-
0xboriskataa
medium
# User can deposit into sDAI pool using ETH
## Summary
User can deposit into sDAI pool using ETH
## Vulnerability Detail
In `SophonFarming.sol` there is a function `depositEth`…
-
samuraii77
medium
# A user can unwillingly lock his tokens at unfavorable terms
## Summary
A user can unwillingly lock his tokens at unfavorable terms
## Vulnerability Detail
A user can lock his to…
-
araj
medium
# Updating `startBlock` in `SophonFarming::setStartBlock()` leads to wrong rewardPoints calculation
## Summary
Updating `startBlock` in `SophonFarming::setStartBlock()` leads to wrong `…
-
-
Audinarey
high
# bridged funds will be stuck without a way to withdraw.
## Summary
Users can call `bridgePool(...)` to deposit funds to an L2 contract. Although the `_l2TxGasLimit` is specified, bu…
-
MrMorningstar
medium
# In `SophonFarming::massUpdatePools` function can be DoS with gas limit
## Summary
The issue that the `massUpdatePools` can hit block gas limit if the length of the `poolInfo…
-
TOPG
medium
# Missing storage gap variable in Upgradable2Step
## Summary
For upgradeable contracts, there must be storage gap to “allow developers to freely add new state variables in the future wi…
-
d43mon
medium
# Reentrancy in SophonFarming::bridgepool
## Summary
Reentrancy in SophonFarming::bridgepool
## Vulnerability Detail
There could be a possible reentrancy attack in SophonFarming::bri…
-
KupiaSec
medium
# The `msg.sender` access control check in the `Upgradeable2Step.becomeImplementation()` function is not suitable for its intended purpose
## Summary
The `becomeImplementation()` f…
-
zraxx
medium
# Function _pendingPoints cannot return correct value
## Summary
Function _pendingPoints cannot return correct value
## Vulnerability Detail
The function `_pendingPoints` is used to…