers less than `assets`, the vault still mints shares and increments totalAssets based on the requested amount. An attacker can deposit such a token, receive excess shares relative to actual assets received, and then redeem for more value than they contributed, diluting or draining other users.","recommendation":"Either disallow fee-on-transfer/rebasing tokens explicitly or calculate shares from the actual received amount by measuring vault balance before/after the transfer. Update totalAssets based on the received amount.","evidence":"_deposit increments total assets and mints shares based on the requested `assets` before/without checking the actual balance increase from safeTransferFrom.","locations":["src/BaseVault.sol:458","src/BaseVault.sol:470"]},{"severity":"medium","category":"oracle","title":"Share pricing fully trusts provider rates without safeguards","exploit_scenario":"If the rate provider can be manipulated (e.g., spot DEX price or a weak oracle), an attacker can inflate the rate for a deposit asset to mint excess shares, then redeem into the default asset once rates normalize, extracting value from the vault.","recommendation":"Ensure the provider uses manipulation-resistant oracles (TWAP, bounded updates, and/or multi-source validation). Consider adding sanity bounds or rate staleness checks before using rates for share pricing.","evidence":"convertAssetToBase/convertBaseToAsset use IProvider.getRate directly with no validation or bounds.","locations":["src/library/VaultLib.sol:177","src/library/VaultLib.sol:189"]}]}
tokens used
54,165
{
"codex": {
"ran_at": "2026-01-11T06:59:37.897738+00:00",
"returncode": 0
},
"project": {
"mode": "source",
"file_count": 55,
"import_count": 77,
"first_party_contracts_count": 10
},
"summary": "Identified share-pricing rounding undercharges, fee-on-transfer accounting gaps, and oracle-rate trust assumptions that can distort share issuance/redemption.",
"raw_final": {
"summary": "Identified share-pricing rounding undercharges, fee-on-transfer accounting gaps, and oracle-rate trust assumptions that can distort share issuance/redemption.",
"findings": [
{
"title": "Mint path rounds down, allowing underpayment for shares",
"category": "math",
"evidence": "mint() uses Math.Rounding.Floor for _convertToAssets, and convertBaseToAsset always floors the asset amount.",
"severity": "medium",
"locations": [
"src/BaseVault.sol:300",
"src/library/VaultLib.sol:189"
],
"recommendation": "Use rounding up for mint calculations end-to-end: compute required baseAssets with ceiling rounding and convert base\u2192asset with rounding up as well (or perform a balance-delta check and revert if the paid amount is insufficient). Align previewMint and mint to be conservative.",
"exploit_scenario": "When share price is not an exact multiple of the asset unit (or when base\u2192asset conversion truncates), a user can mint shares while paying slightly fewer assets than the fair value. By repeating mints (especially when share price is low), the attacker accumulates discounted or even zero-cost shares and later captures a larger portion of vault assets/yield, diluting existing holders."
},
{
"title": "Deposits assume full transfer amount, enabling share inflation with fee-on-transfer tokens",
"category": "other",
"evidence": "_deposit increments total assets and mints shares based on the requested `assets` before/without checking the actual balance increase from safeTransferFrom.",
"severity": "medium",
"locations": [
"src/BaseVault.sol:458",
"src/BaseVault.sol:470"
],
"recommendation": "Either disallow fee-on-transfer/rebasing tokens explicitly or calculate shares from the actual received amount by measuring vault balance before/after the transfer. Update totalAssets based on the received amount.",
"exploit_scenario": "If a listed asset charges transfer fees or otherwise delivers less than `assets`, the vault still mints shares and increments totalAssets based on the requested amount. An attacker can deposit such a token, receive excess shares relative to actual assets received, and then redeem for more value than they contributed, diluting or draining other users."
},
{
"title": "Share pricing fully trusts provider rates without safeguards",
"category": "oracle",
"evidence": "convertAssetToBase/convertBaseToAsset use IProvider.getRate directly with no validation or bounds.",
"severity": "medium",
"locations": [
"src/library/VaultLib.sol:177",
"src/library/VaultLib.sol:189"
],
"recommendation": "Ensure the provider uses manipulation-resistant oracles (TWAP, bounded updates, and/or multi-source validation). Consider adding sanity bounds or rate staleness checks before using rates for share pricing.",
"exploit_scenario": "If the rate provider can be manipulated (e.g., spot DEX price or a weak oracle), an attacker can inflate the rate for a deposit asset to mint excess shares, then redeem into the default asset once rates normalize, extracting value from the vault."
}
],
"no_findings": false
},
"no_findings": false,
"proxy_context": {
"proxy_run_id": "019bab3b-ac24-703a-981b-8dea6c2cb808",
"proxy_address": "0x01ba69727e2860b37bc1a2bd56999c1afb4c15d8",
"implementation_run_id": "019bab3d-c746-7355-af08-a01c5cba9495",
"implementation_address": "0xc1c5b18774d0282949331b719b5ea4a21cbc62c8"
},
"schema_version": 1
}
00000000: PUSH1 0x80 00000002: PUSH1 0x40 00000004: MSTORE 00000005: PUSH2 0x000c 00000008: PUSH2 0x000e 0000000b: JUMP 0000000c: JUMPDEST 0000000d: STOP 0000000e: JUMPDEST 0000000f: PUSH32 0x00000000000000000000000090ae998b7920f7c5eb27d792f710ac5eacf5c7dc 00000030: PUSH1 0x01 00000032: PUSH1 0x01 00000034: PUSH1 0xa0 00000036: SHL 00000037: SUB 00000038: AND 00000039: CALLER 0000003a: SUB 0000003b: PUSH2 0x007a 0000003e: JUMPI 0000003f: PUSH0 00000040: CALLDATALOAD 00000041: PUSH1 0x01 00000043: PUSH1 0x01 00000045: PUSH1 0xe0 00000047: SHL 00000048: SUB 00000049: NOT 0000004a: AND 0000004b: PUSH4 0x278f7943 00000050: PUSH1 0xe1 00000052: SHL 00000053: EQ 00000054: PUSH2 0x0070 00000057: JUMPI 00000058: PUSH1 0x40 0000005a: MLOAD 0000005b: PUSH4 0x34ad5dbb 00000060: PUSH1 0xe2 00000062: SHL 00000063: DUP2 00000064: MSTORE 00000065: PUSH1 0x04 00000067: ADD 00000068: PUSH1 0x40 0000006a: MLOAD 0000006b: DUP1 0000006c: SWAP2 0000006d: SUB 0000006e: SWAP1 0000006f: REVERT 00000070: JUMPDEST 00000071: PUSH2 0x0078 00000074: PUSH2 0x0082 00000077: JUMP 00000078: JUMPDEST 00000079: JUMP 0000007a: JUMPDEST 0000007b: PUSH2 0x0078 0000007e: PUSH2 0x00b0 00000081: JUMP 00000082: JUMPDEST 00000083: PUSH0 00000084: DUP1 00000085: PUSH2 0x0091 00000088: CALLDATASIZE 00000089: PUSH1 0x04 0000008b: DUP2 0000008c: DUP5 0000008d: PUSH2 0x0303 00000090: JUMP 00000091: JUMPDEST 00000092: DUP2 00000093: ADD 00000094: SWAP1 00000095: PUSH2 0x009e 00000098: SWAP2 00000099: SWAP1 0000009a: PUSH2 0x033e 0000009d: JUMP 0000009e: JUMPDEST 0000009f: SWAP2 000000a0: POP 000000a1: SWAP2 000000a2: POP 000000a3: PUSH2 0x00ac 000000a6: DUP3 000000a7: DUP3 000000a8: PUSH2 0x00c0 000000ab: JUMP 000000ac: JUMPDEST 000000ad: POP 000000ae: POP 000000af: JUMP 000000b0: JUMPDEST 000000b1: PUSH2 0x0078 000000b4: PUSH2 0x00bb 000000b7: PUSH2 0x011a 000000ba: JUMP 000000bb: JUMPDEST 000000bc: PUSH2 0x0151 000000bf: JUMP 000000c0: JUMPDEST 000000c1: PUSH2 0x00c9 000000c4: DUP3 000000c5: PUSH2 0x016f 000000c8: JUMP 000000c9: JUMPDEST 000000ca: PUSH1 0x40 000000cc: MLOAD 000000cd: PUSH1 0x01 000000cf: PUSH1 0x01 000000d1: PUSH1 0xa0 000000d3: SHL 000000d4: SUB 000000d5: DUP4 000000d6: AND 000000d7: SWAP1 000000d8: PUSH32 0xbc7cd75a20ee27fd9adebab32041f755214dbc6bffa90cc0225b39da2e5c2d3b 000000f9: SWAP1 000000fa: PUSH0 000000fb: SWAP1 000000fc: LOG2 000000fd: DUP1 000000fe: MLOAD 000000ff: ISZERO 00000100: PUSH2 0x0112 00000103: JUMPI 00000104: PUSH2 0x010d 00000107: DUP3 00000108: DUP3 00000109: PUSH2 0x01ea 0000010c: JUMP 0000010d: JUMPDEST 0000010e: POP 0000010f: POP 00000110: POP 00000111: JUMP 00000112: JUMPDEST 00000113: PUSH2 0x00ac 00000116: PUSH2 0x025c 00000119: JUMP 0000011a: JUMPDEST 0000011b: PUSH0 0000011c: PUSH2 0x014c 0000011f: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc 00000140: SLOAD 00000141: PUSH1 0x01 00000143: PUSH1 0x01 00000145: PUSH1 0xa0 00000147: SHL 00000148: SUB 00000149: AND 0000014a: SWAP1 0000014b: JUMP 0000014c: JUMPDEST 0000014d: SWAP1 0000014e: POP 0000014f: SWAP1 00000150: JUMP 00000151: JUMPDEST 00000152: CALLDATASIZE 00000153: PUSH0 00000154: DUP1 00000155: CALLDATACOPY 00000156: PUSH0 00000157: DUP1 00000158: CALLDATASIZE 00000159: PUSH0 0000015a: DUP5 0000015b: GAS 0000015c: DELEGATECALL 0000015d: RETURNDATASIZE 0000015e: PUSH0 0000015f: DUP1 00000160: RETURNDATACOPY 00000161: DUP1 00000162: DUP1 00000163: ISZERO 00000164: PUSH2 0x016b 00000167: JUMPI 00000168: RETURNDATASIZE 00000169: PUSH0 0000016a: RETURN 0000016b: JUMPDEST 0000016c: RETURNDATASIZE 0000016d: PUSH0 0000016e: REVERT 0000016f: JUMPDEST 00000170: DUP1 00000171: PUSH1 0x01 00000173: PUSH1 0x01 00000175: PUSH1 0xa0 00000177: SHL 00000178: SUB 00000179: AND 0000017a: EXTCODESIZE 0000017b: PUSH0 0000017c: SUB 0000017d: PUSH2 0x01a9 00000180: JUMPI 00000181: PUSH1 0x40 00000183: MLOAD 00000184: PUSH4 0x4c9c8ce3 00000189: PUSH1 0xe0 0000018b: SHL 0000018c: DUP2 0000018d: MSTORE 0000018e: PUSH1 0x01 00000190: PUSH1 0x01 00000192: PUSH1 0xa0 00000194: SHL 00000195: SUB 00000196: DUP3 00000197: AND 00000198: PUSH1 0x04 0000019a: DUP3 0000019b: ADD 0000019c: MSTORE 0000019d: PUSH1 0x24 0000019f: ADD 000001a0: JUMPDEST 000001a1: PUSH1 0x40 000001a3: MLOAD 000001a4: DUP1 000001a5: SWAP2 000001a6: SUB 000001a7: SWAP1 000001a8: REVERT 000001a9: JUMPDEST 000001aa: PUSH32 0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc 000001cb: DUP1 000001cc: SLOAD 000001cd: PUSH1 0x01 000001cf: PUSH1 0x01 000001d1: PUSH1 0xa0 000001d3: SHL 000001d4: SUB 000001d5: NOT 000001d6: AND 000001d7: PUSH1 0x01 000001d9: PUSH1 0x01 000001db: PUSH1 0xa0 000001dd: SHL 000001de: SUB 000001df: SWAP3 000001e0: SWAP1 000001e1: SWAP3 000001e2: AND 000001e3: SWAP2 000001e4: SWAP1 000001e5: SWAP2 000001e6: OR 000001e7: SWAP1 000001e8: SSTORE 000001e9: JUMP 000001ea: JUMPDEST 000001eb: PUSH1 0x60 000001ed: PUSH0 000001ee: DUP1 000001ef: DUP5 000001f0: PUSH1 0x01 000001f2: PUSH1 0x01 000001f4: PUSH1 0xa0 000001f6: SHL 000001f7: SUB 000001f8: AND 000001f9: DUP5 000001fa: PUSH1 0x40 000001fc: MLOAD 000001fd: PUSH2 0x0206 00000200: SWAP2 00000201: SWAP1 00000202: PUSH2 0x0407 00000205: JUMP 00000206: JUMPDEST 00000207: PUSH0 00000208: PUSH1 0x40 0000020a: MLOAD 0000020b: DUP1 0000020c: DUP4 0000020d: SUB 0000020e: DUP2 0000020f: DUP6 00000210: GAS 00000211: DELEGATECALL 00000212: SWAP2 00000213: POP 00000214: POP 00000215: RETURNDATASIZE 00000216: DUP1 00000217: PUSH0 00000218: DUP2 00000219: EQ 0000021a: PUSH2 0x023e 0000021d: JUMPI 0000021e: PUSH1 0x40 00000220: MLOAD 00000221: SWAP2 00000222: POP 00000223: PUSH1 0x1f 00000225: NOT 00000226: PUSH1 0x3f 00000228: RETURNDATASIZE 00000229: ADD 0000022a: AND 0000022b: DUP3 0000022c: ADD 0000022d: PUSH1 0x40 0000022f: MSTORE 00000230: RETURNDATASIZE 00000231: DUP3 00000232: MSTORE 00000233: RETURNDATASIZE 00000234: PUSH0 00000235: PUSH1 0x20 00000237: DUP5 00000238: ADD 00000239: RETURNDATACOPY 0000023a: PUSH2 0x0243 0000023d: JUMP 0000023e: JUMPDEST 0000023f: PUSH1 0x60 00000241: SWAP2 00000242: POP 00000243: JUMPDEST 00000244: POP 00000245: SWAP2 00000246: POP 00000247: SWAP2 00000248: POP 00000249: PUSH2 0x0253 0000024c: DUP6 0000024d: DUP4 0000024e: DUP4 0000024f: PUSH2 0x027b 00000252: JUMP 00000253: JUMPDEST 00000254: SWAP6 00000255: SWAP5 00000256: POP 00000257: POP 00000258: POP 00000259: POP 0000025a: POP 0000025b: JUMP 0000025c: JUMPDEST 0000025d: CALLVALUE 0000025e: ISZERO 0000025f: PUSH2 0x0078 00000262: JUMPI 00000263: PUSH1 0x40 00000265: MLOAD 00000266: PUSH4 0xb398979f 0000026b: PUSH1 0xe0 0000026d: SHL 0000026e: DUP2 0000026f: MSTORE 00000270: PUSH1 0x04 00000272: ADD 00000273: PUSH1 0x40 00000275: MLOAD 00000276: DUP1 00000277: SWAP2 00000278: SUB 00000279: SWAP1 0000027a: REVERT 0000027b: JUMPDEST 0000027c: PUSH1 0x60 0000027e: DUP3 0000027f: PUSH2 0x0290 00000282: JUMPI 00000283: PUSH2 0x028b 00000286: DUP3 00000287: PUSH2 0x02da 0000028a: JUMP 0000028b: JUMPDEST 0000028c: PUSH2 0x02d3 0000028f: JUMP 00000290: JUMPDEST 00000291: DUP2 00000292: MLOAD 00000293: ISZERO 00000294: DUP1 00000295: ISZERO 00000296: PUSH2 0x02a7 00000299: JUMPI 0000029a: POP 0000029b: PUSH1 0x01 0000029d: PUSH1 0x01 0000029f: PUSH1 0xa0 000002a1: SHL 000002a2: SUB 000002a3: DUP5 000002a4: AND 000002a5: EXTCODESIZE 000002a6: ISZERO 000002a7: JUMPDEST 000002a8: ISZERO 000002a9: PUSH2 0x02d0 000002ac: JUMPI 000002ad: PUSH1 0x40 000002af: MLOAD 000002b0: PUSH4 0x9996b315 000002b5: PUSH1 0xe0 000002b7: SHL 000002b8: DUP2 000002b9: MSTORE 000002ba: PUSH1 0x01 000002bc: PUSH1 0x01 000002be: PUSH1 0xa0 000002c0: SHL 000002c1: SUB 000002c2: DUP6 000002c3: AND 000002c4: PUSH1 0x04 000002c6: DUP3 000002c7: ADD 000002c8: MSTORE 000002c9: PUSH1 0x24 000002cb: ADD 000002cc: PUSH2 0x01a0 000002cf: JUMP 000002d0: JUMPDEST 000002d1: POP 000002d2: DUP1 000002d3: JUMPDEST 000002d4: SWAP4 000002d5: SWAP3 000002d6: POP 000002d7: POP 000002d8: POP 000002d9: JUMP 000002da: JUMPDEST 000002db: DUP1 000002dc: MLOAD 000002dd: ISZERO 000002de: PUSH2 0x02ea 000002e1: JUMPI 000002e2: DUP1 000002e3: MLOAD 000002e4: DUP1 000002e5: DUP3 000002e6: PUSH1 0x20 000002e8: ADD 000002e9: REVERT 000002ea: JUMPDEST 000002eb: PUSH1 0x40 000002ed: MLOAD 000002ee: PUSH4 0x0a12f521 000002f3: PUSH1 0xe1 000002f5: SHL 000002f6: DUP2 000002f7: MSTORE 000002f8: PUSH1 0x04 000002fa: ADD 000002fb: PUSH1 0x40 000002fd: MLOAD 000002fe: DUP1 000002ff: SWAP2 00000300: SUB 00000301: SWAP1 00000302: REVERT 00000303: JUMPDEST 00000304: PUSH0 00000305: DUP1 00000306: DUP6 00000307: DUP6 00000308: GT 00000309: ISZERO 0000030a: PUSH2 0x0311 0000030d: JUMPI 0000030e: PUSH0 0000030f: DUP1 00000310: REVERT 00000311: JUMPDEST 00000312: DUP4 00000313: DUP7 00000314: GT 00000315: ISZERO 00000316: PUSH2 0x031d 00000319: JUMPI 0000031a: PUSH0 0000031b: DUP1 0000031c: REVERT 0000031d: JUMPDEST 0000031e: POP 0000031f: POP 00000320: DUP3 00000321: ADD 00000322: SWAP4 00000323: SWAP2 00000324: SWAP1 00000325: SWAP3 00000326: SUB 00000327: SWAP2 00000328: POP 00000329: JUMP 0000032a: JUMPDEST 0000032b: PUSH4 0x4e487b71 00000330: PUSH1 0xe0 00000332: SHL 00000333: PUSH0 00000334: MSTORE 00000335: PUSH1 0x41 00000337: PUSH1 0x04 00000339: MSTORE 0000033a: PUSH1 0x24 0000033c: PUSH0 0000033d: REVERT 0000033e: JUMPDEST 0000033f: PUSH0 00000340: DUP1 00000341: PUSH1 0x40 00000343: DUP4 00000344: DUP6 00000345: SUB 00000346: SLT 00000347: ISZERO 00000348: PUSH2 0x034f 0000034b: JUMPI 0000034c: PUSH0 0000034d: DUP1 0000034e: REVERT 0000034f: JUMPDEST 00000350: DUP3 00000351: CALLDATALOAD 00000352: PUSH1 0x01 00000354: PUSH1 0x01 00000356: PUSH1 0xa0 00000358: SHL 00000359: SUB 0000035a: DUP2 0000035b: AND 0000035c: DUP2 0000035d: EQ 0000035e: PUSH2 0x0365 00000361: JUMPI 00000362: PUSH0 00000363: DUP1 00000364: REVERT 00000365: JUMPDEST 00000366: SWAP2 00000367: POP 00000368: PUSH1 0x20 0000036a: DUP4 0000036b: ADD 0000036c: CALLDATALOAD 0000036d: PUSH8 0xffffffffffffffff 00000376: DUP1 00000377: DUP3 00000378: GT 00000379: ISZERO 0000037a: PUSH2 0x0381 0000037d: JUMPI 0000037e: PUSH0 0000037f: DUP1 00000380: REVERT 00000381: JUMPDEST 00000382: DUP2 00000383: DUP6 00000384: ADD 00000385: SWAP2 00000386: POP 00000387: DUP6 00000388: PUSH1 0x1f 0000038a: DUP4 0000038b: ADD 0000038c: SLT 0000038d: PUSH2 0x0394 00000390: JUMPI 00000391: PUSH0 00000392: DUP1 00000393: REVERT 00000394: JUMPDEST 00000395: DUP2 00000396: CALLDATALOAD 00000397: DUP2 00000398: DUP2 00000399: GT 0000039a: ISZERO 0000039b: PUSH2 0x03a6 0000039e: JUMPI 0000039f: PUSH2 0x03a6 000003a2: PUSH2 0x032a 000003a5: JUMP 000003a6: JUMPDEST 000003a7: PUSH1 0x40 000003a9: MLOAD 000003aa: PUSH1 0x1f 000003ac: DUP3 000003ad: ADD 000003ae: PUSH1 0x1f 000003b0: NOT 000003b1: SWAP1 000003b2: DUP2 000003b3: AND 000003b4: PUSH1 0x3f 000003b6: ADD 000003b7: AND 000003b8: DUP2 000003b9: ADD 000003ba: SWAP1 000003bb: DUP4 000003bc: DUP3 000003bd: GT 000003be: DUP2 000003bf: DUP4 000003c0: LT 000003c1: OR 000003c2: ISZERO 000003c3: PUSH2 0x03ce 000003c6: JUMPI 000003c7: PUSH2 0x03ce 000003ca: PUSH2 0x032a 000003cd: JUMP 000003ce: JUMPDEST 000003cf: DUP2 000003d0: PUSH1 0x40 000003d2: MSTORE 000003d3: DUP3 000003d4: DUP2 000003d5: MSTORE 000003d6: DUP9 000003d7: PUSH1 0x20 000003d9: DUP5 000003da: DUP8 000003db: ADD 000003dc: ADD 000003dd: GT 000003de: ISZERO 000003df: PUSH2 0x03e6 000003e2: JUMPI 000003e3: PUSH0 000003e4: DUP1 000003e5: REVERT 000003e6: JUMPDEST 000003e7: DUP3 000003e8: PUSH1 0x20 000003ea: DUP7 000003eb: ADD 000003ec: PUSH1 0x20 000003ee: DUP4 000003ef: ADD 000003f0: CALLDATACOPY 000003f1: PUSH0 000003f2: PUSH1 0x20 000003f4: DUP5 000003f5: DUP4 000003f6: ADD 000003f7: ADD 000003f8: MSTORE 000003f9: DUP1 000003fa: SWAP6 000003fb: POP 000003fc: POP 000003fd: POP 000003fe: POP 000003ff: POP 00000400: POP 00000401: SWAP3 00000402: POP 00000403: SWAP3 00000404: SWAP1 00000405: POP 00000406: JUMP 00000407: JUMPDEST 00000408: PUSH0 00000409: DUP3 0000040a: MLOAD 0000040b: PUSH0 0000040c: JUMPDEST 0000040d: DUP2 0000040e: DUP2 0000040f: LT 00000410: ISZERO 00000411: PUSH2 0x0426 00000414: JUMPI 00000415: PUSH1 0x20 00000417: DUP2 00000418: DUP7 00000419: ADD 0000041a: DUP2 0000041b: ADD 0000041c: MLOAD 0000041d: DUP6 0000041e: DUP4 0000041f: ADD 00000420: MSTORE 00000421: ADD 00000422: PUSH2 0x040c 00000425: JUMP 00000426: JUMPDEST 00000427: POP 00000428: PUSH0 00000429: SWAP3 0000042a: ADD 0000042b: SWAP2 0000042c: DUP3 0000042d: MSTORE 0000042e: POP 0000042f: SWAP2 00000430: SWAP1 00000431: POP 00000432: JUMP 00000433: INVALID 00000434: LOG2 00000435: PUSH5 0x6970667358 0000043b: UNKNOWN(0x22) 0000043c: SLT 0000043d: KECCAK256 0000043e: UNKNOWN(0xBF) 0000043f: ADDMOD 00000440: REVERT 00000441: CODECOPY 00000442: RETURN 00000443: NOT 00000444: DUP9 00000445: UNKNOWN(0x4B) 00000446: UNKNOWN(0xB6) 00000447: UNKNOWN(0xDD) 00000448: KECCAK256 00000449: UNKNOWN(0xE2) 0000044a: SWAP1 0000044b: CHAINID 0000044c: MLOAD 0000044d: BLOBBASEFEE 0000044e: UNKNOWN(0xC1) 0000044f: GASLIMIT 00000450: UNKNOWN(0xC5) 00000451: UNKNOWN(0x2F) 00000452: EXTCODESIZE 00000453: PUSH7 0x896adc81c48ba0 0000045b: DUP2 0000045c: CALLDATACOPY 0000045d: PUSH6 0x64736f6c6343 00000464: STOP 00000465: ADDMOD 00000466: XOR 00000467: STOP 00000468: CALLER
| Severity | Category | Tool | Title | Confidence | Validated | Confirmed | Details |
|---|---|---|---|---|---|---|---|
| critical | upgradeability | detector | Untrusted DELEGATECALL target reachable | 70 | no | no |
viewtrace_id: 0xfbbb375a5911da766fb51f567c1f8704097b3ad96ce43a88cdc76357a24d4c31
call_targets:
0xc1c5b18774d0282949331b719b5ea4a21cbc62c8
target_varies:
no
classification:
constant_target
validation_json{
"sink": "DELEGATECALL",
"errors": 0,
"status": "sink_reached",
"attempts": 1,
"trace_id": "0xfbbb375a5911da766fb51f567c1f8704097b3ad96ce43a88cdc76357a24d4c31",
"confirmed": false,
"trace_mode": "callTracer",
"call_targets": [
"0xc1c5b18774d0282949331b719b5ea4a21cbc62c8"
],
"matched_probe": null,
"target_varies": false,
"classification": "constant_target"
}
witness_json{
"notes": "heuristic witness; entrypoints are best-effort selectors with zeroed calldata",
"constraints": [],
"entrypoints": [
{
"calldata": "0x278f7943",
"selector": "0x278f7943",
"calldata_variants": [
"0x278f7943",
"0x278f79430000000000000000000000000000000000000000000000000000000000000000"
]
}
]
}
evidence_json{
"examples": [
{
"pc": 348,
"opcode": "DELEGATECALL",
"returndata_checked": null,
"value_expression_category": "n/a",
"target_expression_category": "computed"
},
{
"pc": 529,
"opcode": "DELEGATECALL",
"returndata_checked": null,
"value_expression_category": "n/a",
"target_expression_category": "computed"
}
],
"guards_detected": [],
"delegatecall_count": 2,
"untrusted_delegatecall_count": 2
}
|
| medium | upgradeability | cast | DELEGATECALL present | 80 | no | — |
viewevidence_json{
"notes": "delegatecall enables execution in caller context; common in proxies/upgradeable patterns",
"delegatecall_count": 2
}
|
| medium | math | codex | Mint path rounds down, allowing underpayment for shares | 75 | no | — |
viewevidence_json{
"evidence": "mint() uses Math.Rounding.Floor for _convertToAssets, and convertBaseToAsset always floors the asset amount.",
"locations": [
"src/BaseVault.sol:300",
"src/library/VaultLib.sol:189"
],
"recommendation": "Use rounding up for mint calculations end-to-end: compute required baseAssets with ceiling rounding and convert base\u2192asset with rounding up as well (or perform a balance-delta check and revert if the paid amount is insufficient). Align previewMint and mint to be conservative.",
"exploit_scenario": "When share price is not an exact multiple of the asset unit (or when base\u2192asset conversion truncates), a user can mint shares while paying slightly fewer assets than the fair value. By repeating mints (especially when share price is low), the attacker accumulates discounted or even zero-cost shares and later captures a larger portion of vault assets/yield, diluting existing holders."
}
|
| medium | other | codex | Deposits assume full transfer amount, enabling share inflation with fee-on-transfer tokens | 75 | no | — |
viewevidence_json{
"evidence": "_deposit increments total assets and mints shares based on the requested `assets` before/without checking the actual balance increase from safeTransferFrom.",
"locations": [
"src/BaseVault.sol:458",
"src/BaseVault.sol:470"
],
"recommendation": "Either disallow fee-on-transfer/rebasing tokens explicitly or calculate shares from the actual received amount by measuring vault balance before/after the transfer. Update totalAssets based on the received amount.",
"exploit_scenario": "If a listed asset charges transfer fees or otherwise delivers less than `assets`, the vault still mints shares and increments totalAssets based on the requested amount. An attacker can deposit such a token, receive excess shares relative to actual assets received, and then redeem for more value than they contributed, diluting or draining other users."
}
|
| medium | oracle | codex | Share pricing fully trusts provider rates without safeguards | 75 | no | — |
viewevidence_json{
"evidence": "convertAssetToBase/convertBaseToAsset use IProvider.getRate directly with no validation or bounds.",
"locations": [
"src/library/VaultLib.sol:177",
"src/library/VaultLib.sol:189"
],
"recommendation": "Ensure the provider uses manipulation-resistant oracles (TWAP, bounded updates, and/or multi-source validation). Consider adding sanity bounds or rate staleness checks before using rates for share pricing.",
"exploit_scenario": "If the rate provider can be manipulated (e.g., spot DEX price or a weak oracle), an attacker can inflate the rate for a deposit asset to mint excess shares, then redeem into the default asset once rates normalize, extracting value from the vault."
}
|