issues
search
code-423n4
/
2021-05-nftx-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Make setManager a two-step change to avoid vault administration freeze
#73
code423n4
closed
3 years ago
1
Front-running setFees() could avoid fees
#72
code423n4
opened
3 years ago
0
The direct redeem fee can be circumvented
#71
code423n4
opened
3 years ago
1
Storage variable reads can be hoisted out of loops
#70
code423n4
closed
3 years ago
0
A malicious receiver can cause another receiver to lose out on distributed fees by returning `false` for `tokensReceived` when receiveRewards is called on their receiver contract.
#69
code423n4
opened
3 years ago
1
_sendForReceiver is vulnerable to reentrancy. This enables a receiver to drain the remaining fees to distribute.
#68
code423n4
closed
3 years ago
0
Combine calculation to reduce two SSTOREs/SLOADs to one
#67
code423n4
closed
3 years ago
0
lack of checking of array length of parameters in requesrMint() and ClaimUnminted()
#66
code423n4
closed
3 years ago
0
Move zero address check to place of assignment rather than use
#65
code423n4
closed
3 years ago
0
Change function visibility from public to external
#64
code423n4
opened
3 years ago
0
Unused events
#63
code423n4
opened
3 years ago
0
Unused storage variables
#62
code423n4
opened
3 years ago
0
Semantic Overloading in NFTXUpgradable.sol
#61
code423n4
opened
3 years ago
0
Insecure randomness in getPseudoRand(uint256 modulus){} function
#60
code423n4
closed
3 years ago
1
Tokens can get stuck in `NFTXMintRequestEligibility`
#59
code423n4
opened
3 years ago
0
Events not fired
#58
code423n4
closed
3 years ago
0
Potential bug with `reverseEligOnRedeem` / misleading name
#57
code423n4
opened
3 years ago
0
`getRandomTokenIdFromFund` yields wrong probabilities for ERC1155
#56
code423n4
opened
3 years ago
2
`getPseudoRand` can be predicted
#55
code423n4
closed
3 years ago
0
Vault's flash loan not implemented according to EIP-3156
#54
code423n4
opened
3 years ago
1
Vault's `swapTo` can return the input tokens
#53
code423n4
opened
3 years ago
2
LockIds not according to spec
#52
code423n4
opened
3 years ago
1
Manager can grief with fees
#51
code423n4
opened
3 years ago
0
Missing access restriction on `NFTXVaultUpgradeable.finalizeFund`
#50
code423n4
closed
3 years ago
2
Gas optimization for `StakingTokenProvider.nameForStakingToken`
#49
code423n4
opened
3 years ago
0
Unchecked external calls in `NFTXLPStaking`
#48
code423n4
opened
3 years ago
0
Unbounded iteration in `NFTXEligiblityManager.distribute` over `_feeReceivers`
#47
code423n4
opened
3 years ago
0
`distribute` DoS on missing `receiveRewards` implementation
#46
code423n4
opened
3 years ago
1
Missing usage of SafeMath
#45
code423n4
opened
3 years ago
1
Missing parameter validation
#44
code423n4
opened
3 years ago
0
Missing overflow check in `flashLoan`
#43
code423n4
opened
3 years ago
1
Useless calculations when the flash fee is 0
#42
code423n4
closed
3 years ago
1
Unused imports
#41
code423n4
closed
3 years ago
0
Join functions
#40
code423n4
closed
3 years ago
0
Unused variables
#39
code423n4
opened
3 years ago
0
Don't evaluate the same calculations over and over again
#38
code423n4
closed
3 years ago
0
immutable variables
#37
code423n4
closed
3 years ago
2
accessing storage in a loop
#36
code423n4
closed
3 years ago
2
struct with 1 field
#35
code423n4
closed
3 years ago
0
struct Config
#34
code423n4
closed
3 years ago
0
function flashLoan is vulnerable to overflow/underflow and maxFlashLoan is not used
#33
code423n4
closed
3 years ago
1
Explicitly check _rangeEnd >= _rangeStart
#32
code423n4
closed
3 years ago
1
flashLoan does not have a return statement
#31
code423n4
closed
3 years ago
1
function swapTo doesn't have a re-entrancy modifier
#30
code423n4
closed
3 years ago
1
erc1155 are redeemed one by one
#29
code423n4
closed
3 years ago
1
getPseudoRand is easily manipulatable
#28
code423n4
closed
3 years ago
1
function receiveNFTs does not check if amount > 0
#27
code423n4
closed
3 years ago
1
[INFO] function publicMint is for testing only
#26
code423n4
opened
3 years ago
1
eligibilityManager is always 0x0
#25
code423n4
opened
3 years ago
1
Unused events
#24
code423n4
closed
3 years ago
1
Previous
Next