Ramses CL project favicon

Ramses CL

Arbitrum
Last audited on 2024/07/31
No active critical issues

Last Issues (25)

Low
Medium
High
Critical
Total
Not fixed
41--5
Fixed
1522120
Total1932125

Reported rekts

Ramses was reported as rekt on 2024/10/24
Click to show description
Quick Summary

On October 24, 2024, Ramses Exchange on the Arbitrum network lost around $93,000 due to a flaw in its reward distribution system.
The attacker repeatedly claimed rewards by leveraging multiple token IDs without reducing the overall reward pool supply. This
exploit targeted Ramses’ reward accumulation process rather than affecting liquidity provider assets or user holdings. Ramses
Exchange confirmed that liquidity provider funds and user NFTs remain secure despite the incident.




Details of the Exploit

The exploit stemmed from a vulnerability in the Ramses FeeDistributor contract, where the system failed to reduce the total reward
supply after each reward claim. By repeatedly using the _getReward() function with multiple NFT token IDs, the attacker
manipulated the reward calculations to gain excess rewards. The attacker’s strategy included resetting or splitting NFTs into new
token IDs, effectively bypassing the tracking mechanism veWithdrawnTokenAmountByPeriod that restricts double-claiming within the
same period. Additionally, the attacker used the getPeriodReward() function with arbitrary period values to retroactively access
unclaimed rewards, exploiting a lack of timestamp validation in the contract.




Block Data Reference

Exploit tx:

https://arbiscan.io/tx/0xb91c4e0debaf0feb1f20c979eebc1282c8024ae299ef5903591badcf1f4938bb

Attacker:

https://arbiscan.io/address/0x1d8b0ee375750839567f266fa75f6fbc9d6b977c

Audit (1)

#NameAuditorDateChainsIssues
1Ramses V3Consensys2024/07/31
Off-Chain (Private)
No active critical issues