Exploit case studies and active protocol security research from the VERITAS 8-Gate engine.
5 of 9 validators controlled by a single entity. Social engineering compromised the remaining key needed. Largest DeFi h...
Attacker forged guardian approvals using a deprecated Solana syscall, minting 120,000 unbacked wETH....
Unchecked donate-to-self function allowed attacker to inflate collateral value via flash loan and drain reserves....
An attacker can manipulate the price oracle of a collateral asset to trigger a liquidation with an artificially high "lo...
A flash loan can be used to execute a massive swap, pushing the AMM's internal pricing curve calculations (which use `Lo...
The pessimistic oracle's `dailyLows` state variable can be manipulated via a flash loan to record an artificially inflat...
The core invariant `total_shares * share_price == total_underlying_assets` is violated due to precision loss from intege...
The `fpi_price` returned by `getReservesAndFPISpot()` is explicitly marked as "flash loan susceptible" in the code comme...
An attacker can artificially inflate the share price by directly transferring underlying assets to the vault, which incr...
The `_depositRevenue` function transfers underlying assets (WETH) directly to the `PUFFER_VAULT` without minting corresp...
A donation attack is possible. An attacker can directly transfer `bridgedWOETH` to the `BridgedWOETHStrategy` contract. ...
A precision loss vulnerability allows an attacker to inflate the `valuePerShareD27` (share price) by making a dust depos...
An attacker can perform an inflation attack by being the sole or one of the first stakers. When a large reward is subseq...
An attacker who is a legitimate oracle can temporarily depress the median price by reporting a low value, deposit assets...
The `MessagingComposer` passes `_extraData` directly from the executor to the destination OApp's `lzCompose` function, e...
A precision loss vulnerability in the share conversion logic (e.g., `convertToShares` and `convertToAssets`) can be expl...
The `PriceFeed` contract is designed to fetch share prices from external Liquid Staking Token (LST) contracts using a co...
The `_isUpAndGracePeriodPassed` function incorrectly interprets a `0` value from the `_sequencerOracle` as a "healthy" s...
Potential unknown vulnerability identified in Wormhole contracts....
Potential unknown vulnerability identified in Compound V3 contracts....
Potential unknown vulnerability identified in Chainlink CCIP contracts....
Potential unknown vulnerability identified in dYdX V4 contracts....
The `_computeEclpTvl` function computes the pool invariant using `Rounding.ROUND_DOWN`, which, when combined with potent...
The `_exchangeRateCurrent(l1Token)` used to calculate `l1TokensToReturn` is susceptible to flash loan manipulation, allo...
The `stakeLBTC` function calculates the `amountBTCB` to be transferred using integer division (`((amountLBTC * divider) ...
The `Extsload` contract allows external contracts to read the AMM's storage slots (reserves `x` and `y`). An attacker ca...
The `_getProofVersion` function determines the proof verification logic (DENEB or PECTRA) based on a `proofTimestamp` an...
A "donation attack" is possible where an attacker makes a minimal initial deposit, then a large amount of the underlying...
The `_ln_36` function, intended for high-precision (36 decimal) natural logarithm calculation, incorrectly scales its fi...