security/smart-contract-vulnerabilities

Smart Contract Security Vulnerability Overview

ethereumsecurity👥 Communityconfidence 0.9health -1%

v1.0.0·Updated 3/24/2026

Logic Error Vulnerabilities

Analysis of 12 real-world cases from Code4rena audit competitions (2022-2024)

Vulnerability Overview

Logic errors occur when contract code is syntactically correct but the business logic implementation is flawed.

Common scenarios:

Incorrect state update ordering
Boundary condition issues in conditionals (off-by-one)
Missing state transitions in complex business flows

Mitigation Recommendations

Write invariant tests (invariant_* in Foundry) for critical business logic to verify system invariants always hold
Use fuzz testing to cover boundary inputs, especially 0, max uint256, and extremely small values
When designing state machines, explicitly define all valid state transitions and reject invalid paths
Break down complex calculations into independently verifiable sub-functions with dedicated unit tests
Engage external auditors — logic errors are the most valuable class of findings for manual review

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #913 [1708535839185]

Source: 2024-01-salty-1057

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #1057

[H] Malicious user can atomically take up to 1% of rewards for all newly whitelisted pools, by using DUST LP

Source: 2024-01-salty-1029

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #1029

[M] Upgraded Q -> 2 from #765 [1706657343488]

Source: 2023-12-ethereumcreditguild-1285

Contest: 2023-12-ethereumcreditguild | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #1285

[M] Upgraded Q -> M from #400 [1670236078897]

Source: 2022-11-stakehouse-449

Contest: 2022-11-stakehouse | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #449

[H] Adversaries can create a new pair with the same uniswapPool as exising pair and disrupt reallocation process

Source: 2024-05-predy-224

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #224

[H] `feeTaker` can receive more than actual fees when `claim(...)` is called

Source: 2024-06-vultisig-226

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #226

[H] Missing Validations in the Tx-Tracker Can Drain The Protocol

Source: 2023-11-zetachain-574

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #574

[M] Incorrect parameter for allowedBorrow when repaying

Source: 2023-07-tapioca-1673

Contest: 2023-07-tapioca | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #1673

[M] Likelihood of becoming zero numbers for the numbers of the winning ticket

Source: 2023-03-wenwin-487

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #487

[M] Upgraded Q -> M from #236 [1669938261828]

Source: 2022-11-stakehouse-445

Contest: 2022-11-stakehouse | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #445 | - Vulnerability Type: logic-error | - Ecosystem: ethereum

[H] Reactivated gauges can't queue up rewards

Source: 2023-05-maia-883

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #883

[M] Burn logic issue due to lack of checking parameter 0 in burnWithReserve function

Source: 2023-04-frankencoin-986

Contest: 2023-04-frankencoin | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #986

Statistics

Case Count: 12
Severity Breakdown: 6 High / 6 Medium
Data Source: Code4rena (code4rena.com)

Integer Overflow Vulnerabilities

Analysis of 10 real-world cases from Code4rena audit competitions (2022-2024)

Vulnerability Overview

Integer overflow/underflow was extremely common before Solidity 0.8; from 0.8 onward, arithmetic is checked by default.

Common scenarios:

Overflow within unchecked blocks
Overflow in custom assembly
Truncation from type casting (uint256 → uint128)

Mitigation Recommendations

Upgrade to Solidity 0.8+ (default checked arithmetic — overflow automatically reverts)
When using unchecked blocks, manually prove that overflow cannot occur (e.g., for-loop increments)
Before downcasting (uint256 → uint128), validate the value range: require(x <= type(uint128).max)
Avoid mixing int and uint — implicit type conversions introduce subtle hazards
Ensure test coverage specifically targets boundary values: 0, 1, and type(uint256).max

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #957 [1708275316654]

Source: 2024-01-salty-1053

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #1053

[H] Lack of overflow protection / low precision can allow attacker to steal SALT rewards

Source: 2024-01-salty-1022

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #1022

[H] `ILOPool::claim` incorrectly re-adds fees to the caller's rewards, which can cause users to receive rewards owed to othe

Source: 2024-06-vultisig-225

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #225

[H] All rewards are lost with moderate amount of GUILD tokens voted for a gauge

Source: 2023-12-ethereumcreditguild-1208

Contest: 2023-12-ethereumcreditguild | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #1208

[M] Upgraded Q -> M from #658 [1674423108320]

Source: 2022-12-tigris-674

Contest: 2022-12-tigris | - Severity: 🟡 Medium | - Type: integer-overflow | - Source: Code4rena #674

[M] Precision Loss Due to Division Before Multiplication.

Source: 2024-04-panoptic-577

Contest: 2024-04-panoptic | - Severity: 🟡 Medium | - Type: integer-overflow | - Source: Code4rena #577

[H] totalWethDelegated does not decrease in withdraw can cause DOS

Source: 2023-08-dopex-2208

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #2208

[H] Token decimals may be above 18 leading to underflow issues

Source: 2022-12-tigris-651

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #651

[H] integer overflow or underflow

Source: 2022-12-tigris-661

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #661

[M] Loss of Funds when user wants to repay debt and underflow in _repay () function

Source: 2023-07-tapioca-1680

Contest: 2023-07-tapioca | - Severity: 🟡 Medium | - Type: integer-overflow | - Source: Code4rena #1680

Statistics

Case Count: 10
Severity Breakdown: 7 High / 3 Medium
Data Source: Code4rena (code4rena.com)

Oracle Manipulation Vulnerabilities

Analysis of 33 real-world cases from Code4rena audit competitions (2022-2024)

Vulnerability Overview

Oracle manipulation attacks influence price oracle readings within a single transaction, causing the protocol to execute operations at incorrect prices.

Common scenarios:

Manipulating AMM spot price (insufficient TWAP protection)
Flash loan-assisted price feed manipulation
Using oracles that can be manipulated within a single block

Mitigation Recommendations

Use TWAP (time-weighted average price) instead of spot price, with a window of at least 30 minutes
Implement deviation checks: reject if on-chain price deviates more than 5% from the oracle price
Combine with Chainlink Price Feeds for dual verification — single-source oracles are easily manipulated
Before critical operations (liquidations, lending), verify the price is within a reasonable range
Avoid completing the full "manipulate + profit" cycle within a single block; introduce a cooldown period

Real-World Cases (Selected)

[H] Incorrect price precision in RdpxV2Core

Source: 2023-08-dopex-2206

Logic Error Vulnerabilities

Analysis of 12 real-world cases from Code4rena audit competitions (2022-2024)

Vulnerability Overview

Logic errors occur when contract code is syntactically correct but the business logic implementation is flawed.

Common scenarios:

Incorrect state update ordering
Boundary condition issues in conditionals (off-by-one)
Missing state transitions in complex business flows

Mitigation Recommendations

Write invariant tests (invariant_* in Foundry) for critical business logic to verify system invariants always hold
Use fuzz testing to cover boundary inputs, especially 0, max uint256, and extremely small values
When designing state machines, explicitly define all valid state transitions and reject invalid paths
Break down complex calculations into independently verifiable sub-functions with dedicated unit tests
Engage external auditors — logic errors are the most valuable class of findings for manual review

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #913 [1708535839185]

Source: 2024-01-salty-1057

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #1057

[H] Malicious user can atomically take up to 1% of rewards for all newly whitelisted pools, by using DUST LP

Source: 2024-01-salty-1029

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #1029

[M] Upgraded Q -> 2 from #765 [1706657343488]

Source: 2023-12-ethereumcreditguild-1285

Contest: 2023-12-ethereumcreditguild | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #1285

[M] Upgraded Q -> M from #400 [1670236078897]

Source: 2022-11-stakehouse-449

Contest: 2022-11-stakehouse | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #449

[H] Adversaries can create a new pair with the same uniswapPool as exising pair and disrupt reallocation process

Source: 2024-05-predy-224

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #224

[H] `feeTaker` can receive more than actual fees when `claim(...)` is called

Source: 2024-06-vultisig-226

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #226

[H] Missing Validations in the Tx-Tracker Can Drain The Protocol

Source: 2023-11-zetachain-574

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #574

[M] Incorrect parameter for allowedBorrow when repaying

Source: 2023-07-tapioca-1673

Contest: 2023-07-tapioca | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #1673

[M] Likelihood of becoming zero numbers for the numbers of the winning ticket

Source: 2023-03-wenwin-487

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #487

[M] Upgraded Q -> M from #236 [1669938261828]

Source: 2022-11-stakehouse-445

Contest: 2022-11-stakehouse | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #445 | - Vulnerability Type: logic-error | - Ecosystem: ethereum

[H] Reactivated gauges can't queue up rewards

Source: 2023-05-maia-883

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: logic-error | - Source: Code4rena #883

[M] Burn logic issue due to lack of checking parameter 0 in burnWithReserve function

Source: 2023-04-frankencoin-986

Contest: 2023-04-frankencoin | - Severity: 🟡 Medium | - Type: logic-error | - Source: Code4rena #986

Statistics

Case Count: 12
Severity Breakdown: 6 High / 6 Medium
Data Source: Code4rena (code4rena.com)

Integer Overflow Vulnerabilities

Analysis of 10 real-world cases from Code4rena audit competitions (2022-2024)

Vulnerability Overview

Integer overflow/underflow was extremely common before Solidity 0.8; from 0.8 onward, arithmetic is checked by default.

Common scenarios:

Overflow within unchecked blocks
Overflow in custom assembly
Truncation from type casting (uint256 → uint128)

Mitigation Recommendations

Upgrade to Solidity 0.8+ (default checked arithmetic — overflow automatically reverts)
When using unchecked blocks, manually prove that overflow cannot occur (e.g., for-loop increments)
Before downcasting (uint256 → uint128), validate the value range: require(x <= type(uint128).max)
Avoid mixing int and uint — implicit type conversions introduce subtle hazards
Ensure test coverage specifically targets boundary values: 0, 1, and type(uint256).max

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #957 [1708275316654]

Source: 2024-01-salty-1053

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #1053

[H] Lack of overflow protection / low precision can allow attacker to steal SALT rewards

Source: 2024-01-salty-1022

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #1022

[H] `ILOPool::claim` incorrectly re-adds fees to the caller's rewards, which can cause users to receive rewards owed to othe

Source: 2024-06-vultisig-225

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #225

[H] All rewards are lost with moderate amount of GUILD tokens voted for a gauge

Source: 2023-12-ethereumcreditguild-1208

Contest: 2023-12-ethereumcreditguild | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #1208

[M] Upgraded Q -> M from #658 [1674423108320]

Source: 2022-12-tigris-674

Contest: 2022-12-tigris | - Severity: 🟡 Medium | - Type: integer-overflow | - Source: Code4rena #674

[M] Precision Loss Due to Division Before Multiplication.

Source: 2024-04-panoptic-577

Contest: 2024-04-panoptic | - Severity: 🟡 Medium | - Type: integer-overflow | - Source: Code4rena #577

[H] totalWethDelegated does not decrease in withdraw can cause DOS

Source: 2023-08-dopex-2208

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #2208

[H] Token decimals may be above 18 leading to underflow issues

Source: 2022-12-tigris-651

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #651

[H] integer overflow or underflow

Source: 2022-12-tigris-661

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: integer-overflow | - Source: Code4rena #661

[M] Loss of Funds when user wants to repay debt and underflow in _repay () function

Source: 2023-07-tapioca-1680

Contest: 2023-07-tapioca | - Severity: 🟡 Medium | - Type: integer-overflow | - Source: Code4rena #1680

Statistics

Case Count: 10
Severity Breakdown: 7 High / 3 Medium
Data Source: Code4rena (code4rena.com)

Oracle Manipulation Vulnerabilities

Analysis of 33 real-world cases from Code4rena audit competitions (2022-2024)

Vulnerability Overview

Oracle manipulation attacks influence price oracle readings within a single transaction, causing the protocol to execute operations at incorrect prices.

Common scenarios:

Manipulating AMM spot price (insufficient TWAP protection)
Flash loan-assisted price feed manipulation
Using oracles that can be manipulated within a single block

Mitigation Recommendations

Use TWAP (time-weighted average price) instead of spot price, with a window of at least 30 minutes
Implement deviation checks: reject if on-chain price deviates more than 5% from the oracle price
Combine with Chainlink Price Feeds for dual verification — single-source oracles are easily manipulated
Before critical operations (liquidations, lending), verify the price is within a reasonable range
Avoid completing the full "manipulate + profit" cycle within a single block; introduce a cooldown period

Real-World Cases (Selected)

[H] Incorrect price precision in RdpxV2Core

Source: 2023-08-dopex-2206

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #2206

[H] Exchange rate is stale for deposit to calculate shares

Source: 2023-06-stader-351

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #351

[H] Wrong number of ticks returned, which can lead to unexpected revert

Source: 2024-03-revert-lend-498

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #498

[H] If 2 tokens have different decimals, price returned from `_getReferencePoolPriceX96()` can be wrong

Source: 2024-03-revert-lend-490

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #490

[H] `AutoCompound::execute` function that can allow an attacker to steal funds from the contract

Source: 2024-03-revert-lend-485

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #485

[H] Use of `slot0` to get `sqrtPriceLimitX96` can lead to price manipulation.

Source: 2024-04-panoptic-562

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #562

[H] No check if TWAP is outside of bounds for position exercise allows to steal from users

Source: 2024-04-panoptic-531

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #531

[H] Use of slot0 to get sqrtPriceLimitX96 can lead to price manipulation

Source: 2024-05-predy-303

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #303

[H] Use of `slot0()` to fetch prices can lead to price manipulation

Source: 2024-05-predy-301

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #301

[M] Upgraded Q -> 2 from #253 [1719594215976]

Source: 2024-05-predy-306

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: oracle-manipulation | - Source: Code4rena #306

[H] Vulnerability to first depositor pool frontrunning attack in PSM deployment

Source: 2023-12-ethereumcreditguild-1272

Contest: 2023-12-ethereumcreditguild | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #1272

[M] Calculating slippage from price oracle is not accurate

Source: 2023-08-dopex-2203

Contest: 2023-08-dopex | - Severity: 🟡 Medium | - Type: oracle-manipulation | - Source: Code4rena #2203

[H] Decimals are computed in the wrong way if the collateral token doesn't have 18 decimals

Source: 2022-10-inverse-585

Contest: 2022-10-inverse | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #585

[M] Oracle.sol uses deprecated Chainlink API `latestAnswer()`

Source: 2022-10-inverse-601

Contest: 2022-10-inverse | - Severity: 🟡 Medium | - Type: oracle-manipulation | - Source: Code4rena #601

[H] _getReferencePoolPriceX96 will show incorrect price for negative ticks cause it doesn't round up for negative ticks.

Source: 2024-03-revert-lend-482

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #482

Statistics

Number of cases: 33
Severity breakdown: 18 High / 15 Medium
Data source: Code4rena (code4rena.com)

Access Control Vulnerabilities

Analysis of 18 real-world cases from Code4rena audit contests (2022–2024)

Vulnerability Overview

Access control vulnerabilities occur when a contract fails to properly restrict who can call critical functions, allowing unauthorized operations.

Common scenarios:

Missing onlyOwner/onlyRole modifiers
Initialization functions without access control (callable by anyone)
Flawed role assignment logic leading to privilege leakage

Mitigation Recommendations

Use OpenZeppelin AccessControl or Ownable — don't roll your own permission logic
Initialization functions must use the initializer modifier to prevent calls from arbitrary addresses
Critical functions (mint/pause/upgrade) must have explicit role restrictions
Regularly audit all public/external functions to verify permission boundaries
Use multisig (Gnosis Safe) for admin privileges to avoid single points of failure

Real-world Cases (Selected)

[H] Rewards accrued will be permanently locked when there are no stakers

Source: 2024-02-uniswap-foundation-369

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #369

[H] HIGH : The Giant pools can be drained by any user.

Source: 2022-11-stakehouse-419

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #419

[H] No access control `INVEscrow.onDeposit()` --> infinite balance xINV.

Source: 2022-10-inverse-487

Contest: 2022-10-inverse | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #487

[H] `AutoExit::execute()` function allows an attacker to drain the liquidity of a Uniswap v3 pool by repeatedly calling the

Source: 2024-03-revert-lend-483

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #483

[H] Missing access control CollateralTracker::startToken

Source: 2024-04-panoptic-571

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #571

[H] Contract can be front run and set with a malicious owner upon deployment

Source: 2024-04-panoptic-544

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #544

[H] Missing access modifier

Source: 2023-11-zetachain-541

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #541 | Fix: Add an onlyOwner modifier:

[M] Upgraded Q -> 2 from #808 [1706659279669]

Source: 2023-12-ethereumcreditguild-1287

Contest: 2023-12-ethereumcreditguild | - Severity: 🟡 Medium | - Type: access-control | - Source: Code4rena #1287

[H] EIP-2938 Breaks Whitelist Logic

Source: 2023-08-dopex-2202

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #2202

[H] Missing access control override in BoringFactory

Source: 2023-07-tapioca-1696

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #1696

[M] Add access control to inti constructor like function

Source: 2023-07-tapioca-1687

[H] Exchange rate is stale for deposit to calculate shares

Source: 2023-06-stader-351

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #351

[H] Wrong number of ticks returned, which can lead to unexpected revert

Source: 2024-03-revert-lend-498

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #498

[H] If 2 tokens have different decimals, price returned from `_getReferencePoolPriceX96()` can be wrong

Source: 2024-03-revert-lend-490

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #490

[H] `AutoCompound::execute` function that can allow an attacker to steal funds from the contract

Source: 2024-03-revert-lend-485

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #485

[H] Use of `slot0` to get `sqrtPriceLimitX96` can lead to price manipulation.

Source: 2024-04-panoptic-562

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #562

[H] No check if TWAP is outside of bounds for position exercise allows to steal from users

Source: 2024-04-panoptic-531

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #531

[H] Use of slot0 to get sqrtPriceLimitX96 can lead to price manipulation

Source: 2024-05-predy-303

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #303

[H] Use of `slot0()` to fetch prices can lead to price manipulation

Source: 2024-05-predy-301

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #301

[M] Upgraded Q -> 2 from #253 [1719594215976]

Source: 2024-05-predy-306

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: oracle-manipulation | - Source: Code4rena #306

[H] Vulnerability to first depositor pool frontrunning attack in PSM deployment

Source: 2023-12-ethereumcreditguild-1272

Contest: 2023-12-ethereumcreditguild | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #1272

[M] Calculating slippage from price oracle is not accurate

Source: 2023-08-dopex-2203

Contest: 2023-08-dopex | - Severity: 🟡 Medium | - Type: oracle-manipulation | - Source: Code4rena #2203

[H] Decimals are computed in the wrong way if the collateral token doesn't have 18 decimals

Source: 2022-10-inverse-585

Contest: 2022-10-inverse | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #585

[M] Oracle.sol uses deprecated Chainlink API `latestAnswer()`

Source: 2022-10-inverse-601

Contest: 2022-10-inverse | - Severity: 🟡 Medium | - Type: oracle-manipulation | - Source: Code4rena #601

[H] _getReferencePoolPriceX96 will show incorrect price for negative ticks cause it doesn't round up for negative ticks.

Source: 2024-03-revert-lend-482

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: oracle-manipulation | - Source: Code4rena #482

Statistics

Number of cases: 33
Severity breakdown: 18 High / 15 Medium
Data source: Code4rena (code4rena.com)

Access Control Vulnerabilities

Analysis of 18 real-world cases from Code4rena audit contests (2022–2024)

Vulnerability Overview

Access control vulnerabilities occur when a contract fails to properly restrict who can call critical functions, allowing unauthorized operations.

Common scenarios:

Missing onlyOwner/onlyRole modifiers
Initialization functions without access control (callable by anyone)
Flawed role assignment logic leading to privilege leakage

Mitigation Recommendations

Use OpenZeppelin AccessControl or Ownable — don't roll your own permission logic
Initialization functions must use the initializer modifier to prevent calls from arbitrary addresses
Critical functions (mint/pause/upgrade) must have explicit role restrictions
Regularly audit all public/external functions to verify permission boundaries
Use multisig (Gnosis Safe) for admin privileges to avoid single points of failure

Real-world Cases (Selected)

[H] Rewards accrued will be permanently locked when there are no stakers

Source: 2024-02-uniswap-foundation-369

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #369

[H] HIGH : The Giant pools can be drained by any user.

Source: 2022-11-stakehouse-419

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #419

[H] No access control `INVEscrow.onDeposit()` --> infinite balance xINV.

Source: 2022-10-inverse-487

Contest: 2022-10-inverse | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #487

[H] `AutoExit::execute()` function allows an attacker to drain the liquidity of a Uniswap v3 pool by repeatedly calling the

Source: 2024-03-revert-lend-483

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #483

[H] Missing access control CollateralTracker::startToken

Source: 2024-04-panoptic-571

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #571

[H] Contract can be front run and set with a malicious owner upon deployment

Source: 2024-04-panoptic-544

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #544

[H] Missing access modifier

Source: 2023-11-zetachain-541

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #541 | Fix: Add an onlyOwner modifier:

[M] Upgraded Q -> 2 from #808 [1706659279669]

Source: 2023-12-ethereumcreditguild-1287

Contest: 2023-12-ethereumcreditguild | - Severity: 🟡 Medium | - Type: access-control | - Source: Code4rena #1287

[H] EIP-2938 Breaks Whitelist Logic

Source: 2023-08-dopex-2202

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #2202

[H] Missing access control override in BoringFactory

Source: 2023-07-tapioca-1696

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #1696

[M] Add access control to inti constructor like function

Source: 2023-07-tapioca-1687

Contest: 2023-07-tapioca | - Severity: 🟡 Medium | - Type: access-control | - Source: Code4rena #1687

[H] The code uses arithmetic operations without explicitly checking for possible overflows or underflows

Source: 2023-05-maia-830

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #830 | - Data Inaccuracy: The vulnerability can lead to incorrect calculations and inaccurate data, potentially compromising the integrity of

[H] Malicious RestrictionManger can be used to verify Tranche Members

Source: 2023-09-centrifuge-729

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #729

[H] Allowance manipulation in UserEscrow struct leads to unauthorized token transfers due to overreliance on maximum allowan

Source: 2023-09-centrifuge-717

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #717

[M] Signature malleability in permit function

Source: 2023-09-centrifuge-800

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: access-control | - Source: Code4rena #800

Statistics

Number of Cases: 18
Severity Breakdown: 14 High / 4 Medium
Data Source: Code4rena (code4rena.com)

DoS Denial-of-Service Vulnerabilities

Analysis of 16 real-world cases from Code4rena audit contests (2022–2024)

Vulnerability Overview

DoS vulnerabilities block normal contract functionality, causing funds to be locked or the protocol to become inoperable.

Common Scenarios:

Iterating over unbounded arrays causes gas limit exhaustion
Relying on external calls to succeed (one failure affects all)
Force-sending ETH to a contract to manipulate balance checks

Mitigation Recommendations

Avoid calling external functions or transferring funds inside loops (use pull-payment instead of push-payment)
Cap loop iterations to prevent unbounded loops from exhausting gas
Do not require external calls to succeed (implement fallback/degraded handling on failure)
Avoid using address(this).balance as a state condition (can be manipulated by force-sending ETH)
Design batch operations with pagination to allow completion across multiple calls

Real-World Cases (Selected)

[M] Upgraded Q -> 2 from #653 [1709062456905]

Source: 2024-01-salty-1064

Contest: 2024-01-salty | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #1064

[H] Core function can be called externally leading to DOS

Source: 2024-04-panoptic-567

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #567

[M] sqrtPriceX96 can change over time affecting project initialization

Source: 2024-06-vultisig-200

Contest: 2024-06-vultisig | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #200

[H] `CreateTSSVoter` Ballots DoS

Source: 2023-11-zetachain-545

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #545

[M] Upgraded Q -> M from #445 [1674423223201]

Source: 2022-12-tigris-675

Contest: 2022-12-tigris | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #675 | - Vulnerability Type: dos | - Ecosystem: ethereum

[H] Borrower can prevent being liquidated.

Source: 2024-03-revert-lend-499

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #499

[H] RCE & DoS Through the Stdout in ZetaVisor

Source: 2023-11-zetachain-567

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #567

[M] USDT approval racing can lead to DoS

Source: 2023-07-tapioca-1698

Contest: 2023-07-tapioca | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #1698

[H] Aunction DOS

Source: 2023-06-stader-367

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #367

[H] Adding Block.number to Block.timestamp

Source: 2023-06-stader-346

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #346

[H] The same address in original owner set and recovery owner set can lead to permanent DoS

Source: 2024-10-kleidi-33

Contest: 2024-10-kleidi | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #33

[M] DoS in `pause()` function in certain conditions

Source: 2024-10-kleidi-53

Contest: 2024-10-kleidi | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #53

[M] The pause function in the Timelock contract could be temporarily subjected to a DoS attack due to the unbounded iteratio

Source: 2024-10-kleidi-51

Contest: 2024-10-kleidi | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #51

[M] DoS in pause function due to unbounded loop over proposals

Source: 2024-10-kleidi-46

Contest: 2024-10-kleidi | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #46

[H] Some Outgoing functions are not supported on the gateway

Source: 2023-09-centrifuge-764

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #764

Statistics

Number of Cases: 16
Severity Breakdown: 8 High / 8 Medium
Data Source: Code4rena (code4rena.com)

Frontrunning / Sandwich Attack Vulnerabilities

Analysis of 13 real-world cases from Code4rena audit contests (2022–2024)

Vulnerability Overview

Frontrunning attacks monitor the mempool and insert transactions ahead of a target transaction to extract profit.

Common Scenarios:

DEX trades sandwiched (squeezed) by attackers
approve + transferFrom frontrun
NFT mint price frontrun

Mitigation Recommendations

Use a commit-reveal two-phase scheme for critical operations (submit hash first, reveal content later)
Set a reasonable slippage tolerance for DEX interactions (≤0.5% for major tokens; never set 0%)
Send transactions via Flashbots Protect RPC or MEV Blocker to bypass the public mempool
Add a deadline parameter to limit transaction validity and prevent stale transaction replay
Do not rely on block.timestamp / blockhash for NFT mint randomness — use Chainlink VRF instead

Real-World Cases (Selected)

[H] Borrower can frontrun liquidator to avoid liquidation of their insolvent position

Source: 2024-01-salty-999

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #999

[H] Use of slot0 to get sqrtPriceX96 before performing swaps

Source: 2024-05-predy-305

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #305

[H] Missing deadline checks allow pending transactions to be maliciously executed

Source: 2024-05-predy-208

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #208

[M] Project launch is vulnerable to DoS attack

Source: 2024-06-vultisig-199

Contest: 2024-06-vultisig | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #199

[M] The lack of a WETH-Profits Token pair upon calling getEthFromZeta can expose it to malicious pool creation

Source: 2023-11-zetachain-582

Contest: 2023-11-zetachain | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #582

[M] Pay Gas in ERC20 functionality will get frontran

Source: 2023-11-zetachain-577

[H] The code uses arithmetic operations without explicitly checking for possible overflows or underflows

Source: 2023-05-maia-830

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #830 | - Data Inaccuracy: The vulnerability can lead to incorrect calculations and inaccurate data, potentially compromising the integrity of

[H] Malicious RestrictionManger can be used to verify Tranche Members

Source: 2023-09-centrifuge-729

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #729

[H] Allowance manipulation in UserEscrow struct leads to unauthorized token transfers due to overreliance on maximum allowan

Source: 2023-09-centrifuge-717

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: access-control | - Source: Code4rena #717

[M] Signature malleability in permit function

Source: 2023-09-centrifuge-800

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: access-control | - Source: Code4rena #800

Statistics

Number of Cases: 18
Severity Breakdown: 14 High / 4 Medium
Data Source: Code4rena (code4rena.com)

DoS Denial-of-Service Vulnerabilities

Analysis of 16 real-world cases from Code4rena audit contests (2022–2024)

Vulnerability Overview

DoS vulnerabilities block normal contract functionality, causing funds to be locked or the protocol to become inoperable.

Common Scenarios:

Iterating over unbounded arrays causes gas limit exhaustion
Relying on external calls to succeed (one failure affects all)
Force-sending ETH to a contract to manipulate balance checks

Mitigation Recommendations

Avoid calling external functions or transferring funds inside loops (use pull-payment instead of push-payment)
Cap loop iterations to prevent unbounded loops from exhausting gas
Do not require external calls to succeed (implement fallback/degraded handling on failure)
Avoid using address(this).balance as a state condition (can be manipulated by force-sending ETH)
Design batch operations with pagination to allow completion across multiple calls

Real-World Cases (Selected)

[M] Upgraded Q -> 2 from #653 [1709062456905]

Source: 2024-01-salty-1064

Contest: 2024-01-salty | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #1064

[H] Core function can be called externally leading to DOS

Source: 2024-04-panoptic-567

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #567

[M] sqrtPriceX96 can change over time affecting project initialization

Source: 2024-06-vultisig-200

Contest: 2024-06-vultisig | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #200

[H] `CreateTSSVoter` Ballots DoS

Source: 2023-11-zetachain-545

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #545

[M] Upgraded Q -> M from #445 [1674423223201]

Source: 2022-12-tigris-675

Contest: 2022-12-tigris | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #675 | - Vulnerability Type: dos | - Ecosystem: ethereum

[H] Borrower can prevent being liquidated.

Source: 2024-03-revert-lend-499

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #499

[H] RCE & DoS Through the Stdout in ZetaVisor

Source: 2023-11-zetachain-567

Contest: 2023-11-zetachain | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #567

[M] USDT approval racing can lead to DoS

Source: 2023-07-tapioca-1698

Contest: 2023-07-tapioca | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #1698

[H] Aunction DOS

Source: 2023-06-stader-367

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #367

[H] Adding Block.number to Block.timestamp

Source: 2023-06-stader-346

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #346

[H] The same address in original owner set and recovery owner set can lead to permanent DoS

Source: 2024-10-kleidi-33

Contest: 2024-10-kleidi | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #33

[M] DoS in `pause()` function in certain conditions

Source: 2024-10-kleidi-53

Contest: 2024-10-kleidi | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #53

[M] The pause function in the Timelock contract could be temporarily subjected to a DoS attack due to the unbounded iteratio

Source: 2024-10-kleidi-51

Contest: 2024-10-kleidi | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #51

[M] DoS in pause function due to unbounded loop over proposals

Source: 2024-10-kleidi-46

Contest: 2024-10-kleidi | - Severity: 🟡 Medium | - Type: dos | - Source: Code4rena #46

[H] Some Outgoing functions are not supported on the gateway

Source: 2023-09-centrifuge-764

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: dos | - Source: Code4rena #764

Statistics

Number of Cases: 16
Severity Breakdown: 8 High / 8 Medium
Data Source: Code4rena (code4rena.com)

Frontrunning / Sandwich Attack Vulnerabilities

Analysis of 13 real-world cases from Code4rena audit contests (2022–2024)

Vulnerability Overview

Frontrunning attacks monitor the mempool and insert transactions ahead of a target transaction to extract profit.

Common Scenarios:

DEX trades sandwiched (squeezed) by attackers
approve + transferFrom frontrun
NFT mint price frontrun

Mitigation Recommendations

Use a commit-reveal two-phase scheme for critical operations (submit hash first, reveal content later)
Set a reasonable slippage tolerance for DEX interactions (≤0.5% for major tokens; never set 0%)
Send transactions via Flashbots Protect RPC or MEV Blocker to bypass the public mempool
Add a deadline parameter to limit transaction validity and prevent stale transaction replay
Do not rely on block.timestamp / blockhash for NFT mint randomness — use Chainlink VRF instead

Real-World Cases (Selected)

[H] Borrower can frontrun liquidator to avoid liquidation of their insolvent position

Source: 2024-01-salty-999

Contest: 2024-01-salty | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #999

[H] Use of slot0 to get sqrtPriceX96 before performing swaps

Source: 2024-05-predy-305

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #305

[H] Missing deadline checks allow pending transactions to be maliciously executed

Source: 2024-05-predy-208

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #208

[M] Project launch is vulnerable to DoS attack

Source: 2024-06-vultisig-199

Contest: 2024-06-vultisig | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #199

[M] The lack of a WETH-Profits Token pair upon calling getEthFromZeta can expose it to malicious pool creation

Source: 2023-11-zetachain-582

Contest: 2023-11-zetachain | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #582

[M] Pay Gas in ERC20 functionality will get frontran

Source: 2023-11-zetachain-577

Contest: 2023-11-zetachain | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #577

[M] Upgraded Q -> 2 from #556 [1706974007287]

Source: 2023-12-ethereumcreditguild-1290

Contest: 2023-12-ethereumcreditguild | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #1290

[H] VaultProxy can be selfdestructed using delegatecall

Source: 2023-06-stader-349

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #349

[M] Missing deadline checks allow pending transactions to be maliciously executed

Source: 2023-05-maia-899

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #899

[M] Not using slippage parameter in swap() while swapping causes loss of funds

Source: 2023-05-maia-912

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #912

[M] Vulnerable to MEV exploitation due to lack of slippage protection

Source: 2023-05-maia-894

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #894

[M] Validator/miner can set Block timestamp to a draw scheduled date and buy winning ticket if drawCoolDownPeriod is set to

Source: 2023-03-wenwin-474

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #474

[M] `drawCoolDownPeriod` of 0 may allow frontrunning the draw with a winning ticket purchase

Source: 2023-03-wenwin-467

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #467

Statistics

Case Count: 13
Severity: 4 High / 9 Medium
Data Source: Code4rena (code4rena.com)

Delegatecall Vulnerabilities

Analysis of 6 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

delegatecall executes target code in the caller's context. Untrusted targets or mismatched storage layouts can lead to critical vulnerabilities.

Common scenarios:

Proxy contract pointed at a malicious implementation
Implementation contract selfdestruct renders the proxy inoperable
Inconsistent storage slot layouts

Mitigation Recommendations

Call _disableInitializers() in the implementation contract constructor to prevent direct initialization
Strictly ensure storage layout consistency between proxy and implementation contracts; verify with tooling
Never delegatecall to user-supplied addresses; only allow whitelisted contracts
Implementation contracts must not contain selfdestruct (would permanently brick the proxy)
Upgrades must go through timelock + multisig; single EOA upgrades must not be permitted

Real-World Cases (Selected)

[H] `_delegatee` risk

Source: 2024-02-uniswap-foundation-366

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #366

[H] `_delegatee` to incorrect address

Source: 2024-02-uniswap-foundation-362

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #362

[H] Some tokens can become locked after delegation is rejected

Source: 2024-02-uniswap-foundation-397

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #397

[H] unsafe delegate

Source: 2024-02-uniswap-foundation-367

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #367

[H] Attacker can claim greater chunk of the reward pool by depositing large amount of stake tokens

Source: 2024-02-uniswap-foundation-363

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #363

[H] Controlled Delegatecall Vulnerability in Singularity, BaseUSDO, USDOLeverageModule, USDOMarketModule, and USDOOptionsMod

Source: 2023-07-tapioca-1657

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #1657

Statistics

Case Count: 6
Severity: 6 High / 0 Medium
Data Source: Code4rena (code4rena.com)

Precision Loss Vulnerabilities

Analysis of 8 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Precision loss occurs in Solidity integer division when fractional parts are truncated, leading to inaccurate calculations.

Common scenarios:

Division executed before multiplication causes precision loss
Calculation errors with low-decimal tokens (low precision)
Accumulated rounding errors leading to fund loss

Mitigation Recommendations

Always multiply before dividing: a * b / c not a / c * b
Use 1e18 precision (WAD) or higher for intermediate calculations
Handle low-precision tokens (6-decimal tokens like USDC) specially; avoid mixing with 18-decimal precision
Set minimum operation amount thresholds to prevent zero-value attacks from precision loss
Use overflow-safe exact division libraries such as mulDiv (Uniswap FullMath / PRBMath)

Real-World Cases (Selected)

[M] wrong implement of ' _resetDailyLendIncreaseLimit' and '_resetDailyDebtIncreaseLimit'

Source: 2024-03-revert-lend-506

Contest: 2024-03-revert-lend | - Severity: 🟡 Medium | - Type: precision-loss | - Source: Code4rena #506

[M] Users can redeem rDpx they haven't deposited

Source: 2023-08-dopex-2221

Contest: 2023-08-dopex | - Severity: 🟡 Medium | - Type: precision-loss | - Source: Code4rena #2221

[H] V3Vault is Vulnerable to Inflation Due to Donation Attacks

Source: 2024-03-revert-lend-503

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #503

[H] Incorrect Exponentiation

Source: 2024-04-panoptic-559

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #559

[H] the mint function in erc4626 will mint incorrect amount

Source: 2023-05-maia-913

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #913

[M] Rounding division error could occur in the receiveRandomNumber function

Source: 2023-03-wenwin-472

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: precision-loss | - Source: Code4rena #472

[H] Truncate of values can be avoided

Source: 2022-12-tigris-629

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #629

[H] HIGH: Vault or pool funds can be stolen by any user who holds LP tokens.

Source: 2022-11-stakehouse-425

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #425

Statistics

Case Count: 8
Severity: 5 High / 3 Medium
Data Source: Code4rena (code4rena.com)

Reentrancy Vulnerabilities

Analysis of 9 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Reentrancy attacks occur when a contract sends ETH to or calls an external contract, allowing an attacker to re-enter the original contract within the callback.

Common scenarios:

Single-function reentrancy (classic DAO attack pattern)
Cross-function reentrancy (function A's operation re-entered via function B)
Read-only reentrancy (reading intermediate state for manipulation)

Mitigation Recommendations

Follow the CEI pattern (Checks → Effects → Interactions): validate first, then update state, then call external contracts
Use OpenZeppelin ReentrancyGuard's nonReentrant modifier
Avoid sending ETH to external addresses or calling unknown contracts before state updates
Watch out for read-only reentrancy: even view functions can be read during intermediate states, affecting other contract logic
ERC777/ERC1155 callback hooks are high-risk points; contracts receiving these token types require extra protection

Real-World Cases (Selected)

[M] Reentrancy in ERC777 tokens in collateralTokens.sol

Source: 2024-04-panoptic-578

Contest: 2024-04-panoptic | - Severity: 🟡 Medium | - Type: reentrancy | - Source: Code4rena #578

[M] Upgraded Q -> 2 from #878 [1709061118939]

Source: 2024-01-salty-1063

[M] Upgraded Q -> 2 from #556 [1706974007287]

Source: 2023-12-ethereumcreditguild-1290

Contest: 2023-12-ethereumcreditguild | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #1290

[H] VaultProxy can be selfdestructed using delegatecall

Source: 2023-06-stader-349

Contest: 2023-06-stader | - Severity: 🔴 High | - Type: frontrunning | - Source: Code4rena #349

[M] Missing deadline checks allow pending transactions to be maliciously executed

Source: 2023-05-maia-899

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #899

[M] Not using slippage parameter in swap() while swapping causes loss of funds

Source: 2023-05-maia-912

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #912

[M] Vulnerable to MEV exploitation due to lack of slippage protection

Source: 2023-05-maia-894

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #894

[M] Validator/miner can set Block timestamp to a draw scheduled date and buy winning ticket if drawCoolDownPeriod is set to

Source: 2023-03-wenwin-474

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #474

[M] `drawCoolDownPeriod` of 0 may allow frontrunning the draw with a winning ticket purchase

Source: 2023-03-wenwin-467

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: frontrunning | - Source: Code4rena #467

Statistics

Case Count: 13
Severity: 4 High / 9 Medium
Data Source: Code4rena (code4rena.com)

Delegatecall Vulnerabilities

Analysis of 6 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

delegatecall executes target code in the caller's context. Untrusted targets or mismatched storage layouts can lead to critical vulnerabilities.

Common scenarios:

Proxy contract pointed at a malicious implementation
Implementation contract selfdestruct renders the proxy inoperable
Inconsistent storage slot layouts

Mitigation Recommendations

Call _disableInitializers() in the implementation contract constructor to prevent direct initialization
Strictly ensure storage layout consistency between proxy and implementation contracts; verify with tooling
Never delegatecall to user-supplied addresses; only allow whitelisted contracts
Implementation contracts must not contain selfdestruct (would permanently brick the proxy)
Upgrades must go through timelock + multisig; single EOA upgrades must not be permitted

Real-World Cases (Selected)

[H] `_delegatee` risk

Source: 2024-02-uniswap-foundation-366

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #366

[H] `_delegatee` to incorrect address

Source: 2024-02-uniswap-foundation-362

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #362

[H] Some tokens can become locked after delegation is rejected

Source: 2024-02-uniswap-foundation-397

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #397

[H] unsafe delegate

Source: 2024-02-uniswap-foundation-367

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #367

[H] Attacker can claim greater chunk of the reward pool by depositing large amount of stake tokens

Source: 2024-02-uniswap-foundation-363

Contest: 2024-02-uniswap-foundation | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #363

[H] Controlled Delegatecall Vulnerability in Singularity, BaseUSDO, USDOLeverageModule, USDOMarketModule, and USDOOptionsMod

Source: 2023-07-tapioca-1657

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: delegatecall | - Source: Code4rena #1657

Statistics

Case Count: 6
Severity: 6 High / 0 Medium
Data Source: Code4rena (code4rena.com)

Precision Loss Vulnerabilities

Analysis of 8 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Precision loss occurs in Solidity integer division when fractional parts are truncated, leading to inaccurate calculations.

Common scenarios:

Division executed before multiplication causes precision loss
Calculation errors with low-decimal tokens (low precision)
Accumulated rounding errors leading to fund loss

Mitigation Recommendations

Always multiply before dividing: a * b / c not a / c * b
Use 1e18 precision (WAD) or higher for intermediate calculations
Handle low-precision tokens (6-decimal tokens like USDC) specially; avoid mixing with 18-decimal precision
Set minimum operation amount thresholds to prevent zero-value attacks from precision loss
Use overflow-safe exact division libraries such as mulDiv (Uniswap FullMath / PRBMath)

Real-World Cases (Selected)

[M] wrong implement of ' _resetDailyLendIncreaseLimit' and '_resetDailyDebtIncreaseLimit'

Source: 2024-03-revert-lend-506

Contest: 2024-03-revert-lend | - Severity: 🟡 Medium | - Type: precision-loss | - Source: Code4rena #506

[M] Users can redeem rDpx they haven't deposited

Source: 2023-08-dopex-2221

Contest: 2023-08-dopex | - Severity: 🟡 Medium | - Type: precision-loss | - Source: Code4rena #2221

[H] V3Vault is Vulnerable to Inflation Due to Donation Attacks

Source: 2024-03-revert-lend-503

Contest: 2024-03-revert-lend | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #503

[H] Incorrect Exponentiation

Source: 2024-04-panoptic-559

Contest: 2024-04-panoptic | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #559

[H] the mint function in erc4626 will mint incorrect amount

Source: 2023-05-maia-913

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #913

[M] Rounding division error could occur in the receiveRandomNumber function

Source: 2023-03-wenwin-472

Contest: 2023-03-wenwin | - Severity: 🟡 Medium | - Type: precision-loss | - Source: Code4rena #472

[H] Truncate of values can be avoided

Source: 2022-12-tigris-629

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #629

[H] HIGH: Vault or pool funds can be stolen by any user who holds LP tokens.

Source: 2022-11-stakehouse-425

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: precision-loss | - Source: Code4rena #425

Statistics

Case Count: 8
Severity: 5 High / 3 Medium
Data Source: Code4rena (code4rena.com)

Reentrancy Vulnerabilities

Analysis of 9 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Reentrancy attacks occur when a contract sends ETH to or calls an external contract, allowing an attacker to re-enter the original contract within the callback.

Common scenarios:

Single-function reentrancy (classic DAO attack pattern)
Cross-function reentrancy (function A's operation re-entered via function B)
Read-only reentrancy (reading intermediate state for manipulation)

Mitigation Recommendations

Follow the CEI pattern (Checks → Effects → Interactions): validate first, then update state, then call external contracts
Use OpenZeppelin ReentrancyGuard's nonReentrant modifier
Avoid sending ETH to external addresses or calling unknown contracts before state updates
Watch out for read-only reentrancy: even view functions can be read during intermediate states, affecting other contract logic
ERC777/ERC1155 callback hooks are high-risk points; contracts receiving these token types require extra protection

Real-World Cases (Selected)

[M] Reentrancy in ERC777 tokens in collateralTokens.sol

Source: 2024-04-panoptic-578

Contest: 2024-04-panoptic | - Severity: 🟡 Medium | - Type: reentrancy | - Source: Code4rena #578

[M] Upgraded Q -> 2 from #878 [1709061118939]

Source: 2024-01-salty-1063

Contest: 2024-01-salty | - Severity: 🟡 Medium | - Type: reentrancy | - Source: Code4rena #1063

[M] Insecure use of SafeTransferFrom() function

Source: 2024-04-panoptic-574

Contest: 2024-04-panoptic | - Severity: 🟡 Medium | - Type: reentrancy | - Source: Code4rena #574

[H] Reward clarinets can claim rewards multiple times

Source: 2023-05-maia-909

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #909

[M] Centralization Risk for trusted owners

Source: 2023-11-zetachain-584

Contest: 2023-11-zetachain | - Severity: 🟡 Medium | - Type: reentrancy | - Source: Code4rena #584

[H] Re-entrancy in flash minting USDO can bypass max checks

Source: 2023-07-tapioca-1674

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #1674

[H] reentrancy

Source: 2022-12-tigris-665

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #665

[H] potential reentrancy risk in `_distributeETHRewardsToUserForToken`

Source: 2022-11-stakehouse-414

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #414

[H] Reentrancy in staking function exit

Source: 2023-03-wenwin-490

Contest: 2023-03-wenwin | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #490

Statistics

Case Count: 9
Severity Breakdown: 5 High / 4 Medium
Data Source: Code4rena (code4rena.com)

Storage Collision Vulnerabilities

Analysis of 14 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Storage collisions occur when proxy contracts and implementation contracts share the same storage slot, causing variables to overwrite each other.

Common Scenarios:

Proxy contract admin variable collides with implementation contract slot 0
Multiple inheritance causes inconsistent storage layouts
Improper use of EIP-1967 standard slots

Mitigation Recommendations

Use EIP-1967 standard storage slots (randomized slots to avoid collisions)
All contracts in the inheritance chain should use __gap to reserve storage space (standard practice in OZ Upgradeable contracts)
Before upgrading, validate storage layout compatibility using hardhat-upgrades or @openzeppelin/upgrades-core
Deploy proxy and implementation contracts separately, ensuring slot 0 is not used by both simultaneously
In the Diamond Pattern, have each facet use its own dedicated diamond storage struct

Real-World Cases (Selected)

[H] Use of `slot0` in perp.sol can lead to manipulation of reallocation

Source: 2024-05-predy-213

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #213

[H] Token Claim Issue in Pool Contract: Improper Distribution Leaves Pool Empty

Source: 2024-06-vultisig-227

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #227

[H] Incorrect fee distribution in `claim()`

Source: 2024-06-vultisig-218

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #218

[H] SLOT owners lose half their value when there is no sETH deposited to the Syndicate.

Source: 2022-11-stakehouse-423

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #423

[M] Upgraded Q -> 2 from #638 [1708536212549]

Source: 2024-01-salty-1059

Contest: 2024-01-salty | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #1059

[M] Upgraded Q -> 2 from #259 [1719594465362]

Source: 2024-05-predy-310

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #310

[M] Upgraded Q -> 2 from #254 [1719594348550]

Source: 2024-05-predy-308

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #308

[M] No Protection of Uninitialized Implementation Contracts From Attacker

Source: 2024-05-predy-302

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #302

[H] Improper fee distribution mechanism in the `ILOPool.claim()` function.

Source: 2024-06-vultisig-217

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #217

[M] FRONT-RUNNING SUSCEPTIBILITY IN ADDBID()

Source: 2023-06-stader-414

Contest: 2023-06-stader | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #414

[M] Not enough valid checks in the Factory.sol

Source: 2023-09-centrifuge-789

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #789

[H] Calling withdraw on a delegated amount of WETH doesn't subtract from totalWethDelegated

Source: 2023-08-dopex-2186

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #2186

[M] Upgraded Q -> 2 from #327 [1686724891862]

Source: 2023-06-stader-426

Contest: 2023-06-stader | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #426

[M] MALICIOUS USER CAN CALL THE `FlywheelBribeRewards.setRewardsDepot()` FUNCTION INDEFINITELY TO PUSH `ethereum` INTO `STAT

Source: 2023-05-maia-906

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #906

Statistics

Case Count: 14
Severity Breakdown: 6 High / 8 Medium
Data Source: Code4rena (code4rena.com)

Signature Replay Vulnerabilities

Analysis of 10 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Signature replay attacks use a previously valid signature to re-execute operations in a new context.

Common Scenarios:

Missing nonce allows the same signature to be used multiple times
Cross-chain deployments lack chainId validation
Incorrect implementation of the domain separator

Mitigation Recommendations

Use EIP-712 structured signatures; domain separator must include chainId + contract address
Each signature must be bound to a unique nonce, marked as consumed immediately after use
For cross-chain deployments, ensure the domain separator differs on each chain (use block.chainid dynamically)
When verifying signatures, check signer == expectedSigner and reject the zero address
Time-limited signatures should include a deadline field and expire automatically

Real-World Cases (Selected)

[M] Signature Collision Will Not Process The Logs Correctly

Source: 2023-11-zetachain-575

Contest: 2023-11-zetachain | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #575

[M] Owners having valid permits might not be able to deposit or redeem assets/shares due to incorrect order of address valid

Source: 2023-09-centrifuge-788

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #788

[H] Error when handling deposit in the `addToPosition` function

Source: 2022-12-tigris-644

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #644

[M] Upgraded Q -> 2 from #59 [1710724231052]

Source: 2024-02-uniswap-foundation-421

[M] Insecure use of SafeTransferFrom() function

Source: 2024-04-panoptic-574

Contest: 2024-04-panoptic | - Severity: 🟡 Medium | - Type: reentrancy | - Source: Code4rena #574

[H] Reward clarinets can claim rewards multiple times

Source: 2023-05-maia-909

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #909

[M] Centralization Risk for trusted owners

Source: 2023-11-zetachain-584

Contest: 2023-11-zetachain | - Severity: 🟡 Medium | - Type: reentrancy | - Source: Code4rena #584

[H] Re-entrancy in flash minting USDO can bypass max checks

Source: 2023-07-tapioca-1674

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #1674

[H] reentrancy

Source: 2022-12-tigris-665

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #665

[H] potential reentrancy risk in `_distributeETHRewardsToUserForToken`

Source: 2022-11-stakehouse-414

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #414

[H] Reentrancy in staking function exit

Source: 2023-03-wenwin-490

Contest: 2023-03-wenwin | - Severity: 🔴 High | - Type: reentrancy | - Source: Code4rena #490

Statistics

Case Count: 9
Severity Breakdown: 5 High / 4 Medium
Data Source: Code4rena (code4rena.com)

Storage Collision Vulnerabilities

Analysis of 14 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Storage collisions occur when proxy contracts and implementation contracts share the same storage slot, causing variables to overwrite each other.

Common Scenarios:

Proxy contract admin variable collides with implementation contract slot 0
Multiple inheritance causes inconsistent storage layouts
Improper use of EIP-1967 standard slots

Mitigation Recommendations

Use EIP-1967 standard storage slots (randomized slots to avoid collisions)
All contracts in the inheritance chain should use __gap to reserve storage space (standard practice in OZ Upgradeable contracts)
Before upgrading, validate storage layout compatibility using hardhat-upgrades or @openzeppelin/upgrades-core
Deploy proxy and implementation contracts separately, ensuring slot 0 is not used by both simultaneously
In the Diamond Pattern, have each facet use its own dedicated diamond storage struct

Real-World Cases (Selected)

[H] Use of `slot0` in perp.sol can lead to manipulation of reallocation

Source: 2024-05-predy-213

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #213

[H] Token Claim Issue in Pool Contract: Improper Distribution Leaves Pool Empty

Source: 2024-06-vultisig-227

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #227

[H] Incorrect fee distribution in `claim()`

Source: 2024-06-vultisig-218

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #218

[H] SLOT owners lose half their value when there is no sETH deposited to the Syndicate.

Source: 2022-11-stakehouse-423

Contest: 2022-11-stakehouse | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #423

[M] Upgraded Q -> 2 from #638 [1708536212549]

Source: 2024-01-salty-1059

Contest: 2024-01-salty | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #1059

[M] Upgraded Q -> 2 from #259 [1719594465362]

Source: 2024-05-predy-310

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #310

[M] Upgraded Q -> 2 from #254 [1719594348550]

Source: 2024-05-predy-308

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #308

[M] No Protection of Uninitialized Implementation Contracts From Attacker

Source: 2024-05-predy-302

Contest: 2024-05-predy | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #302

[H] Improper fee distribution mechanism in the `ILOPool.claim()` function.

Source: 2024-06-vultisig-217

Contest: 2024-06-vultisig | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #217

[M] FRONT-RUNNING SUSCEPTIBILITY IN ADDBID()

Source: 2023-06-stader-414

Contest: 2023-06-stader | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #414

[M] Not enough valid checks in the Factory.sol

Source: 2023-09-centrifuge-789

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #789

[H] Calling withdraw on a delegated amount of WETH doesn't subtract from totalWethDelegated

Source: 2023-08-dopex-2186

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: storage-collision | - Source: Code4rena #2186

[M] Upgraded Q -> 2 from #327 [1686724891862]

Source: 2023-06-stader-426

Contest: 2023-06-stader | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #426

[M] MALICIOUS USER CAN CALL THE `FlywheelBribeRewards.setRewardsDepot()` FUNCTION INDEFINITELY TO PUSH `ethereum` INTO `STAT

Source: 2023-05-maia-906

Contest: 2023-05-maia | - Severity: 🟡 Medium | - Type: storage-collision | - Source: Code4rena #906

Statistics

Case Count: 14
Severity Breakdown: 6 High / 8 Medium
Data Source: Code4rena (code4rena.com)

Signature Replay Vulnerabilities

Analysis of 10 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Signature replay attacks use a previously valid signature to re-execute operations in a new context.

Common Scenarios:

Missing nonce allows the same signature to be used multiple times
Cross-chain deployments lack chainId validation
Incorrect implementation of the domain separator

Mitigation Recommendations

Use EIP-712 structured signatures; domain separator must include chainId + contract address
Each signature must be bound to a unique nonce, marked as consumed immediately after use
For cross-chain deployments, ensure the domain separator differs on each chain (use block.chainid dynamically)
When verifying signatures, check signer == expectedSigner and reject the zero address
Time-limited signatures should include a deadline field and expire automatically

Real-World Cases (Selected)

[M] Signature Collision Will Not Process The Logs Correctly

Source: 2023-11-zetachain-575

Contest: 2023-11-zetachain | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #575

[M] Owners having valid permits might not be able to deposit or redeem assets/shares due to incorrect order of address valid

Source: 2023-09-centrifuge-788

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #788

[H] Error when handling deposit in the `addToPosition` function

Source: 2022-12-tigris-644

Contest: 2022-12-tigris | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #644

[M] Upgraded Q -> 2 from #59 [1710724231052]

Source: 2024-02-uniswap-foundation-421

Contest: 2024-02-uniswap-foundation | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #421 | - Vulnerability Type: signature-replay | - Ecosystem: ethereum

[M] Upgraded Q -> 2 from #169 [1710723624432]

Source: 2024-02-uniswap-foundation-420

Contest: 2024-02-uniswap-foundation | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #420 | - Vulnerability Type: signature-replay | - Ecosystem: ethereum

[M] Upgraded Q -> 2 from #107 [1710723442623]

Source: 2024-02-uniswap-foundation-419

Contest: 2024-02-uniswap-foundation | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #419 | - Vulnerability Type: signature-replay | - Ecosystem: ethereum

[M] Upgraded Q -> 2 from #90 [1710722654362]

Source: 2024-02-uniswap-foundation-418

Contest: 2024-02-uniswap-foundation | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #418 | - Vulnerability Type: signature-replay | - Ecosystem: ethereum

[H] Signatures can be replayed with castVoteWithReasonAndParamsBySig() to cast more votes than the user intended

Source: 2023-12-ethereumcreditguild-1234

Contest: 2023-12-ethereumcreditguild | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #1234

[H] The USDOOptionsModule contract's exercise function allows for dangerous call delegation

Source: 2023-07-tapioca-1682

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #1682 | - Vulnerability Type: signature-replay

[H] lack of failsafe mechanism to replay the failed transaction between source chain and destination chain. This would lead

Source: 2023-09-centrifuge-759

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #759

Statistics

Case Count: 10
Severity: 4 High / 6 Medium
Data Source: Code4rena (code4rena.com)

Flash Loan Attacks

Analysis of 2 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Flash loan attacks exploit the atomicity of borrow-manipulate-repay within a single transaction, allowing protocol state manipulation without any upfront capital.

Common Scenarios:

Combined with oracle manipulation
Combined with reentrancy
Governance attacks (borrowing tokens to vote)

Mitigation Recommendations

Use TWAP instead of spot price for price oracles — cannot be manipulated within a single block
Add nonReentrant to critical state-modifying functions to prevent flash loan + reentrancy combos
Base governance snapshots on historical blocks rather than the current block (getPastVotes from ERC20Votes)
Detect flash loans: large borrow + repay within the same block is a telltale sign — consider per-block operation limits
Avoid relying on instantaneous balances (token.balanceOf(address(this))) for sensitive calculations — use internal accounting instead

Real-World Cases (Selected)

[H] Price calculation susceptible to flashloan attacks

Source: 2024-05-predy-304

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: flash-loan | - Source: Code4rena #304

[H] the `perpetualVaultLP.sol` is vulnable by flashloan attack

Source: 2023-08-dopex-2196

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: flash-loan | - Source: Code4rena #2196

Statistics

Case Count: 2
Severity: 2 High / 0 Medium
Data Source: Code4rena (code4rena.com)

Cross-Chain Bridge Vulnerabilities

Analysis of 3 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Cross-chain bridge vulnerabilities were the largest source of losses in 2022-2023, with multiple nine-figure attacks originating from the bridging layer.

Common Scenarios:

Insufficient message validation (missing Merkle proof verification)
Signature verification bypass
Cross-chain message replay

Mitigation Recommendations

Cross-chain messages must include full Merkle proof verification — signature count alone is insufficient
The validator set must come from a trusted source to prevent forgery
Implement withdrawal cooldown periods (24-72h) + daily withdrawal limits to reduce post-exploit losses
Ensure sufficient multi-sig validator count (≥⅔ honest assumption) to avoid minority validator control
Conduct dedicated audits of cross-chain message formats and validation logic regularly

Real-World Cases (Selected)

[M] Internal _burn() function is not exposed externally in the Vultisig.sol contract

Source: 2024-06-vultisig-222

Contest: 2024-06-vultisig | - Severity: 🟡 Medium | - Type: bridge-vuln | - Source: Code4rena #222 | Root cause: | Impact:

[H] BranchBridgeAgent invokes anyCall with PAY ON SOURCE but doesn't send value with it. All calls will fail.

Source: 2023-05-maia-860

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: bridge-vuln | - Source: Code4rena #860

[M] There is no concept of a requestDeposit, requestRedeem receipt made on the source chain, resulting in no recovery proces

Source: 2023-09-centrifuge-794

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: bridge-vuln | - Source: Code4rena #794

Statistics

Case Count: 3
Severity: 1 High / 2 Medium
Data Source: Code4rena (code4rena.com)

Other Smart Contract Vulnerabilities

149 uncategorized vulnerability cases from Code4rena

[H] ManagedWallet.sol will receive eth but funds will be locked forever (2024-01-salty-1018)
[M] Upgraded Q -> 2 from #418 [1709115575632] (2024-01-salty-1066)
[M] Upgraded Q -> 2 from #878 [1709061114430] (2024-01-salty-1062)
[H] UniStaker.sol : lastCheckpointTime update is done at incorrect place. this will avert the reward accumulation to users (2024-02-uniswap-foundation-386)
[H] Admin can set setFeeProtocol to zero by front-running claimFees (2024-02-uniswap-foundation-352)
[M] Upgraded Q -> 2 from #404 [1709855086604] (2024-02-uniswap-foundation-408)
[M] Missing zero value will not update rewardPerTokenAccumulatedCheckpoint (2024-02-uniswap-foundation-405)
[M] Dangerous use of deadline parameter in AutoCompound.sol (2024-03-revert-lend-515)
**[M] Borrowers can stop liquidations by front running them with miniscule repays ** (2024-03-revert-lend-500)
[H] First depositor to call CollateralTracker.deposit function will lose his funds, since previewDeposit will return zer (2024-04-panoptic-558)
[M] Missing Input Validation (2024-04-panoptic-580)
[M] Missing initializer in SemiFungiblePositionManager::initializeAMMPool (2024-04-panoptic-575)
[M] Incorrect ERC20 Function Interface Definitions. (2024-04-panoptic-570)
Smart Contract Security: Audit Landscape (audit-landscape-overview)
[M] Upgraded Q -> 2 from #252 [1719594295360] (2024-05-predy-307)
[M] Unset deadline allows for malicious swap executions. (2024-05-predy-298)
[H] Position owner may not receive accumulated LP fees when they claim liquidity (2024-06-vultisig-219)
[H] The fees for the FEE_TAKER are not calculated correctly in the [ILOPool.claim](https://github.com/code-423n4/2024-06-v (2024-06-vultisig-216)
**[H] ILOPool::claim : The amount transfered to the feeTaker is incorrect, which causes the claim function to revert ** (2024-06-vultisig-215)

[M] Upgraded Q -> 2 from #169 [1710723624432]

Source: 2024-02-uniswap-foundation-420

Contest: 2024-02-uniswap-foundation | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #420 | - Vulnerability Type: signature-replay | - Ecosystem: ethereum

[M] Upgraded Q -> 2 from #107 [1710723442623]

Source: 2024-02-uniswap-foundation-419

Contest: 2024-02-uniswap-foundation | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #419 | - Vulnerability Type: signature-replay | - Ecosystem: ethereum

[M] Upgraded Q -> 2 from #90 [1710722654362]

Source: 2024-02-uniswap-foundation-418

Contest: 2024-02-uniswap-foundation | - Severity: 🟡 Medium | - Type: signature-replay | - Source: Code4rena #418 | - Vulnerability Type: signature-replay | - Ecosystem: ethereum

[H] Signatures can be replayed with castVoteWithReasonAndParamsBySig() to cast more votes than the user intended

Source: 2023-12-ethereumcreditguild-1234

Contest: 2023-12-ethereumcreditguild | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #1234

[H] The USDOOptionsModule contract's exercise function allows for dangerous call delegation

Source: 2023-07-tapioca-1682

Contest: 2023-07-tapioca | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #1682 | - Vulnerability Type: signature-replay

[H] lack of failsafe mechanism to replay the failed transaction between source chain and destination chain. This would lead

Source: 2023-09-centrifuge-759

Contest: 2023-09-centrifuge | - Severity: 🔴 High | - Type: signature-replay | - Source: Code4rena #759

Statistics

Case Count: 10
Severity: 4 High / 6 Medium
Data Source: Code4rena (code4rena.com)

Flash Loan Attacks

Analysis of 2 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Flash loan attacks exploit the atomicity of borrow-manipulate-repay within a single transaction, allowing protocol state manipulation without any upfront capital.

Common Scenarios:

Combined with oracle manipulation
Combined with reentrancy
Governance attacks (borrowing tokens to vote)

Mitigation Recommendations

Use TWAP instead of spot price for price oracles — cannot be manipulated within a single block
Add nonReentrant to critical state-modifying functions to prevent flash loan + reentrancy combos
Base governance snapshots on historical blocks rather than the current block (getPastVotes from ERC20Votes)
Detect flash loans: large borrow + repay within the same block is a telltale sign — consider per-block operation limits
Avoid relying on instantaneous balances (token.balanceOf(address(this))) for sensitive calculations — use internal accounting instead

Real-World Cases (Selected)

[H] Price calculation susceptible to flashloan attacks

Source: 2024-05-predy-304

Contest: 2024-05-predy | - Severity: 🔴 High | - Type: flash-loan | - Source: Code4rena #304

[H] the `perpetualVaultLP.sol` is vulnable by flashloan attack

Source: 2023-08-dopex-2196

Contest: 2023-08-dopex | - Severity: 🔴 High | - Type: flash-loan | - Source: Code4rena #2196

Statistics

Case Count: 2
Severity: 2 High / 0 Medium
Data Source: Code4rena (code4rena.com)

Cross-Chain Bridge Vulnerabilities

Analysis of 3 real-world cases from Code4rena audit contests (2022-2024)

Vulnerability Overview

Cross-chain bridge vulnerabilities were the largest source of losses in 2022-2023, with multiple nine-figure attacks originating from the bridging layer.

Common Scenarios:

Insufficient message validation (missing Merkle proof verification)
Signature verification bypass
Cross-chain message replay

Mitigation Recommendations

Cross-chain messages must include full Merkle proof verification — signature count alone is insufficient
The validator set must come from a trusted source to prevent forgery
Implement withdrawal cooldown periods (24-72h) + daily withdrawal limits to reduce post-exploit losses
Ensure sufficient multi-sig validator count (≥⅔ honest assumption) to avoid minority validator control
Conduct dedicated audits of cross-chain message formats and validation logic regularly

Real-World Cases (Selected)

[M] Internal _burn() function is not exposed externally in the Vultisig.sol contract

Source: 2024-06-vultisig-222

Contest: 2024-06-vultisig | - Severity: 🟡 Medium | - Type: bridge-vuln | - Source: Code4rena #222 | Root cause: | Impact:

[H] BranchBridgeAgent invokes anyCall with PAY ON SOURCE but doesn't send value with it. All calls will fail.

Source: 2023-05-maia-860

Contest: 2023-05-maia | - Severity: 🔴 High | - Type: bridge-vuln | - Source: Code4rena #860

[M] There is no concept of a requestDeposit, requestRedeem receipt made on the source chain, resulting in no recovery proces

Source: 2023-09-centrifuge-794

Contest: 2023-09-centrifuge | - Severity: 🟡 Medium | - Type: bridge-vuln | - Source: Code4rena #794

Statistics

Case Count: 3
Severity: 1 High / 2 Medium
Data Source: Code4rena (code4rena.com)

Other Smart Contract Vulnerabilities

149 uncategorized vulnerability cases from Code4rena

[H] ManagedWallet.sol will receive eth but funds will be locked forever (2024-01-salty-1018)
[M] Upgraded Q -> 2 from #418 [1709115575632] (2024-01-salty-1066)
[M] Upgraded Q -> 2 from #878 [1709061114430] (2024-01-salty-1062)
[H] UniStaker.sol : lastCheckpointTime update is done at incorrect place. this will avert the reward accumulation to users (2024-02-uniswap-foundation-386)
[H] Admin can set setFeeProtocol to zero by front-running claimFees (2024-02-uniswap-foundation-352)
[M] Upgraded Q -> 2 from #404 [1709855086604] (2024-02-uniswap-foundation-408)
[M] Missing zero value will not update rewardPerTokenAccumulatedCheckpoint (2024-02-uniswap-foundation-405)
[M] Dangerous use of deadline parameter in AutoCompound.sol (2024-03-revert-lend-515)
**[M] Borrowers can stop liquidations by front running them with miniscule repays ** (2024-03-revert-lend-500)
[H] First depositor to call CollateralTracker.deposit function will lose his funds, since previewDeposit will return zer (2024-04-panoptic-558)
[M] Missing Input Validation (2024-04-panoptic-580)
[M] Missing initializer in SemiFungiblePositionManager::initializeAMMPool (2024-04-panoptic-575)
[M] Incorrect ERC20 Function Interface Definitions. (2024-04-panoptic-570)
Smart Contract Security: Audit Landscape (audit-landscape-overview)
[M] Upgraded Q -> 2 from #252 [1719594295360] (2024-05-predy-307)
[M] Unset deadline allows for malicious swap executions. (2024-05-predy-298)
[H] Position owner may not receive accumulated LP fees when they claim liquidity (2024-06-vultisig-219)
[H] The fees for the FEE_TAKER are not calculated correctly in the [ILOPool.claim](https://github.com/code-423n4/2024-06-v (2024-06-vultisig-216)
**[H] ILOPool::claim : The amount transfered to the feeTaker is incorrect, which causes the claim function to revert ** (2024-06-vultisig-215)
[M] M-1 There is no external function burn() in the VULT contract (2024-06-vultisig-223)

Logic Error Vulnerabilities

Logic Error Vulnerabilities

Vulnerability Overview

Mitigation Recommendations

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #913 [1708535839185]

[H] Malicious user can atomically take up to 1% of rewards for all newly whitelisted pools, by using DUST LP

[M] Upgraded Q -> 2 from #765 [1706657343488]

[M] Upgraded Q -> M from #400 [1670236078897]

[H] Adversaries can create a new pair with the same uniswapPool as exising pair and disrupt reallocation process

[H] feeTaker can receive more than actual fees when claim(...) is called

[H] Missing Validations in the Tx-Tracker Can Drain The Protocol

[M] Incorrect parameter for allowedBorrow when repaying

[M] Likelihood of becoming zero numbers for the numbers of the winning ticket

[M] Upgraded Q -> M from #236 [1669938261828]

[H] Reactivated gauges can't queue up rewards

[M] Burn logic issue due to lack of checking parameter 0 in burnWithReserve function

Statistics

Integer Overflow Vulnerabilities

Integer Overflow Vulnerabilities

Vulnerability Overview

Mitigation Recommendations

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #957 [1708275316654]

[H] Lack of overflow protection / low precision can allow attacker to steal SALT rewards

[H] ILOPool::claim incorrectly re-adds fees to the caller's rewards, which can cause users to receive rewards owed to othe

[H] All rewards are lost with moderate amount of GUILD tokens voted for a gauge

[M] Upgraded Q -> M from #658 [1674423108320]

[M] Precision Loss Due to Division Before Multiplication.

[H] totalWethDelegated does not decrease in withdraw can cause DOS

[H] Token decimals may be above 18 leading to underflow issues

[H] integer overflow or underflow

[M] Loss of Funds when user wants to repay debt and underflow in _repay () function

Statistics

Oracle Manipulation Vulnerabilities

Oracle Manipulation Vulnerabilities

Vulnerability Overview

Mitigation Recommendations

Real-World Cases (Selected)

[H] Incorrect price precision in RdpxV2Core

Logic Error Vulnerabilities

Logic Error Vulnerabilities

Vulnerability Overview

Mitigation Recommendations

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #913 [1708535839185]

[H] Malicious user can atomically take up to 1% of rewards for all newly whitelisted pools, by using DUST LP

[M] Upgraded Q -> 2 from #765 [1706657343488]

[M] Upgraded Q -> M from #400 [1670236078897]

[H] Adversaries can create a new pair with the same uniswapPool as exising pair and disrupt reallocation process

[H] feeTaker can receive more than actual fees when claim(...) is called

[H] Missing Validations in the Tx-Tracker Can Drain The Protocol

[M] Incorrect parameter for allowedBorrow when repaying

[M] Likelihood of becoming zero numbers for the numbers of the winning ticket

[M] Upgraded Q -> M from #236 [1669938261828]

[H] Reactivated gauges can't queue up rewards

[M] Burn logic issue due to lack of checking parameter 0 in burnWithReserve function

Statistics

Integer Overflow Vulnerabilities

Integer Overflow Vulnerabilities

Vulnerability Overview

Mitigation Recommendations

Real-World Cases (Selected)

[H] Upgraded Q -> 2 from #957 [1708275316654]

[H] Lack of overflow protection / low precision can allow attacker to steal SALT rewards

[H] ILOPool::claim incorrectly re-adds fees to the caller's rewards, which can cause users to receive rewards owed to othe

[H] All rewards are lost with moderate amount of GUILD tokens voted for a gauge

[M] Upgraded Q -> M from #658 [1674423108320]

[M] Precision Loss Due to Division Before Multiplication.

[H] totalWethDelegated does not decrease in withdraw can cause DOS

[H] Token decimals may be above 18 leading to underflow issues

[H] integer overflow or underflow

[M] Loss of Funds when user wants to repay debt and underflow in _repay () function

Statistics

Oracle Manipulation Vulnerabilities

Oracle Manipulation Vulnerabilities

Vulnerability Overview

Mitigation Recommendations

Real-World Cases (Selected)

[H] Incorrect price precision in RdpxV2Core

[H] `feeTaker` can receive more than actual fees when `claim(...)` is called

[H] `ILOPool::claim` incorrectly re-adds fees to the caller's rewards, which can cause users to receive rewards owed to othe

[H] `feeTaker` can receive more than actual fees when `claim(...)` is called

[H] `ILOPool::claim` incorrectly re-adds fees to the caller's rewards, which can cause users to receive rewards owed to othe

[H] If 2 tokens have different decimals, price returned from `_getReferencePoolPriceX96()` can be wrong

[H] `AutoCompound::execute` function that can allow an attacker to steal funds from the contract

[H] Use of `slot0` to get `sqrtPriceLimitX96` can lead to price manipulation.

[H] Use of `slot0()` to fetch prices can lead to price manipulation

[M] Oracle.sol uses deprecated Chainlink API `latestAnswer()`

[H] No access control `INVEscrow.onDeposit()` --> infinite balance xINV.

[H] `AutoExit::execute()` function allows an attacker to drain the liquidity of a Uniswap v3 pool by repeatedly calling the

[H] If 2 tokens have different decimals, price returned from `_getReferencePoolPriceX96()` can be wrong

[H] `AutoCompound::execute` function that can allow an attacker to steal funds from the contract

[H] Use of `slot0` to get `sqrtPriceLimitX96` can lead to price manipulation.

[H] Use of `slot0()` to fetch prices can lead to price manipulation

[M] Oracle.sol uses deprecated Chainlink API `latestAnswer()`

[H] No access control `INVEscrow.onDeposit()` --> infinite balance xINV.

[H] `AutoExit::execute()` function allows an attacker to drain the liquidity of a Uniswap v3 pool by repeatedly calling the