Skip to content

sirhashalot/SCV-List

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
 
 
 
 
 
 
 
 

Repository files navigation

SCV-List

This list highlights the accomplishments and disclosed vulnerabilities of the top white hat security experts in DeFi.

This list is part HackerOne leaderboard and part CVE database. Contributions are welcome and it would be amazing if the crypto community could crowdsource a CVE-like database. My arbitrary rules to include a vulnerability in this list (until I am convinced otherwise) is that the vulnerability must be discovered on mainnet (meaning most audit findings are excluded) and it must not have resulted in intentional loss of user funds (meaning most rekt.news hacks are excluded).

So far, the sources of this list include postmortems from:

Additional submissions to fill in gaps are welcome.

What about common code weaknesses?

This list only includes actual vulnerabilities. There are CWE-like lists that exist to capture common weaknesses in code, including these lists:

What about hacks that cause protocols to get rekt?

This list does not include black hat hacks which involved user loss of funds, even if the funds are returned. There are other lists for that, including these lists:

What about Layer 1 blockchain vulns

This list is focused on smart contract vulnerabilities. Some layer 1 vulnerabilities may be included below, but there are separate lists for this topic

Contributions

Contributions are very welcome. This list is guaranteed to be incomplete.

This markdown table format is weird...

Yes, it renders weird on github, but you can view the markdown in your own local markdown editor instead of github. Or you can search for a web-based markdown-to-csv converter and copy the data to a spreadsheet.

Smart Contract Vulnerabilities Table

Date Protocol Name Blockchain Vulnerability Description Writeup Link Additional Links Total Value at Risk Whitehat Bounty Award Vulnerability ID
08/22/23 Balancer ETH https://twitter.com/Balancer/status/1694014645378724280
07/28/23 Uniswap ETH Flaw in order settlement logic. If a user has an order on another protocol with the same ask token as in UniswapX, filler can abuse this and not send the entire requested amounts. https://kebabsec.xyz/posts/critical_vulnerability_in_uniswapx shung $200,000
06/28/23 DX.app BNB Decompiling an unverified contract with high TVL revealed that unlockToken can be called unlimited times. Calling unlockToken 100 times returns 100x the deposited tokens. https://blog.decurity.io/dx-protocol-vulnerability-disclosure-bddff88aeb1d $5,200,000.00 decurity $500
04/28/23 Yield Protocol ETH Pool balanceOf can be inflated with a donation attack. The donation can happen together with burning pool shares to inflate the number of pool shares received during minting https://medium.com/immunefi/yield-protocol-logic-error-bugfix-review-7b86741e6f50 $950,000.00 PaludoX0 $95,000
04/28/23 DFX Finance MATIC Rounding error could lead to user receiving LP tokens without depositing any tokens. EURS decimals value of 2 make it faster to extract value from this rounding error compared to a token with 6 or 18 decimals. https://medium.com/immunefi/dfx-finance-rounding-error-bugfix-review-17ba5ffb4114 $237,143.00 perseverance $100,000
04/27/23 Silo ETH A silo without any deposits could be manipulated with a donation attack to reach very high interest rate values. The fast increase in collateral value from interest accumulation can be borrowed against, allowing a user to withdraw large sums from the protocol. https://medium.com/silo-protocol/vulnerability-disclosure-2023-06-06-c1dfd4c4dbb8 https://twitter.com/kankodu/status/1669833829203476480 kankodu $100,000
04/04/23 Yearn Finance ETH Strategy loss calculation in prepareReturn is incorrect, but would not directly result in loss of funds https://github.com/yearn/yearn-security/blob/master/disclosures/2023-04-04.md 0xadrii
03/28/23 Enzyme Finance ETH Missing access check in the GasRelayerPaymasterLib contract https://medium.com/immunefi/enzyme-finance-missing-privilege-check-bugfix-review-ddb5e87b8058 https://twitter.com/enzymefinance/status/1643893025532178432 rootrescue $400,000
03/18/23 Alchemist ETH Missing access control modifier combined with incorrect logic handling in the case of nonexistent mapping value can be combined to brick the rewards accumulation in the protocol https://dacian.me/28k-bounty-admin-brick-forced-revert DevDacian $28,000
02/24/23 Tranchess ETH Malicious node operator could frontrun a deposit transaction with the credentials replaced to steal value that should be withdrawn to users of the liquid staking protocol. Same as Lido and Rocketpool bounty from 2021 https://www.kalos.xyz/blog/tranchess-liquid-staking-deposit-firstrun-vulnerability-analysis https://tranchess.medium.com/recap-deposit-front-run-vulnerability-mitigation-cfc66ef8c50d Jade Han $75,000
02/19/23 Tron ETH Tron multisig wallet design allowed a single user in the multisig to provide multiple valid signatures, allowing a single user to override the security of a multisig and submit any transactions without needing other signers. This was because there was no check for duplicate signatures from a single signer. https://0d.dwalletlabs.com/game-of-tron-critical-0-day-in-tron-multi-signature-wallets-2c3e90668dc0 dWallet Labs
02/13/23 LayerZero Customized relayed could send cross-chain messages for free https://medium.com/@blockian/blackboxing-layerzero-labs-off-chain-relayer-954aecab0f62 _blockian $25,000
02/10/23 NEAR https://hackenproof.com/blog/for-hackers/near-rewards-1-8-million-to-ethical-hackers-at-hackenproof $1,800,000
01/22/23 Balancer ETH Duplicate claims could be accepted by the merkle tree logic, which would allow draining of assets https://mirror.xyz/0x2719F6Dfb85086F87319079cC2f7EeFD0e40994D/NWDf5uW1Ve7-TrcPKwmM86xp8ploMSCRGC58A-NSoFY https://twitter.com/Balancer/status/1620503172702953475, https://medium.com/immunefi/balancer-logic-error-bugfix-review-74f5edca8b1a 0xriptide $75,000.00
12/29/22 Fluidity ETH A specific sequence of reward function calls would cause a revert, preventing the protocol from sending rewards to users https://www.trust-security.xyz/post/breaking-fluidity-for-glory-and-50k trust_90 $50,000.00
12/16/22 Gnosis Safe ETH Returned array of module addresses did not include the next address, resulting in a potential misunderstanding by the user https://docs.gnosis-safe.io/learn/security/bug-bounty-program#the-function-getmoduledpaginated-does-not-return-all-modules RenanSouza2 $2,000.00
12/14/22 Thena BSC Rewards claiming reverts in certain cases due to an incorrect logic check related to the expiration of the veNFT token https://zzykxx.com/2023/02/02/the-bug-that-codearena-missed-,-twice/ zzykxx $20,000.00
11/29/22 Uniswap ETH Reentrancy vulnerability in new UniversalRouter could allow an ERC721 callback to sweep funds sitting in the router from a previous unfinished transaction https://media.dedaub.com/uniswap-bug-bounty-1625d8ff04ae https://www.nomoi.xyz/blog/uniswap-vulnerability-disclosure Dedaub $40,000.00
11/15/22 Beanstalk ETH Any EOA that approved the Beanstalk proxy could have the approved assets transferred out of their EOA due to bad transferFrom logic https://medium.com/immunefi/beanstalk-logic-error-bugfix-review-4fea17478716 $181,850.00
11/02/22 Oasis DAO ETH A specific call flow allows for delegatecall to call selfdestruct which would shut down the Oasis Earn platform https://www.trustindistrust.com/post/taking-home-a-20k-bounty-with-oasis-platform-shutdown-vulnerability trust_90 $20,000.00
11/01/22 Curve ETH Bribes were allocated based on a user's locked amount of CRV rather than allocating based on their veCRV balance. VeCRV balance decays over time but locked CRV does not. https://github.com/yearn/yearn-security/blob/master/disclosures/2022-11-01.md Yearn
10/21/22 Curve ETH Missing access control allowed anyone to set the fee receiver of pools paired with the base pool https://github.com/curvefi/security-incident-reports/blob/main/disclosures/pool_owner_proxy_bug.md $60,000.00
10/18/22 Mai Finance ETH Same get_virtual_price read-only reentrancy vulnerability that ChainSecurity discovered, but this time found in QiDao’s vault integration with Curve. Price manipulation would allow theft of funds and leave the protocol with bad debt https://ambergroup.medium.com/mai-finances-oracle-manipulation-vulnerability-explained-55e4b5cc2b82 Amber Group
10/14/22 Bunni ETH The first deposit into a new pool can be frontrun by 1. depositing 1 wei into the protocol 2. depositing into the underlying pool in Uniswap and sending LP tokens directly to the protocol. This results in the protocol not providing the second depositer with any shares, and the first depositor can withdraw the first two deposits with the shares they own. https://www.rileyholterhus.com/writing/bunni rileyholterhus
09/30/23 Q Blockchain Double voting with the same tokens is possible. One vote can happen when the tokens are delegated, the other vote happens when the tokens are about to be unlocked https://medium.com/@blockian/striking-gold-at-30-000-feet-uncovering-a-critical-vulnerability-in-q-blockchain-for-50-000-ab335042147b _blockian $50,000.00
09/26/22 OpenSea ETH https://twitter.com/hacker_/status/1574518042737790976 hacker_ $100,050.00
09/25/22 88mph ETH Deposits could be withdrawn before the maturity date because the deposit process did not update the rewardPerToken variable, allowing theft of yield https://medium.com/immunefi/88mph-theft-of-unclaimed-mph-rewards-bugfix-review-1dec98b9956b 0xSzeth $21,000.00
09/21/22 Mt Pelerin ETH Function did not check if input array contained duplicate values. This allowed a user to submit an array of duplicate actions and the action would be performed multiple times because there were insufficient checks. https://medium.com/immunefi/mt-pelerin-double-transaction-bugfix-review-503838db3d70 $10,000.00
09/20/22 Arbitrum Nitro ETH Uninitialized proxy. The proxy was initialized, but the values were wiped and sequencerInbox was never rewritten. Initialize could be called to set key bridge variables and steal bridge funds. https://medium.com/@0xriptide/hackers-in-arbitrums-inbox-ca23272641a2 0xriptide $560,000.00
09/17/22 Liquity ETH Tellor fallback oracle used in an unsafe way https://www.liquity.org/blog/tellor-issue-and-fix 0xpaco
09/09/22 Solidly V1 ETH Several vulnerabilities exist in Solidly V1 and Solidex. Denial of service is possible in multiple ways and other attacks that can remove value from the protocol are also described. https://medium.com/@seraph333/security-disclosures-and-recent-attacks-on-solidly-v1-ab7dc47558c5
09/08/22 Abracadabra AVAX The Native Asset precompile contract on Avalanche C-Chain allows delegatecall-like ability to pass original msg.sender in a call to another contract. This could be used to bypass a blacklist check that prevents calls from certain contracts. https://mirror.xyz/0x5744b051845B62D6f5B6Db095cc428bCbBBAc6F9/zRO5HegkDEHG1NEnM3h-am79Pf5RlERhHNsiI1CiFts https://medium.com/avalancheavax/apricot-phase-6-native-asset-call-deprecation-a7b7a77b850a $3,000,000.00 Statemind
09/08/22 OpenSea ETH Due to using the quotient of a division operation instead of the remainder, a memory overwrite vulnerability in a loop could overwrite a word at the end of an array https://blocksecteam.medium.com/a-new-memory-overwrite-vulnerability-discovered-in-wyvern-protocol-5285996c297d Blocksec
09/06/22 Yearn Finance ETH Yearn Vaults on ETH POW forks that use the same chainId and a DOMAIN_SEPARATOR value that is calculated at contract deployment are vulnerable to replay attacks. https://github.com/yearn/yearn-security/blob/master/disclosures/2022-09-06.md
09/03/22 Notional ETH https://twitter.com/NotionalFinance/status/1566089211068948480 $1,500,000.00 $150,000.00
08/24/22 Across Bridge double spend was possible due to off-chain relayer bug https://iosiro.com/blog/high-risk-bug-disclosure-across-bridge-double-spend Jason Matthyser $90,000.00
08/14/22 Moonwell Moonbeam Depegged assets were still valued at $1 by the protocol, which could have caused the protocol to accrue large amounts of bad debt. https://medium.com/risk-dao/the-risk-of-secondary-markets-for-depegged-collateral-tokens-moonwell-bug-disclosure-2021181f50bc Risk DAO $10,000.00
08/13/22 Talent Protocol MATIC Public function without access controls set the protocol token address, enabling a rogue ERC20 contract to freeze contract funds https://mirror.xyz/0xCf39521413F8De389771e35bB4C77b4bb827b7B3/HdSq7TVvk-s7DzQgN3u0pV8UFiVkaDft18HgmePTag4 $465,000.00 kebabsec
08/05/22 Yield Protocol Arbitrum Code was copied from a similar function resulting in an incorrectly implemented function. The fix during the post-audit remediation did not correctly consider the contract inheritance and allowed for contract funds to be drained https://medium.com/yield-protocol/post-mortem-of-incident-on-august-5th-2022-7bb70dbb9ada $206,000.00
07/25/22 Velas chain Velas Similar to pwning.eth Moonbeam and Aurora bugs, combines delegatecall with precompiled contracts on different blockchains that didn’t consider this edge case https://mirror.xyz/orenyomtov.eth/RbV_WYYTPCAObp3VsNlkgx6iQBElwulGQf586lVK7dE orenyomtov.eth $100,000.00
07/14/22 Sherlock ETH Cross-protocol reentrancy. 1inch swap callback enables reentrancy to modify exchange rate on Euler which changes the redemption amount from staking with Sherlock. https://mirror.xyz/0xE400820f3D60d77a3EC8018d44366ed0d334f93C/LOZF1YBcH1eBdxlC6HP223cAMeTpNgQ-Kc4EjQuxmGA GothicShanon89238 $250,000.00
07/07/22 Yield Protocol ETH Deprecated strategy roll-over process had a security issue but no value at risk https://twitter.com/yield/status/1545119888309567489 $0.00 $10,000.00
07/01/22 Interlay DOT interBTC bridge had two bugs that could 1. force liquidation of vaults 2. insecure address extraction for P2SH addresses allows for address spoofing https://pwning.mirror.xyz/jlT8OgtwN3mQf3KdYmXdcSXbE4s95JzT3eR3wxiLmpw https://medium.com/interlay/kintsugi-released-urgent-security-patches-aebf969ee087 pwning.eth $200,000.00
06/28/22 Moonbeam DOT Improper truncation during type conversation leads to different interpretations of a single value https://pwning.mirror.xyz/RFNTSouIIlHVNmTNDThUVb1obIeN5c1LAiQuN9Ve-ok https://moonbeam.network/blog/security-patch-for-integer-truncation-bug/ pwning.eth $1,000,000.00 CVE-2022-31111
06/16/22 Aurora NEAR A serialized payload could be crafted that would deserialize to a valid transaction. This allowed spoofing of Aurora token burns and the withdrawal of funds from the bridge. https://medium.com/immunefi/aurora-withdrawal-logic-error-bugfix-review-c5b4e30a9160 $62,935,870.00 Anon $1,000,000.00
06/10/22 Aurora NEAR Improper input sanitization allowed arbitrary inputs for the args value, which is fully controlled by user input. This value sets a recipient and fee, which used bad logic to handle these values and can result in draining of funds in a non-zero fee case. https://medium.com/immunefi/aurora-improper-input-sanitization-bugfix-review-a9376dac046f Anon $1,000,000.00
05/27/22 Moonbeam DOT A 2-part vulnerability. Precompiled contracts did not differentiate between call and delegatecall. This allowed for a malicious contract to be created to drain funds on incoming callers and the contract address could be provided to specific smart contracts that made calls to a user provided address (lack of user input validation) https://medium.com/immunefi/moonbeam-missing-call-check-bugfix-review-6279d609bdc5 https://pwning.mirror.xyz/okyEG4lahAuR81IMabYL5aUdvAsZ8cRCbYBXh8RHFuE $100,000,000.00 pwning.eth $1,050,000.00
05/27/22 Reality.eth ETH A honeypot containing 20k was vulnerable because a proposal will pass if it is not vetoed within 24 hours by the multisig https://hackmd.io/g0txop3tTfGxcNKxn4z4Jg isaacpatka $20,000.00
05/23/22 Agave ETH Uninitialized proxy, duplicate of Aave V2 uninitialized proxy because of forked code https://medium.com/@hacxyk/forked-protocols-are-not-battle-tested-agave-uninitialized-proxy-vulnerability-6b5d587b3a07 Hacxyk $25,000.00
05/15/22 Balancer ETH Double entry point tokens (e.g., SNX and sBTC) can cause a DoS condition, caused by the pool thinking it has more tokens than it actually does https://forum.balancer.fi/t/medium-severity-bug-found/3161 https://medium.com/immunefi/balancer-dos-bugfix-review-8a8ba5d971bf shw9453, gpersoon, k_besic $50,000.00
05/02/22 Sturdy ETH Weak fallback oracle in lending pool uses pool spot price, which can be manipulated to profit from price manipulation https://medium.com/@nnez/0-0-a-misconfiguration-leading-to-missing-funds-51d4b9e5f96a $3,000,000.00 nnez $100,000.00
05/02/22 Synthetix ETH A logic bug where the wrong amount variable was used. An amount variable that did not consider current debt was used, which is a larger value than the actual amount when non-zero debt exists https://medium.com/immunefi/synthetix-logic-error-bugfix-review-40da0ead5f4f thunderdeep14 $150,000.00
04/26/22 Aurora NEAR Infinite spend in bridge between ETH and NEAR blockchains https://medium.com/immunefi/aurora-infinite-spend-bugfix-review-6m-payout-e635d24273d https://aurora.dev/blog/aurora-mitigates-its-inflation-vulnerability, https://pwning.mirror.xyz/CB4XUkbJVwPo7CaRwRmCApaP2DMjPQccW-NOcCwQlAs $200,000,000.00 pwning.eth $6,000,000
04/23/22 Strips Finance Arbitrum Poorly configuration liquidation configuration allowed for manipulating the rate (the equivalent of spot price manipulation for this perpetual) to create an arbitrage opportunity with the protocol’s perpetuals https://medium.com/amber-group/strips-finances-price-manipulation-vulnerability-explained-f912734a8a2 $3,500,000.00 Amber Group $30,000
04/22/22 Sense Finance ETH Missing access controls. A function that set oracle data values could be called by anyone. https://medium.com/immunefi/sense-finance-access-control-issue-bugfix-review-32e0c806b1a0 https://medium.com/sensefinance/disclosure-fixing-a-critical-bug-in-the-sense-space-oracle-42a0bed65bc2 Violet Vienhage $50,000
04/14/22 Curve ETH Read-only reentrancy can manipulate the get_virtual_price view function return value. Other protocols were trusting this view function blindly as a price feed even though it could be manipulated by a factor of 2 or greater. https://chainsecurity.com/curve-lp-oracle-manipulation-post-mortem/ https://forum.makerdao.com/t/curve-lp-token-oracle-manipulation-vulnerability-technical-postmortem/18009, https://chainsecurity.com/heartbreaks-curve-lp-oracles/
04/13/22 Solidly V1 FTM Depositing or withdrawing frequently from a gauge increases the rewards received, so all rewards can be drained with spam deposits and withdrawal actions for small amounts belbix/solidly#1 belbix
04/07/22 Aave ETH Aave fallback oracle had no access controls on the setPrice function, allowing an arbitrary price to be set if the fallback oracle was ever used. Production fallback oracle contract is identical to the mock PriceOracle code and may have been an accidental deployment. https://medium.com/@hacxyk/aave-v3s-price-oracle-manipulation-vulnerability-168e44e9e374 $2,900,000,000.00 Hacxyk $50,000.00
04/06/22 Rari Capital ETH Uniswap V3 oracle manipulation was possible because a pool with only $1k liquidity was used https://medium.com/@hacxyk/we-rescued-4m-from-rari-capital-but-was-it-worth-it-39366d4d1812 $4,000,000.00 Hacxyk $10,000.00
04/06/22 ENS ETH ENS did not properly filter spoofed domains with 1. homograph characters 2. uppercase letters 3. period in them https://medium.com/@hacxyk/how-we-spoofed-ens-domains-52acea2079f6 Hacxyk $15,000.00
04/06/22 ENS ETH Null characters are silently discarded, so strings with null characters look identical to strings without null characters https://twitter.com/ENS_DAO/status/1516220205168754688?cxt=HHwWgIDUpcmP2YoqAAAA https://twitter.com/lcfr_eth/status/1516255494071062528 lcfr_eth $45,000.00
03/29/22 Port Finance SOL Logic error made it possible to create undercollateralized positions and steal value from the protocol https://medium.com/immunefi/port-finance-logic-error-bugfix-review-29767aced446 $25,000,000.00 nojob $630,000.00
03/25/22 Gearbox ETH Data is parsed differently by Uniswap and Gearbox, enabling parser confusion https://medium.com/@nnez/different-parsers-different-results-acecf84dfb0c https://github.com/Gearbox-protocol/security/blob/main/disclosures/2022-03-25%20-%20uniswapV3.md $10,000,000.00 nnez $150,000.00
03/21/22 ENS ETH Premium price for all ENS domains set to zero https://discuss.ens.domains/t/postmortem-ep9-deployment/11662 nicksdjohnson
03/21/22 Compound ETH The issue was a combination of TUSD token having two entrypoints controlling the same balances and the sweep function not having any access controls. Sweeping TUSD using the 2nd entrypoint would change the exchange rate which can allow the attacker to profit https://medium.com/chainsecurity/trueusd-compound-vulnerability-bc5b696d29e2 https://blog.openzeppelin.com/compound-tusd-integration-issue-retrospective/ $3,100,000 ChainSecurity
03/04/22 Convex ETH Expired vote-locked CVX could be relocked to a new address after the original lock expired, allowing excess cxvCRV rewards to be claimed https://convexfinance.medium.com/vote-locked-cvx-contract-migration-8546b3d9a38c Popcorn
03/03/22 Rari Capital ETH Cross-asset reentrancy was possible in all fuse pools that did not use upgraded cToken and Comptroller contract implementations. The old code used .call.value to transfer ETH, the new code uses .transfer. https://medium.com/@JackLongarzo/rari-capital-fuse-security-upgrade-report-e5d154c16250 samczsun, hritzdorf, and YSmaragdakis
02/28/22 dYdX ETH Gasless deposit can be abused to purchase gas tokens that can be sold. A maximum cap of 0.5 ETH limited the speed at which this can be abused. https://medium.com/@hacxyk/stealing-gas-from-dydx-0-5-eth-a-day-712c5fdc43a3 Hacxyk $25,000.00
02/24/22 Wormhole ETH Uninitialized proxy https://medium.com/immunefi/wormhole-uninitialized-proxy-bugfix-review-90250c41a43a satya0x $10,000,000.00
02/24/22 Solidex FTM When a transaction is finalized past the voting deadline, the votes become reset to their default state. This results in Solidex's own gauges receiving far too many votes. https://docs.solidexfinance.com/security/disclosures/2022-02-24
02/18/22 OpenSea ETH abi.encodePacked used with variable length inputs without domain separation could lead to hash collisions that result in theft of WETH from user wallets. 1 in 64 listings were vulnerable. https://nft.mirror.xyz/VdF3BYwuzXgLrJglw5xF6CHcQfAVbqeJVtueCr4BUzs Gus (anon) $3,000,000
02/02/22 Optimism ETH Calling selfdestruct creates new tokens out of thin air while destroyed contract retains balance https://optimismpbc.medium.com/disclosure-fixing-a-critical-bug-in-optimisms-geth-fork-a836ebdf7c94 https://www.saurik.com/optimism.html, https://github.com/ethereum-optimism/optimism/blob/master/technical-documents/postmortems/2022-02-02-inflation-vuln.md saurik $2,000,042
02/02/22 Solidly FTM veNFT double counting error https://twitter.com/AndreCronjeTech/status/1488883057654386695?cxt=HHwWjsCyuZTQyakpAAAA $200,000
01/30/22 Yearn Finance ETH, FTM Flashloan price manipulation of Balancer LP pool could lead to strategy buying stablecoin at inflated price https://github.com/yearn/yearn-security/blob/master/disclosures/2022-01-30.md https://twitter.com/bantg/status/1492225113286135809, https://medium.com/immunefi/nexus-mutual-bug-bounty-matching-program-pays-200-000-to-whitehat-4985d752dc46 $15,500,000 Anon $200,000
01/26/22 Ondo Finance ETH Uninitialized logic contract (the proxy contracts were initialized properly) allowed any user to initialize the contract and obtaining the access needed to call the destroy function to selfdestruct the contract. https://iosiro.com/blog/high-risk-vulnerability-disclosed-to-ondo-finance $0 ashiqamien $25,000
01/24/22 ZORA ETH Infinite approval during NFT purchase can be attacked. A NFT bid could be frontrun by increasing NFT price to steal 100% of token held in bidder’s wallet https://zora.mirror.xyz/JeFZXnWb6jfJPon1rruXW-XJcoUVfgeNhu4XTYO3yFM 0x Protocol team $25,000
01/15/22 Polygon MATIC Polygon consensus mechanism could be broken, but a large amount of MATIC would have to be held for an extended period to carry out the attack https://medium.com/immunefi/polygon-consensus-bypass-bugfix-review-7076ce5047fe Niv Yehezkel $75,000
01/11/22 Redacted Cartel ETH Custom ERC20 implementation had an error in transferFrom function that improperly approved funds https://medium.com/immunefi/redacted-cartel-custom-approval-logic-bugfix-review-9b2d039ca2c5 https://twitter.com/redactedcartel/status/1482497480541544455 $3,000,000.00 Tommaso Pifferi $560,000
01/10/22 Multichain Multiple Fallback function in ERC20 tokens allow a phantom permit function to not revert, allowing unauthorized token transfer from accounts that have a non zero approval or allowance https://media.dedaub.com/phantom-functions-and-the-billion-dollar-no-op-c56f062ae49f https://medium.com/multichainorg/action-required-critical-vulnerability-for-six-tokens-6b3cbd22bfc0 $471,000,000 Dedaub $2,000,000
01/07/22 Notional ETH Internal accounting error https://medium.com/immunefi/notional-double-counting-free-collateral-bugfix-review-28b634903934 notional-finance/contracts-v2#92 $26,200,000 0x60511e57 $1,000,000
01/05/22 APWine ETH Incorrect check in delegation allows yield theft https://medium.com/immunefi/apwine-incorrect-check-of-delegations-bugfix-review-7e401a49c04f setuid0 $100,000
12/21/21 Cronos Cronos Theft of transaction fee for current block by receiving a gas refund when no gas was paid https://medium.com/immunefi/cronos-theft-of-transactions-fees-bugfix-postmortem-b33f941b9570 https://github.com/crypto-org-chain/cronos/security/advisories/GHSA-f854-hpxv-cw9r Rewards only, not original assets zb3 $40,000 CVE-2021-43839
12/14/21 Convex ETH Multisig could rugpull funds with majority 2 of 3 parties collaborating https://blog.openzeppelin.com/15-billion-rugpull-vulnerability-in-convex-finance-protocol-uncovered-and-resolved/ $15,000,000,000.00 OpenZeppelin
12/05/21 Polygon MATIC Bad signature check with ecrecover https://medium.com/immunefi/polygon-lack-of-balance-check-bugfix-postmortem-2-2m-bounty-64ec66c24c7d https://blog.polygon.technology/all-you-need-to-know-about-the-recent-network-upgrade/ $18,000,000,000 Leon Spacewalker $2,200,000
11/27/21 dYdX StarkWare L2 Low level call() with arbitrary inputs could be performed by untrusted parties. https://dydx.exchange/blog/deposit-proxy-post-mortem $2,000,000 Anon $500,000
11/17/21 Enzyme Finance ETH Drain funds using flashloan to manipulate contract internal calculations https://medium.com/immunefi/enzyme-finance-price-oracle-manipulation-bug-fix-postmortem-4e1f3d4201b5 $400,000 setuid0 $90,000
10/28/21 Aztec ETH Improper integer casting, improper value constraints for cryptographic operations https://hackmd.io/@aztec-network/disclosure-of-recent-vulnerabilities Xin Gao and Onur Kilic $50,000
10/27/21 Robo Vault ETH Flashloan price manipulation of Uniswap pool https://medium.com/@RoboVault/post-mortem-next-steps-3556820b7470 https://twitter.com/FP_Crypto/status/1453437385405046787 FP_Crypto
10/20/21 Harvest Finance ETH Uninitialized proxy https://medium.com/immunefi/harvest-finance-uninitialized-proxies-bug-fix-postmortem-ea5c0f7af96b $6,400,000 Dedaub $200,000
10/05/21 RocketPool ETH A malicious node can frontrun an ETH deposit to take ETH from the protocol’s ETH deposit. https://medium.com/immunefi/rocketpool-lido-frontrunning-bug-fix-postmortem-e701f26d7971 https://twitter.com/rocket_pool/status/1446300700661583876?s=21 Unclear Dmitri Tsumak $100,000
10/05/21 Lido Finance ETH A malicious node can frontrun an ETH deposit to take ETH from the protocol’s ETH deposit. https://medium.com/immunefi/rocketpool-lido-frontrunning-bug-fix-postmortem-e701f26d7971 Unclear Dmitri Tsumak $100,000
10/05/21 Polygon MATIC Double spend bridge vulnerability https://medium.com/immunefi/polygon-double-spend-bug-fix-postmortem-2m-bounty-5a1db09db7f1 https://gerhard-wagner.medium.com/double-spending-bug-in-polygons-plasma-bridge-2e0954ccadf1 $850,000,000 Gerhard Wegnar $2,000,000
09/02/21 OpenZeppelin ETH Reentrancy vulnerability in OpenZeppelin TimelockController contract https://medium.com/immunefi/openzeppelin-bug-fix-postmortem-66d8c89ed166 https://github.com/OpenZeppelin/openzeppelin-contracts/commit/cec4f2ef57495d8b1742d62846da212515d99dd5#diff-8229f9027848871a1706845a5a84fa3e6591445cfac6e16cfb7d652e91e8d395R307 Unknown zb3 $25,000
08/16/21 SushiSwap ETH Reusing msg.value in a loop allows payment to be reused multiple times https://samczsun.com/two-rights-might-make-a-wrong/ https://hackmd.io/@353yQn6WTImF5o12LQXXfQ/Hy2ZDYFxF, https://blog.trailofbits.com/2021/12/16/detecting-miso-and-opyns-msg-value-reuse-vulnerability-with-slither/, https://twitter.com/josephdelong/status/1431314816698916865 $350,000,000 samczsun $1,000,000
08/15/21 Dexfolio BSC Reentrancy vulnerability that could be exploited with a custom ERC20 contract to double count staked tokens https://medium.com/amber-group/dexfolios-re-entrancy-loophole-explained-3bd3fecc29e2 Lucash-dev and Amber Group $1000
08/14/21 Curve Bribe ETH https://twitter.com/bantg/status/1426629982328180737 $118,000 bantg Unknown
08/13/21 ENS Name Wrapper ETH ERC-1155 callback function reentrancy https://samczsun.com/the-dangers-of-surprising-code/#ens-name-wrapper samczsun
08/10/21 Belt Finance BSC Bypass of internal balance calculation by sending tokens directly to contract https://medium.com/immunefi/belt-finance-logic-error-bug-fix-postmortem-39308a158291 $60,000,000 bobface16 $1,050,000
08/01/21 xDai Stake xDAI Tokens accidentally sent to bridge contract can be stolen https://medium.com/immunefi/xdai-stake-arbitrary-call-method-bug-postmortem-f80a90ac56e3 $4.50 0xadee028d $5,000
07/31/21 Tidal Finance MATIC Uninitialized or unset rewardDebt variable defaults to zero, allowing free unearned reward https://medium.com/immunefi/tidal-finance-logic-error-bug-fix-postmortem-3607d8b7ed1f https://github.com/TidalFinance/tidal-contracts/commit/924e87f1aead70abb17760c839b53ba40d80bf2c#diff-46a924754f71a2f8be88d0f20295f40653c881426d64b90e8bdd4f4bed303368 Unclear Csanuragjain $25,000
07/30/21 Teller ETH Uninitialized proxy https://medium.com/immunefi/teller-bug-fix-postmorten-and-bug-bounty-launch-b3f67a65c5ac $1,000,000 Bugdefeat $50,000
06/29/21 Yearn Finance ETH Flashloan of zero value bypassed safety checks and could result in liquidation of strategy’s debt position https://github.com/yearn/yearn-security/blob/master/disclosures/2021-06-29.md xyzaudits $200,000
06/16/21 Alchemix ETH Unprotected functions could lead to frontrunning and denial of service https://medium.com/immunefi/alchemix-access-control-bug-fix-debrief-a13d39b9f2e0 $300 ashiqamien $7,500
06/14/21 MCDEX Arbitrum Contract does not validate user-provided contract address input parameter, allowing a user to craft a malicious contract. https://medium.com/immunefi/mcdex-insufficient-validation-bug-fix-postmortem-182fc6cab899 Unclear Lucash-dev $50,000
06/13/21 Cream Finance ETH Old contract allow users to receive liquidity mining rewards without participating in liquidity mining. https://medium.com/immunefi/cream-finance-insufficient-validation-bug-fix-postmortem-1ec7248e8865 $100,000 Azeem $20,750
06/09/21 Zapper ETH Low level call() with user-provided inputs could steal LP tokens https://medium.com/immunefi/zapper-arbitrary-call-data-bug-fix-postmortem-d75a4a076ae9 https://medium.com/zapper-protocol/post-mortem-sushiswap-uniswap-v2-zap-out-exploit-84e5d34603f0 Unclear Lucash-dev $25,000
06/08/21 Mushrooms Finance ETH Flashloan function is missing an authorization check that allows any user to call the function. https://medium.com/immunefi/mushrooms-finance-logic-error-bug-fix-postmortem-780122821621 $635,000 ckksec $60,000
06/07/21 88mph ETH Unprotected init() function was missing onlyOwner modifier https://medium.com/immunefi/88mph-function-initialization-bug-fix-postmortem-c3a2282894d3 $6,500,000 ashiqamien $42,069
05/13/21 Fei Protocol ETH Flashloan price manipulation of Uniswap pool https://medium.com/immunefi/fei-protocol-flashloan-vulnerability-postmortem-7c5dc001affb https://medium.com/fei-protocol/fei-bonding-curve-bug-post-mortem-98d2c6f271e9 $240,000,000 bobface16 $800,000
05/08/21 Meebit NFTs Brute force attack to mint rare Meetbits NFTs https://iphelix.medium.com/meebit-nft-exploit-analysis-c9417b804f89
04/27/21 PancakeSwap BSC Lottery ticket NFT can be redeemed multiple times because first redemption doesn’t invalidate ticket. https://medium.com/immunefi/pancakeswap-logic-error-bug-fix-postmortem-f2d02adb6983 $700,000 Juno
04/27/21 Mushrooms Finance ETH MEV attack can steal yield https://medium.com/immunefi/mushrooms-finance-theft-of-yield-bug-fix-postmortem-16bd6961388f Unclear Wen-Ding Li $4,000
04/26/21 SharedStake ETH Low level call() with user-provided inputs could extract timelocked funds https://medium.com/immunefi/sharedstake-insider-exploit-postmortem-17fa93d5c90e $40,000,000 Lucash-dev $5,000
04/06/21 Fei Protocol ETH A combination of Uniswap function calls and Fei incentive calculations around maintaining peg allow a user to receive free WETH https://medium.com/immunefi/fei-protocol-vulnerability-postmortem-483f9a7e6ad1 $5,640,000 0xRevert $300,000
04/05/21 Ambisafe ETH Transferring ownership grants ownership to sender and receiver at the same time, allowing receiver to steal tokens https://samczsun.com/uncovering-a-four-year-old-bug/ samczsun
03/26/21 ElasticDAO ETH Missing authorization allowed excess token minting https://medium.com/elasticdao/elasticdao-smart-contract-and-security-audits-400f424281b6 $5,000,000 samczsun
03/16/21 Vesper ETH Drain funds using flashloan price manipulation of Uniswap pool https://medium.com/immunefi/vesper-rebase-vulnerability-postmortem-and-bug-bounty-55354a49d184 https://medium.com/dedaub/yield-skimming-forcing-bad-swaps-on-yield-farming-397361fd7c72 $310,000 Dedaub Unclear
03/11/21 Sovryn RSK User could take out a loan using another party’s collateral, allowing theft of the “borrowed” funds https://medium.com/immunefi/sovryn-loan-vulnerability-postmortem-ffaf4d1d688f $6,800 Whitehat Turbo $76,568
02/26/21 Tokenlon ETH Signature verification does not properly handle zero address https://tokenlon.medium.com/tokenlon-4-0-fee-incident-disclosure-9ee8b5fad564 $750,000 samczsun $50,000
02/22/21 PancakeSwap BSC User can frontrun the winning lottery ticket selection and buy the winning lottery ticket https://medium.com/immunefi/pancakeswap-lottery-vulnerability-postmortem-and-bug-4febdb1d2400 $240,000 Thunder Unclear
02/21/21 Primitive Finance ETH Flashloan with a Uniswap pool containing an attacker-controlled token and abuse infinite allowance to steal funds https://primitivefinance.medium.com/postmortem-on-the-primitive-finance-whitehack-of-february-21st-2021-17446c0f3122 https://medium.com/immunefi/inside-the-war-room-that-saved-primitive-finance-6509e2188c86 $1,300,000 Dedaub $188,000
02/21/21 Hashmasks ETH ERC721 _safeMint callback reentrancy allows more NFTs to be minted than expected https://samczsun.com/the-dangers-of-surprising-code/#hashmasks https://thehashmasks.medium.com/hashmask-art-sale-bug-report-13ccd66b55d7 19 hashmasks samczsun $12,500
02/15/21 NFTX ETH Internal accounting error allows multiple NFTs to be associated with the same custom ERC20 https://forum.nftx.org/t/retroactive-bug-bounty/161 samczsun $50,000
02/09/21 Charged Particles ETH A user could sell their NFT but still maintain possession of the NFT after the sale using a malicious contract. https://medium.com/immunefi/charged-particles-griefing-bug-fix-postmortem-d2791e49a66b https://github.com/Charged-Particles/charged-particles-universe/commit/f4fb60e3f791c1bb3b8907276b27d0319ce46a68#diff-91fca72e3021a185238dd0e82e118ae3ab5993db93dd322d301c665ff74e3eed Unclear unsafe_call $5,000
02/09/21 ForTube ETH Authorization bypass by creating fake ERC20 Ftoken https://medium.com/the-force-protocol/fortube-security-vulnerability-fix-c5847359ba7d samczsun
01/30/21 ArmorFi ETH Internal accounting error caused by extra 10**18 multiplier https://medium.com/immunefi/armorfi-bug-bounty-postmortem-cf46eb650b38 Unclear bobface16 $876,000
01/16/21 Yearn Finance ETH Internal accounting error resulted in incorrect share price calculation https://github.com/yearn/yearn-security/blob/master/disclosures/2021-01-17.md
01/15/21 Gnosis Safe ETH https://docs.gnosis-safe.io/learn/security/bug-bounty-program#duplicate-owners-during-setup-could-render-safe-unusable davidnich11 $2,500
01/09/21 Optimism ethereum-optimism/contracts#172 ethereum-optimism/contracts#179, ethereum-optimism/contracts#181, ethereum-optimism/contracts#364, ethereum-optimism/contracts#360 samczsun
12/04/20 Aave ETH Uninitialized proxy for Aave V2 LendingPool proxy https://medium.com/aave/aave-security-newsletter-546bf964689d https://blog.trailofbits.com/2020/12/16/breaking-aave-upgradeability/ None Josselin Feist $25,000
12/03/20 Frax Finance FraxFinance/frax-solidity#12 FraxFinance/frax-solidity#7 samczsun
10/30/20 Yearn Finance ETH Flashloan price manipulation from missing slippage protection when earn() function is called https://github.com/yearn/yearn-security/blob/master/disclosures/2020-10-30.md $650,000 Wen-Ding Li
10/22/20 PoolTogether Deposit action could be frontrun, causing the amount deposited later to be taken by the frontrunner https://docs.pooltogether.com/security/bug-bounties#permitanddepositdai-contract-unrestricted-sender Kevin Foesenek $20,000.00
10/12/20 Yield Protocol yieldprotocol/fyDai#360 samczsun
10/10/20 Alpha Homora ETH Opening a position when LP price is skewed and lowering the price after the position is opened can allow the position to be liquidated by a user, who would profit 5% of position value https://blog.alphafinance.io/alpha-homora-adjustments/ samczsun
10/10/20 Yearn Finance ETH The address input parameter for the deposit function is not validated, so a fake gauge contract can be provided https://github.com/yearn/yearn-security/blob/master/disclosures/2020-10-10.md $20,000 Emiliano Bonassi
10/03/20 Aavegotchi Staking aavegotchi/ghst-staking#2 samczsun
09/25/20 Incognito Chain ETH No validation check around token duplicating, allowing for double spend https://we.incognito.org/t/how-a-smart-contract-vulnerability-was-discovered-and-fixed/6416 $2,690,000 samczsun
09/25/20 Yearn Finance ETH Earn function can run out of gas before completing fully, which alters the share price and can lead to buying the dip with a flashloan https://github.com/yearn/yearn-security/blob/master/disclosures/2020-09-25.md Andre Cronje
09/15/20 Lien Finance https://samczsun.com/escaping-the-dark-forest/ samczsun
09/11/20 Gnosis Safe ETH https://docs.gnosis-safe.io/learn/security/bug-bounty-program#setting-a-safe-as-an-owner-of-itself-essentially-reduces-threshold-by-1 keviinfoes $5,000
08/21/20 xTokens ETH Flashloan price manipulation of Uniswap pool https://medium.com/xtoken/xsnxa-false-start-post-mortem-f26a7a735383 samczsun
07/25/20 yVault https://blog.trailofbits.com/2020/08/05/accidentally-stepping-on-a-defi-lego/ $400,000 samczsun
06/21/20 Atomic Loans https://web.archive.org/web/20200926093030/https://atomic.loans/blog/vulnerability-disclosure-and-pause-new-loan-requests/ samczsun
06/18/20 Bancor ETH safeTransferFrom does not validate message sender is authorized to spend “from” address funds, so funds can be stolen from addresses with non-zero allowance https://zengo.com/bancor-smart-contracts-vulnerability-its-not-over/ $460,000
03/26/20 Synthetix https://blog.synthetix.io/bug-disclosure samczsun
02/20/20 Nexus Mutual https://medium.com/nexus-mutual/responsible-vulnerability-disclosure-ece3fe3bcefa samczsun $5,000
02/18/20 Nexus Mutual https://medium.com/nexus-mutual/responsible-vulnerability-disclosure-ece3fe3bcefa Mudhit Gupta $2,000
02/17/20 Authereum https://medium.com/authereum/account-vulnerability-disclosure-ec9e288c6a24 samczsun
02/09/20 Aragon Court https://web.archive.org/web/20210306232055/https://blog.aragon.one/aragon-court-v1-upgrades/ samczsun
01/25/20 Curve Finance https://web.archive.org/web/20220525040546/https://blog.curve.fi/vulnerability-disclosure/ samczsun
12/09/19 Gnosis Safe ETH https://docs.gnosis-safe.io/learn/security/bug-bounty-program#potential-suicide-of-multisend-library micahzoltu $1,000.00
11/22/19 Gnosis Safe ETH https://docs.gnosis-safe.io/learn/security/bug-bounty-program#transaction-failure-when-receiving-funds-via-transfer-or-send
11/08/19 ENS https://medium.com/the-ethereum-name-service/lets-talk-ens-migration-a92d5c21df28 samczsun CVE-2020–5232
10/17/19 Cheese Wizards https://medium.com/dapperlabs/disclosure-forking-cheeze-wizards-smart-contracts-all-funds-and-wizards-are-secure-3c53af5bc531 samczsun
09/18/19 Hydro Protocol https://medium.com/ddex/fixed-potential-vulnerability-in-contract-used-during-private-beta-217c0ed6f694 samczsun
09/13/19 Kyber Network https://blog.kyber.network/anatomy-of-a-bridge-reserve-smart-contract-vulnerability-and-how-we-fixed-it-fc5c50d13238 samczsun
09/03/19 bZx Protocol https://medium.com/@b0xNet/your-funds-are-safe-d35826fe9a87 samczsun
07/29/19 Livepeer https://forum.livepeer.org/t/protocol-paused-for-bug-fix-upgrade-7-29-19-4-21pm-edt-update-protocol-resumed-as-of-8-40pm-edt/841 samczsun
07/12/19 0x Exchange https://samczsun.com/the-0x-vulnerability-explained/ samczsun