Medium Findings
Fee Manipulation via Improper LP Coin Split
Severity: Medium
Ecosystem: Sui
Protocol: Aftermath Market Making
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Jan 2025
Description:
New coin value can be set to 0, causing issues. When the UserLpCoin with a non-zero LP balance but zero provided_value_usd is introduced, although this UserLpCoin has no contribution to the provided_value_usd , it is still entitled to a withdrawal of funds based on its LP balance. This withdrawal bypasses the fee calculation mechanism, since the fees are determined by the profits derived from balance_to_withdraw and provided_value_usd .
Blocklist Validation Order Mismatch
Severity: Medium
Ecosystem: Sui
Protocol: Sui Bridge
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Apr 2024
Description:
Because it scans through vector, if stored out of order, then it may not find. In committee::execute_blocklist, the member_idx variable is not reset to zero at the beginning of each iteration of the outer while loop. Thus, if a blocklist contains Ethereum addresses in a different order than the order of committee members stored in self.members, the function may fail to find the corresponding committee member even though the member is present in the list.
Incorrect Function Call
Severity: Medium
Ecosystem: Sui
Protocol: Sui Axelar Gateway V2
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: May 2024
Description:
Within estimate function, get_estimate is called rather than obtaining true balances.
Unsafe Role Removal
Severity: Medium
Ecosystem: Sui
Protocol: Cetus
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: May 2024
Description:
Uses subtraction to remove roles, additional roles may be added or subtracted by removing an unset role.
Reward Accumulation During Inactive Time Period
Severity: Medium
Ecosystem: Sui
Protocol: Bluefin Spot
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Nov 2024
Description:
Rewards are account for during between previous reward time and new start time and also during inactive time.
Lack of Configurable Delay Setting in Timelock
Severity: Medium
Ecosystem: Sui
Protocol: Lombard Finance
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Dec 2024
Description:
Has feature to set delay, but within code uses hard-coded variable of MS_24_HOURS.
Arbitrary Delete Of Orders
Severity: Medium
Ecosystem: Sui
Protocol: Maven
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Apr 2023
Description:
In maven.move, any user can call execute_object_operation with the incorrect ASSET generic and pop the order from execution without properly executing it, as the precheck fails and returns false. This allows anyone to stop others from executing the object operations.
Minimum Stake Bypass in delegation_service
Severity: Medium
Ecosystem: Aptos
Protocol: Tortuga
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Oct 2022
Description:
he Tortuga protocol operates on top of the delegation_service module which operates the pools and computes rewards for the validators and delegators. While most users will delegate indirectly through Tortuga (stake_router), validators can also receive direct delegations through the delegation_service API. Users who want to delegate directly can invoke delegation_service::delegate and provide an amount. Internally, this function ensures that the amount provided meets a minimum delegation amount (which is configurable by the pool owner). While this check ensures that the instantaneous delegation amount is above the required minimum, this limit is not imposed upon withdrawals. Therefore, a user can simply delegate some amount of stake higher than min_delegation_amount and then immediately withdraw a large portion to effectively bypass this limit.
Validators can Manipulate Commission Rates
Severity: Medium
Ecosystem: Aptos
Protocol: Tortuga
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Oct 2022
Description:
Registered validators can receive stake from the protocol or directly from individual delegators. Either way, a commission, set by the validator, must be paid. The protocol_commission must be smaller than current_commission, and both have to be smaller or equal to ManagedStakePool max_commission, which is set by the protocol in delegation_service::initialize. The issue is that validators have the ability to drastically increase the commission percentage at any given time. This allows a malicious validator to set a very small commission and later on increase it by a large margin. Given that the stakes are locked via lockup periods (30 days), the validator can profit from a large commission for a long period of time
Liquidate Minimum Debt Vaults
Severity: Medium
Ecosystem: Aptos
Protocol: Argo
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Oct 2022
Description:
Argo enforces a minimum debt threshold when repaying vaults. Unfortunately, liquidate_repay also enforces that the collateral ratio of the vault isn’t repaid fully. This means that vaults that are close to the minimum debt threshold cannot be liquidated.
Issue While Starting New Epoch In Farming
Severity: Medium
Ecosystem: Aptos
Protocol: Thala
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: May 2023
Description:
If an epoch ends earlier than epoch_end_seconds, the code sets farming.epoch_end_seconds to epoch_now. If the current epoch’s starting time is in the future and ending this epoch is attempted, farming.epoch_end_seconds is set to farming.epoch_start_seconds, which is the future time even though the epoch has ended immediately. Now, starting another epoch is impossible until we reach farming.epoch_start_seconds.
Minimum Stake Bypass
Severity: Medium
Ecosystem: Aptos
Protocol: Tortuga
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: June 2023
Description:
A user may delegate some amount of stake higher than min_delegation_amount, then immediately withdraw a large portion to effectively bypass this limit.
Validators Manipulating Commission Rates
Severity: Medium
Ecosystem: Aptos
Protocol: Tortuga
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: June 2023
Description:
This allows a malicious validator to set a very small commission and increase it by a large margin later on. Since 30-day lockup periods lock the stakes, the validator may profit from a large commission for a long time.
Reward Distribution Inconsistency
Severity: Medium
Ecosystem: Aptos
Protocol: Aries Markets
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: May 2024
Description:
When updating the reward configuration with a new reward_per_day, the reward_per_share value, which represents the reward per share, should be adjusted to reflect the new configuration. However, the update_reward_config function fails to calculate the previous unclaimed rewards and update the farm.timestamp based on the old reward_per_day prior to updating the reward_per_share before applying the new configuration.
Potential Deposit Lockup
Severity: Medium
Ecosystem: Aptos
Protocol: Aries Markets
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: May 2024
Description:
There is a potential vulnerability in the logic of deposit_coin_to_reserve. It prioritizes repaying existing loans with the repay_coin before utilizing it for minting liquidity provider tokens. The issue arises because some coins may not be allowed as collateral within the Aries Markets protocol. If the repay_coin is one such coin, it gets utilized for repayment first. But since the minted liquidity provider tokens represent the remaining deposit_coin (of the same type as repay_coin), adding them as collateral fails. Thus, even if repay_coin amount is enough to cover the entire loan, the call will fail, because it may not be utilized as collateral, rendering the user without standing debt and potential liquidation penalties.There is a potential vulnerability in the logic of deposit_coin_to_reserve. It prioritizes repaying existing loans with the repay_coin before utilizing it for minting liquidity provider tokens. The issue arises because some coins may not be allowed as collateral within the Aries Markets protocol. If the repay_coin is one such coin, it gets utilized for repayment first. But since the minted liquidity provider tokens represent the remaining deposit_coin (of the same type as repay_coin), adding them as collateral fails. Thus, even if repay_coin amount is enough to cover the entire loan, the call will fail, because it may not be utilized as collateral, rendering the user without standing debt and potential liquidation penalties.
Inconsistency in Swap Route Validation
Severity: Medium
Ecosystem: Aptos
Protocol: Echelon
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Apr 2025
Description:
lending_leverage::loop_supply_x_borrow_y_fa , there is a pool_route and an associated asset_out_route . These define how the borrowed asset Y is swapped back to the supplied asset X via a multi-hop route. loop_supply_x_borrow_y_fa contains incorrect assertions that check the start of the swap route against the input token and the end against an un-utilized out_metadata parameter. This logic is reversed and unnecessary. The route should instead start with the borrowed token ( Y ) and end with the input token ( X ), since the goal is to loop borrowed assets back into the original collateral.
Lack of two-step ownership transfer
Severity: Medium
Ecosystem: Sui
Protocol: Matrixdock
Auditor: Zellic
Report Date: July 2025
Description:
The protocol lacks a two-step ownership transfer and validation of the new owner’s address; should include an address validity check.
Blacklist Logic Inconsistencies
Severity: Medium
Ecosystem: Sui
Protocol: Elixir
Auditor: Pashov
Report: https://github.com/pashov/audits/blob/master/team/pdf/Elixir-security-review_2025-08-17.pdf
Report Date: Aug 2025
Description:
The implementation of full/soft restrictions in sdeusd.move shows some inconsistencies that may allow bypasses of it.
Orphaned Rewards Captured by First Staker
Severity: Medium
Ecosystem: Sui
Protocol: Elixir
Auditor: Pashov
Report: https://github.com/pashov/audits/blob/master/team/pdf/Elixir-security-review_2025-08-17.pdf
Report Date: Aug 2025
Description:
Rewards can be distributed when no active stakers exist.
Incorrect Role Revocation Logic May Grant Unauthorized Roles
Severity: Medium
Ecosystem: Supra
Protocol: DexLyn Smart Contract
Auditor: HackenProof Contest SRs
Report: https://hackenproof.com/reports/DEXLYNCA-28
Report Date: Sep 2025
Description:
Revoking a role that doesn’t exist may grant permissions to another role.
Wrong Event Value
Severity: Medium
Ecosystem: Sui
Protocol: Dola
Auditor: MoveBit
Report: https://movebit.xyz/reports/Dola-Protocol-Final-Audit-Report.pdf
Report Date: Feb 2024
Description:
In the emit_reserve_stats function, the supply_index field incorrectly uses the return value of the get_borrow_index function, which is the same as the borrow_index , as the value of the event, which may cause confusion in analyzing the data off the chain. Also the UpdateUserRewardEvent event in the claim_reward function, old_reward_index and new_reward_index also use user_reward.last_update_reward_index as a value.
Valid Prizes Can Be Collected As Expired
Severity: Medium
Ecosystem: Sui
Protocol: Random-Vault
Auditor: MoveBit
Report: https://movebit.xyz/reports/Random-Vault-Final-Audit-Report.pdf
Report Date: Feb 2024
Description:
In the collect_expired_prize function, anyone can collect the prize that is over the round.end_time. This means, that if the time difference is large enough, the valid prize may be collected.
Incomplete Handling of Fully Repaid Loans in the Loan List
Severity: Medium
Ecosystem: Sui
Protocol: Scallop
Auditor: MoveBit
Report Date: Jun 2023
Description:
Fully repaid loans remain in the loan list with zero amount, causing redundant computations and indicating missing loan list maintenance.
bottle_table might be out of order
Severity: Medium
Ecosystem: Sui
Protocol: Bucket Protocol
Auditor: MoveBit
Report Date: Jun 2023
Description:
In handle_redeem, if buck_input_amount is fully repaid for a part of Bottle, Bottle debt is 0. If it pushes to end of list, linked_table will be out of order.
Logical Loophole
Severity: Medium
Ecosystem: Sui
Protocol: Turbos Finance-TurboStar
Auditor: MoveBit
Report Date: May 2023
Description:
Sale_balance can be transferred to reduce raise goal, fund function to give more people an opportunity to participate in IDO.
proposal_request can be extracted at any time
Severity: Medium
Ecosystem: Sui
Protocol: Legend of Arcadia
Auditor: MoveBit
Report Date: Jun 2023
Description:
Missing check if proposal is approved or rejected, any user of MultiSignature can take away the request object in the proposal.
burn function Design flaw
Severity: Medium
Ecosystem: Sui
Protocol: Legend of Arcadia
Auditor: MoveBit
Report Date: Jun 2023
Description:
Missing check for amount = none, which may burn all coins. Change burn_request to first use coin::split to separate the coins in params according to amount.
approved_weight and reject_weight are not compared
Severity: Medium
Ecosystem: Sui
Protocol: Legend of Arcadia
Auditor: MoveBit
Report Date: Jun 2023
Description:
approved_weight and reject_weight are not compared, acknowledged as is optional.
Lack of Minimum Liquidity
Severity: Medium
Ecosystem: Sui
Protocol: KriyaDEX
Auditor: MoveBit
Report Date: Apr 2023
Description:
In the add_liquidity function, there is no min the first time adding liquidity. Add min liquidity and lock it in the pool.
Missing K Value Verification
Severity: Medium
Ecosystem: Sui
Protocol: KriyaDEX
Auditor: MoveBit
Report Date: Apr 2023
Description:
Missing check, after swap, the value of k should be greater than or equal to the previous value of k.
Lack of K-Value Check
Severity: Medium
Ecosystem: Sui
Protocol: MovEX
Auditor: MoveBit
Report Date: Apr 2023
Description:
Missing check, after swap, the value of k should be greater than or equal to the previous value of k.
Lack of Minimum Liquidity Requirement
Severity: Medium
Ecosystem: Sui
Protocol: MovEX
Auditor: MoveBit
Report Date: Apr 2023
Description:
In the add_liquidity function, there is no min the first time adding liquidity. Add min liquidity and lock it in the pool.
Incorrect Protocol Fee Handling
Severity: Medium
Ecosystem: Sui
Protocol: MovEX
Auditor: MoveBit
Report Date: Apr 2023
Description:
If fee is not withdrawn, fee will be withdrawn by person who adds liquidity. This may also cause asset losses for some users who provide liquidity.
Missing K Check
Severity: Medium
Ecosystem: Sui
Protocol: Sui AMM Swap
Auditor: MoveBit
Report Date: Nov 2022
Description:
Missing check, after swap, the value of k should be greater than or equal to the previous value of k.
No minting of minimum liquidity
Severity: Medium
Ecosystem: Sui
Protocol: Sui AMM Swap
Auditor: MoveBit
Report Date: Nov 2022
Description:
In the function add_liquidity(), if it is the first injection of liquidity, the number of lp tokens obtained will be subtracted from the minimum liquidity value (MINIMAL_LIQUIDITY). The function of MINIMAL_LIQUIDITY is to limit the lower limit of lp supply, thereby reducing the unit price of lp token and increasing the attack cost of lp price manipulation.
This value is directly subtracted in the code, so the value of lp_supply does not increase, and this part should be mint and stored in an address instead of being directly subtracted.
Missing Key Validation in ReserveConfig
Severity: Medium
Ecosystem: Sui
Protocol: Aries Market
Auditor: MoveBit
Report Date: June 2023
Description:
No check if liquidation_threshold > loan_to_value. If threshold is lower, asset can be liquidated immediately when borrowing amount is close to borrowing capacity, resulting in loss to user.
Unreasonable Repayment of Logic for Flash Loans
Severity: Medium
Ecosystem: Sui
Protocol: Aries Market
Auditor: MoveBit
Report Date: June 2023
Description:
In the end_flash_loan() function within controller.move, when repayment is made for a flash loan, if the amount in coin_src exceeds the outstanding payment amount of the flash loan, the excess amount is used to repay other debts or make deposits. This is not a reasonable logic for flash loans.
Missing Reward Collection Check in burn_position Leads to Permanent Reward Loss
Severity: Medium
Ecosystem: Sui
Protocol: Magma DEX
Auditor: Three Sigma
Report: https://cdn.sanity.io/files/qoqld077/staging/9566473c444a6cfd99c7a6556fa4857950b41de3.pdf
Report Date: July 2025
Description:
The almm_pair::burn_position function allows users to completely destroy their liquidity positions without ensuring that accumulated rewards from the RewarderGlobalVault have been collected first. This function is designed to withdraw all liquidity from all bins in a position and destroy the position object, but it lacks a critical validation step to check if the position has unclaimed rewards from the rewarder system.
factory::revoke_protocol_fee_cap function is implemented incorrectly
Severity: Medium
Ecosystem: Sui
Protocol: Magma DEX
Auditor: Three Sigma
Report: https://cdn.sanity.io/files/qoqld077/staging/9566473c444a6cfd99c7a6556fa4857950b41de3.pdf
Report Date: July 2025
Description:
When revoking protocol_fee_cap, instead of removing the cap from allowed_protocol_fee_cap vector, we remove the cap from the allowed_admin, which will result in preventing of removing protocol_fee_cap as the Id is not added into allowed_admin.
Last Holder Can’t Exit, Zero‑Supply Unstake Reverts
Severity: Medium
Ecosystem: Initia
Protocol: Cabal Liquid Staking
Auditor: Code4Arena Contest Security Researchers
Report: https://code4rena.com/reports/2025-04-cabal-liquid-staking-token
Report Date: May 2025
Description:
When a user burns the entire remaining supply of a Cabal LST ( sxINIT or Cabal LPT) via initiate_unstake, the follow‑up processing step always aborts with a divide‑by‑zero and the user can never exit.
get_cost_amount allows unlimited free domain registrations
Severity: Medium
Ecosystem: Initia
Protocol: Initia Move
Auditor: Code4Arena Contest Security Researchers
Report: https://code4rena.com/reports/2025-01-initia-move
Report Date: Apr 2025
Description:
The get_cost_amount function unintentionally sets the price for domain names of length greater than or equal to 7 to zero. FREE_LENGTH is defined as 7. When the length of the domain name is greater than or equal to 7, the else branch is executed, setting the price_per_year to 0. While this behavior may be intentional to make longer domain names free, it opens the system to abuse.
The proposal expiration logic is incorrect
Severity: Medium
Ecosystem: Initia
Protocol: Initia Move
Auditor: Code4Arena Contest Security Researchers
Report: https://code4rena.com/reports/2025-01-initia-move
Report Date: Apr 2025
Description:
The is_proposal_expired function uses incorrect comparison logic that causes proposals to be marked as expired when they should still be active, and vice versa. This is as a result of the reversed comparison operator in the expiration check. The impact of this bug is high because valid proposals are incorrectly marked as expired which prevents legitimate voting. Also the voting period enforcement is effectively reversed. This effectively creates a DoS because any multisig wallet created would be unable to execute proposals.
Missing Token Order and Identity Validation in LP Token
Severity: Medium
Ecosystem: Aptos
Protocol: Hyperion Smart Contracts
Auditor: ExVul
Report Date: Apr 2025
Description:
Two validation issues exist in the lp.move contract's LP token creation functions:
- Token Pair Order Issue in
get_pool_seedsFunction
The get_pool_seeds function generates seeds directly from token_a and token_b without sorting. This can create different LP tokens for the same pair in different orders, potentially splitting liquidity pools.
- Lack of Token Identity Check in LP Creation
The create_share_token function doesn't verify if token_a and token_b are the same, allowing creation of invalid single-token LP tokens.
Missing Tick Range Validation in Vault Creation
Severity: Medium
Ecosystem: Aptos
Protocol: Hyperion Smart Contracts
Auditor: ExVul
Report Date: Apr 2025
Description:
The create_vault function allows users to specify tick_lower and tick_upper without any validation. This leads to two critical problems:
Invalid Tick Order:
There is no check ensuring that tick_lower < tick_upper. This violates the core design of Uniswap V3-style tick ranges, potentially resulting in vaults that cannot function properly due to misconfigured tick boundaries.
Lack of Tick Bound Checks:
Neither tick_lower nor tick_upper are validated against the protocol's global minimum/maximum tick bounds. This may allow the creation of positions outside the valid price range supported by the underlying pool, which could cause failures in liquidity provisioning or swaps.
set_next_variable_borrow_index() used instead of set_next_scaled_variable_debt()
Severity: Medium
Ecosystem: Aptos
Protocol: AAVE v3.1-3.3 Core
Auditor: Certora
Report Date: Apr 2025
Description:
In the function liquidation_logic::burn_debt_tokens() a call to set_next_variable_borrow_index() has been wrongly introduced in the place of set_next_scaled_variable_debt(). This approach fails to update the relevant variable next_scaled_variable_debt and falsely updates next_variable_borrow_index, leading to the total_variable_debt and consequently, the current_liquidity_rate and current_variable_borrow_rate being updated to much lower values than they should.
Health factor check is too low
Severity: Medium
Ecosystem: Aptos
Protocol: AAVE v3.0.2
Auditor: Certora
Report Date: Apr 2025
Description:
validate_liquidation_call first checks if health_factor is less than 0.95e18, then again if health_factor is less than 1e18. The second check is redundant.
Retroactive windfall for first time users
Severity: Medium
Ecosystem: Aptos
Protocol: AAVE V3
Auditor: Cantina Contest SRs
Report: https://cantina.xyz/code/ad445d42-9d39-4bcf-becb-0c6c8689b767/findings/192
Report Date: Jun 2025
Description:
In update_user_data, the code does:
if (!simple_map::contains_key(&reward_data.users_data, &user)) { simple_map::add(&mut reward_data.users_data, user, UserData { index: 0, accrued: 0 });}let (rewards_accrued, _) = calculate_rewards( user_balance, new_asset_index, (user_data.index as u256), asset_unit);
Because UserData.index is always initialized to 0, the very first call computes
rewards_accrued = user_balance * (new_asset_index – 0) / asset_unit
granting the newcomer the full cumulative rewards per token ever emitted. In Aave’s Solidity _updateUserAssetInternal, a fresh user’s stored index is immediately set to newAssetIndex and rewards are only calculated if their prior stake is nonzero, so first‐time participants never receive back-pay .
First-time users instantly drain the entire historical reward pool, diluting legitimate stakers and depleting treasury funds.
Partially filled APD redemptions always charge the full redemption fees
Severity: Medium
Ecosystem: Aptos
Protocol: Thala Labs Aptos Dollar
Auditor: Zellic
Report Date: Oct 2022
Description:
Because the variable redemption_fee_coin is not adjusted to account for partial redemptions, users who call vault::redeem_collateral are always charged full redemption fee.
Unable to unregister collateral CoinTypes
Severity: Medium
Ecosystem: Aptos
Protocol: Thala Labs Aptos Dollar
Auditor: Zellic
Report Date: Oct 2022
Description:
Collateral CoinTypes cannot be unregistered, and there’s no disincentive for borrowing against assets outside Thala’s risk framework. A freezing mechanism was added but requires further review.
Potentially incorrect implementation of multiple queue operations
Severity: Medium
Ecosystem: Aptos
Protocol: Laminar Markets
Auditor: OtterSec
Report: https://ottersec.notion.site/Sampled-Public-Audit-Reports-a296e98838aa4fdb8f3b192663400772
Report Date: Oct 2022
Description:
Coding mistakes in flow:queue. In the case index_to_remove is neither there is an assert, assert should also be there if index_to_remove is tail. queue::remove cannot handle length of 1 and in queue::in_next there is an assertion followed by an if and a second assert that will never fail.
Update the Reserves within the swap() Function
Severity: Medium
Ecosystem: Aptos
Protocol: Baptswap
Auditor: MoveBit
Report: https://movebit.xyz/reports/BAPTSWAP-Final-Audit-Report.pdf
Report Date: Dec 2023
Description:
In the swap_exact_x_to_y_direct() function, the protocol swaps token X to token Y and subsequently calls update_reserves() to update the constant product. However, a best practice, as exemplified in the PancakeSwap code, is to call the update() function within the swap() function to handle the updates. This ensures that the reserves are consistently and efficiently updated during the swapping process.
Some View Function Logic Errors
Severity: Medium
Ecosystem: Aptos
Protocol: MoveGPT
Auditor: MoveBit
Report: https://movebit.xyz/reports/MoveGPT-Final-Audit-Report.pdf
Report Date: Apr 2024
Description:
The view function to get information about private_round is still retrieved from the ido_round field.
claim Function Can Be Called Multiple Times
Severity: Medium
Ecosystem: Aptos
Protocol: MoveGPT
Auditor: MoveBit
Report: https://movebit.xyz/reports/MoveGPT-Final-Audit-Report.pdf
Report Date: Apr 2024
Description:
Claim related functions can be called multiple times by the user.
Logic Error in Claim Function
Severity: Medium
Ecosystem: Aptos
Protocol: MoveGPT
Auditor: MoveBit
Report: https://movebit.xyz/reports/MoveGPT-Final-Audit-Report.pdf
Report Date: Apr 2024
Description:
The assertion function current_time > vesting_config.start causes the claim function to never reach the if branch of the vesting_config.start > current_time condition.
Insufficient Validation for amounts_out
Severity: Medium
Ecosystem: Aptos
Protocol: Cellena
Auditor: MoveBit
Report: https://movebit.xyz/reports/Cellana-Smart-Contract-Final-Audit-Report.pdf
Report Date: Feb 2024
Description:
In the swap_route_entry function, the assertion at L130 only validates the last value in the amounts_out array, which is insufficient to verify that all values in the array are correct.
Incorrect Condition Statement
Severity: Medium
Ecosystem: Aptos
Protocol: Cellena
Auditor: MoveBit
Report: https://movebit.xyz/reports/Cellana-Smart-Contract-Final-Audit-Report.pdf
Report Date: Feb 2024
Description:
In the optimal_liquidity_amounts function, the conditional statement if (amount_2 <= amount_2_desired) is always true. According to the context logic, the parameter amount_2 should be changed to amount_2_optimal.
Logic Design of The swap_route_entry Function
Severity: Medium
Ecosystem: Aptos
Protocol: Cellena
Auditor: MoveBit
Report: https://movebit.xyz/reports/Cellana-Smart-Contract-Final-Audit-Report.pdf
Report Date: Feb 2024
Description:
The swap_route_entry function first swaps the first token from the from_token array with the first token from the to_token array. Then, it swaps the resulting token with the second token from the to_token array, and so on. Finally, it transfers the token from the last swap to the recipient. The correct design should be to swap each token in the from_token array with the corresponding token in the to_token array.
Limit Orders Cannot Be Executed
Severity: Medium
Ecosystem: Aptos
Protocol: Merkle Trade Smart Contract
Auditor: MoveBit
Report: https://movebit.xyz/reports/Merkle-Trade-Smart-Contract-Audit-Report.pdf
Report Date: July 2023
Description:
The function execute_order() is used to execute an order. Inside the function, it checks if more than 30 seconds have passed since the order was created. If the condition is met, it cancels the order by calling cancel_order_internal(). However, if the order is a limit order, it means that the order has a specific price set by the trader at which they are willing to buy or sell the asset, if this timeout has elapsed, the order is considered expired.
view_broker Should Not Return False Bool Directly
Severity: Medium
Ecosystem: Aptos
Protocol: Superposition
Auditor: MoveBit
Report: https://movebit.xyz/reports/Superposition-Final-Audit-Report.pdf
Report Date: Mar 2024
Description:
In broker.move, the view_broker is a function that reads the current state of the broker. However, instead of reading the bool values from the broker, several values directly return false. This will send wrong values for not only this view function but also other functions that call it, for example: borrow_with_ticket, lend_with_ticket, etc.
Fixed Slippage
Severity: Medium
Ecosystem: Aptos
Protocol: vibrantX
Auditor: MoveBit
Report: https://movebit.xyz/reports/vibrantX-Final-Audit-Report.pdf
Report Date: Jan 2024
Description:
Slippage protects users from losing tokens in some paris, but the fixed slippage settings can also lead to failed trades with high price volatility.
Wrong condition in assert
Severity: Medium
Ecosystem: Aptos
Protocol: Mokshya/Wapal Aptos NFT Mint
Auditor: MoveBit
Report Date: Mar 2023
Description:
In the update_candy function, the royalty_points_denominator judges the wrong condition here, which will never be able to update candy_data.royal_points_denominator.
Unverified public_sale_mint_time must be greater than presale_mint_time
Severity: Medium
Ecosystem: Aptos
Protocol: Mokshya/Wapal Aptos NFT Mint
Auditor: MoveBit
Report Date: Mar 2023
Description:
In candymachine::mint_from_merkle, public_sale_mint_time must be greater than presale_mint_time, but it is not verified when creating or modifying CandyMachine.
Business logic structure is too complex
Severity: Medium
Ecosystem: Aptos
Protocol: Transit Finance
Auditor: MoveBit
Report: https://github.com/movebit/Sampled-Audit-Reports/blob/main/reports/Transit-Finance-Audit-Report.pdf
Report Date: Nov 2022
Description:
batch_swap_five has 27 type parameters and 15 function parameters. Incovenient for code maintenance, user command line execution, and function call, gas consumption will also be higher.
Code readability needs to be improved in the get_intermediate_out_from_dex functions
Severity: Medium
Ecosystem: Aptos
Protocol: Transit Finance
Auditor: MoveBit
Report: https://github.com/movebit/Sampled-Audit-Reports/blob/main/reports/Transit-Finance-Audit-Report.pdf
Report Date: Nov 2022
Description:
Dex swap logic of six different branches can be split into six functions to improve readbility.
Common code should be encapsulated as a function to be called
Severity: Medium
Ecosystem: Aptos
Protocol: Transit Finance
Auditor: MoveBit
Report: https://github.com/movebit/Sampled-Audit-Reports/blob/main/reports/Transit-Finance-Audit-Report.pdf
Report Date: Nov 2022
Description:
batch_swap_three and batch_swap_five have roughly the same code except for the number of type parameters.
Excessive reliance on external dex contract calls and no way to control or suspend external dex
Severity: Medium
Ecosystem: Aptos
Protocol: Transit Finance
Auditor: MoveBit
Report: https://github.com/movebit/Sampled-Audit-Reports/blob/main/reports/Transit-Finance-Audit-Report.pdf
Report Date: Nov 2022
Description:
No security measures in external contract calls to get_intermediate_out_from_dex exist.
Wrong event type emitted
Severity: Medium
Ecosystem: Aptos
Protocol: Cetus Concentrated Liquidity Protocol
Auditor: MoveBit
Report Date: Jan 2023
Description:
In create_pool, it emits CreatePoolEvent.coin_type_b with CoinTypeA.
The pool Coin Order Handle
Severity: Medium
Ecosystem: Aptos
Protocol: Cetus Concentrated Liquidity Protocol
Auditor: MoveBit
Report Date: Jan 2023
Description:
In create_pool, you can create a pool with CoinA, CoinB and CoinB, CoinA. This will cause confusion. Force user to create pool with coins in order, by adding an assert.
Liquidate Minimum Debt Vaults
Severity: Medium
Ecosystem: OL Network
Protocol: StakeSphere
Auditor: MoveJay
Report: https://github.com/Jayfromthe13th/StakeSphere-stealth-/blob/Wallet/Audit.md
Report Date: Apr 2024
Description:
StakeSphere enforces a minimum debt threshold when repaying vaults. That being said, liquidate_repay also enforces that the collateral ratio of the vault isn’t repaid fully. This means that vaults that are close to the minimum debt threshold cannot be liquidated.
No Check for Account Registration
Severity: Medium
Ecosystem: Binance Smart Chain
Protocol: AquaSwap
Auditor: MoveJay
Report: https://github.com/Jayfromthe13th/AuquaSwap-Audit-/blob/Wallet/Audit%20report.md
Report Date: 2024
Description:
The execute_limit_order function fails to verify if the recipient account is registered to receive the quote coin, potentially blocking order execution.