High Findings
Early Return in Signer Threshold Verification May Confirm Malicious Payloads
Severity: High
Ecosystem: Sui
Protocol: RedStone
Auditor: Hacken
Report: https://hacken.io/audits/redstone/sca-redstone-finance-sui-connector-feb2025/
Report Date: Feb 2025
Description: The verify_signer_count function is responsible for ensuring that the number of valid signers meets a predefined threshold before confirming a price update or other critical operation. However, the function contains an early return (return) within the loop, which terminates the verification process as soon as the threshold is met. This can introduce significant security risks, particularly in malicious payload injection scenarios.
Infinite Loop in handle_redeem
Severity: High
Ecosystem: Sui
Protocol: Bucket Protocol
Auditor: MoveBit
Report Date: July 2023
Description:
In the handle_redeem function, if the debt value is 0, the loop controlling the redemption process may not terminate as expected, leading to a potential infinite loop. This can cause transaction failures or denial-of-service conditions within the protocol.
Infinite Recursion in distribute_dex_fees() Leading to Transaction Failure
Severity: High
Ecosystem: Aptos
Protocol: Baptswap
Auditor: MoveBit
Report: https://movebit.xyz/reports/BAPTSWAP-Final-Audit-Report.pdf
Report Date: Dec 2023
Description:
The function swap_v2.distribute_dex_fees() aims to calculate and distribute DEX fees based on the type of input X. In this function, the protocol calls swap_exact_x_to_y_direct() to exchange X for APT and then transfers the obtained APT to the treasury. However, within the swap_exact_x_to_y_direct() function, the protocol again invokes distribute_dex_fees(). This recursive calling pattern leads to an infinite loop, resulting in an out-of-gas situation and a failed transaction.