issues
search
code-423n4
/
2021-08-gravitybridge-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Cannot actually submit evidence
#64
code423n4
opened
2 years ago
2
Lack of sufficient power check in `updateValset` of `Gravity`
#63
code423n4
closed
2 years ago
1
Incorrect accounting on transfer-on-fee/deflationary tokens in `Gravity`
#62
code423n4
opened
3 years ago
2
Direct usage of `ecrecover` allows signature malleability
#61
code423n4
opened
3 years ago
3
SafeMath library is not always used in `Gravity`
#60
code423n4
opened
3 years ago
2
Using unlocked/floating pragma in `Gravity`
#59
code423n4
closed
2 years ago
2
Filter Logic calls to gravity cosmos at client level to avoid reverts
#58
code423n4
opened
3 years ago
3
Misleading comments in nonce fetching functions
#57
code423n4
closed
2 years ago
2
Unhandled reverts from Cosmos to Eth batches can cause *Denial Of Service*
#56
code423n4
opened
3 years ago
3
Lack of Validation Check
#55
code423n4
opened
3 years ago
5
Consider adding a token whitelist in `sendToCosmos` function
#54
code423n4
opened
3 years ago
2
Anyone can deploy ERC20 tokens
#53
code423n4
opened
3 years ago
2
The reward mechanism is front-runnable
#52
code423n4
closed
2 years ago
2
The function `updateValset` does not have enough sanity checks
#51
code423n4
opened
3 years ago
2
Functions that can be made external
#50
code423n4
closed
2 years ago
1
Avoid long revert strings.
#49
code423n4
opened
3 years ago
3
State Variables that can be changed to `immutable`
#48
code423n4
opened
3 years ago
2
Use `calldata` instead of `memory` for function parameters
#47
code423n4
opened
3 years ago
3
Caching the length in for loops
#46
code423n4
opened
3 years ago
2
Upgrade to at least Solidity 0.8.4
#45
code423n4
opened
3 years ago
2
state variable that are not updated throughout the contract they should be declared as constant
#44
code423n4
closed
2 years ago
1
lack of validation for the v and s value in recover() funciton
#43
code423n4
closed
2 years ago
2
use of floating pragma
#42
code423n4
opened
3 years ago
2
Gravity: Update to latest sol version
#41
code423n4
closed
2 years ago
1
Gravity: Consider enforcing validation expiry on-chain
#40
code423n4
opened
3 years ago
3
Style issues
#39
code423n4
opened
3 years ago
2
Regular arithmetic operations when calculating cumulativePower
#38
code423n4
closed
2 years ago
1
Sum of validator powers should always be no less than the threshold
#37
code423n4
closed
2 years ago
1
Pack structs tightly
#36
code423n4
opened
3 years ago
2
Cache values
#35
code423n4
opened
3 years ago
2
Immutable variables
#34
code423n4
closed
2 years ago
1
Actions can be frontrunned
#33
code423n4
opened
3 years ago
2
Why nonces are not incrementing by 1 ?
#32
code423n4
opened
3 years ago
3
Validations of parameters
#31
code423n4
opened
3 years ago
2
Validations of validators
#30
code423n4
closed
2 years ago
2
Skip functionCall when the payload is empty
#29
code423n4
opened
3 years ago
2
ecrecover returns empty address when the signature is invalid
#28
code423n4
closed
2 years ago
2
powers in a decreasing order
#27
code423n4
opened
3 years ago
2
cumulativePower check should be inclusive
#26
code423n4
opened
3 years ago
2
logic calls can steal tokens
#25
code423n4
opened
3 years ago
4
DoS for submitting batches and logic calls
#24
code423n4
closed
2 years ago
2
validator set can be updated with same set
#23
code423n4
opened
3 years ago
3
signatures are malleable
#22
code423n4
closed
2 years ago
2
signatures are accepted for zero address
#21
code423n4
closed
2 years ago
2
Panics as error-handling
#20
code423n4
opened
3 years ago
3
Downcasting Can Freeze The Chain
#19
code423n4
opened
3 years ago
3
Anti-pattern `is_err()`, `return`, then `.unwrap()`
#18
code423n4
opened
3 years ago
2
`Vec::new()` instead of `Iterator::collect()`
#17
code423n4
opened
3 years ago
2
Passing by ownership instead of borrowing
#16
code423n4
opened
3 years ago
2
The gravity.sol router should have pause/unpause functionality.
#15
code423n4
opened
3 years ago
3
Next