Move Vulnerability Registry
Bản đồ lỗ hổng bảo mật và cẩm nang phòng chống lỗi logic trong Move.
agent_delegated_cap_misuseCritical
AGENT-003 Permission Abuse in Delegated Execution
agent_side_channel_leakCritical
AGENT-013 Side-Channel Data Leak in Privacy-Protected Agent Memory
agent_zk_intent_leakCritical
AGENT-008 Privacy Leak via Unverified ZK-Intent in Agent Execution
cetus_spoof_overflowCritical
Cetus Spoof Token + Liquidity Math Overflow
hamsterwheel_dosCritical
HamsterWheel DoS Infinite Loop
nautilus_tee_bypassCritical
Nautilus TEE Attestation Bypass
typus_oracle_bypassCritical
Typus Oracle Authority Bypass
agent_btcfi_oracle_manipHigh
AGENT-012 BTCfi Oracle Manipulation in Agent-Driven Trades
agent_intent_mismatchHigh
AGENT-004 Intent Spoofing / Mismatch
agent_kiosk_bypassHigh
AGENT-011 NFT/Kiosk Bypass in Agent-Controlled Assets
agent_memory_poisoningHigh
AGENT-005 Memory Poisoning Leading to Rogue Tx
agent_multi_consensus_failureHigh
AGENT-010 Multi-Agent Consensus Failure via Byzantine Rogue Agent
agent_shared_object_raceHigh
AGENT-006 Shared Object Race in Multi-Agent Workflow
agent_spend_limit_bypassHigh
AGENT-002 Rogue Agent Spend Limit Bypass
agent_tee_tamperingHigh
AGENT-009 TEE Tampering in Nautilus-Attested Agent Compute
agent_unaudited_lib_vulnHigh
AGENT-014 Unaudited Lib Dependency in Agent Modules
agent_unauthorized_tool_callHigh
AGENT-001 Unauthorized Tool Call via Prompt Injection
bluemove_access_bypassHigh
Shared Object Access Control Bypass (BlueMove)
dynamic_field_collisionHigh
Dynamic Field Name Collision/Overwrite (Typus)
fake_token_spoofingHigh
Fake Token Input Spoofing (General)
nemo_economic_logicHigh
Nemo Economic Logic Exploit
oracle_manipulationHigh
Oracle Manipulation via Stale Price
unaudited_lib_inheritanceHigh
Unaudited Custom Library Dependency Inheritance
upgrade_migration_corruptionHigh
Upgradable Package State Corruption (Migration)
zk_intent_replayHigh
zk-Intent Proof Replay (Missing Nullifier)
agent_no_verifiable_intentMedium
AGENT-007 Verifiable Intent Failure
seal_misuseMedium
Seal Misuse in Hot Potato Pattern
shared_object_race_mysticetiMedium
Shared Object Race in Mysticeti Parallel Execution
souffl3_math_errorMedium
Vault Share Math Logic Error (Souffl3)
upgrade_abortMedium
Package Upgrade Abort via Capability Mismatch
agent_btcfi_oracle_manip
High (5.0 / 10)AGENT-012 BTCfi Oracle Manipulation in Agent-Driven Trades
Technical Description
An agent relies on a single BTCfi oracle feed (e.g., BTC/SUI price) for liquidation or collateral valuation decisions. An attacker manipulates the off-chain oracle price feed (e.g., via TWAP manipulation, stale data replay, or poisoning the oracle provider) causing the agent to execute a liquidation at a significantly skewed price. The on-chain contract accepts the oracle value without deviation bounds or multi-feed aggregation, creating bad debt or enabling the attacker to front-run liquidations at incorrect valuations.
Protocol Impact
High (protocol bad debt, user fund loss, fits Sui BTCfi expansion 2026)
Comparative Code Sandbox
Vulnerable Snippet
// ❌ VULNERABLE: single oracle, no staleness or deviation check
public entry fun liquidate_vulnerable(
oracle: &OracleFeed,
vault: &mut LiquidationVault,
borrower: address,
ctx: &mut TxContext,
) {
let price = oracle.btc_sui_price; // Single-source, unvalidated
let collateral_value = vault.collateral_amount * price;
// Liquidate if undercollateralized — price can be manipulated
if (collateral_value < vault.debt_amount) {
let seized = coin::split(&mut vault.collateral, vault.collateral_amount, ctx);
transfer::public_transfer(seized, ctx.sender());
}
}
Secured & Audited Patch
// ✅ FIXED: multi-oracle aggregation + deviation bound + staleness check
public entry fun liquidate_fixed(
oracle_a: &OracleFeed,
oracle_b: &OracleFeed,
vault: &mut LiquidationVault,
current_epoch: u64,
ctx: &mut TxContext,
) {
// Staleness: both feeds must be fresh
assert!(current_epoch - oracle_a.last_updated <= MAX_STALE_EPOCHS, E_STALE_PRICE);
assert!(current_epoch - oracle_b.last_updated <= MAX_STALE_EPOCHS, E_STALE_PRICE);
// Deviation guard: feeds must agree within 5%
let avg_price = (oracle_a.btc_sui_price + oracle_b.btc_sui_price) / 2;
let deviation = if (oracle_a.btc_sui_price > oracle_b.btc_sui_price) {
oracle_a.btc_sui_price - oracle_b.btc_sui_price
} else {
oracle_b.btc_sui_price - oracle_a.btc_sui_price
};
assert!(deviation * 10000 / avg_price <= MAX_DEVIATION_BPS, E_PRICE_DEVIATION);
let collateral_value = vault.collateral_amount * avg_price;
if (collateral_value < vault.debt_amount) {
let seized = coin::split(&mut vault.collateral, vault.collateral_amount, ctx);
transfer::public_transfer(seized, ctx.sender());
}
}