code-423n4 2021-09-defiprotocol-findings issues

code-423n4 / 2021-09-defiprotocol-findings

1 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

`bondBurn()` Leads to Unrecoverable Tokens

#277 code423n4 closed 2 years ago
2
DDoS of rebalance

#276 code423n4 closed 2 years ago
2
Limit on growth size of pool - bond size

#275 code423n4 opened 3 years ago
2
No input validation on parameter changes

#274 code423n4 opened 3 years ago
1
Unnecessary require check

#273 code423n4 opened 3 years ago
1
CEI for reentrancy on L85-87

#272 code423n4 closed 2 years ago
1
block.timestamp is a better timer than block.number

#271 code423n4 opened 3 years ago
1
Add nonreentrant modifiers to external methods in 2 files

#270 code423n4 opened 3 years ago
1
If newRatio can differ drastically from the old ibRatio attacks could take place

#269 code423n4 closed 2 years ago
2
Risk of memory overflow

#268 code423n4 closed 2 years ago
2
Unusual fee calculation

#267 code423n4 closed 2 years ago
3
Reentrancy during Bounty withdrawal

#266 code423n4 closed 2 years ago
2
Owner can steal all Basket funds during auction

#265 code423n4 opened 3 years ago
2
`handleFees` reverts if supply is zero

#264 code423n4 opened 3 years ago
1
Event BasketLicenseProposed needs an idNumber

#263 code423n4 opened 3 years ago
2
`proposeBasketLicense` can be external

#262 code423n4 closed 2 years ago
2
`bondTimestamp` is not a timestamp but a blocknumber

#261 code423n4 opened 3 years ago
2
`approveUnderlying` isn't safe

#260 code423n4 closed 2 years ago
1
`deleteNewIndex` can be external

#259 code423n4 closed 2 years ago
2
Lack of revert messages

#258 code423n4 opened 3 years ago
2
`mintTo` arguments order

#257 code423n4 opened 3 years ago
1
Reentrancy hook on bounty

#256 code423n4 closed 2 years ago
3
Basket.handleFees() (contracts/Basket.sol#110-129) performs a multiplication on the result of a division

#255 code423n4 closed 2 years ago
1
Vairable never used

#254 code423n4 closed 2 years ago
1
Same tokens added to bounty

#253 code423n4 opened 3 years ago
1
pack structs *3

#252 code423n4 opened 3 years ago
1
Zero fees

#251 code423n4 closed 2 years ago
2
Naming

#250 code423n4 opened 3 years ago
2
Trying to use timestamps with blocknumbers

#249 code423n4 closed 2 years ago
2
`burn` and `mintTo` in `Basket.sol` vulnerable to reentrancy

#248 code423n4 opened 3 years ago
3
No require messages

#247 code423n4 closed 2 years ago
2
Incorrect timing

#246 code423n4 closed 2 years ago
2
Unecessary transfer trips

#245 code423n4 opened 3 years ago
1
Front running basket Creation

#244 code423n4 closed 2 years ago
2
No restrictions on owner setting params

#243 code423n4 closed 2 years ago
2
Auction multiplier set to zero

#242 code423n4 opened 3 years ago
2
Bond div set to zero

#241 code423n4 closed 2 years ago
2
Set functions to external.

#240 code423n4 opened 3 years ago
1
Inconsistency: variable setting

#239 code423n4 closed 2 years ago
1
Gas optimation proposal struct

#238 code423n4 opened 3 years ago
1
Gas saving: pack struct

#237 code423n4 opened 3 years ago
1
Fee on transfer tokens can lead to incorrect approval

#236 code423n4 opened 3 years ago
2
Proposals can never get created due to reaching `block.gaslimit`

#235 code423n4 opened 3 years ago
1
Sanity checks when the contract parameters are updated

#234 code423n4 opened 3 years ago
2
State variables that can be set to immutable

#233 code423n4 closed 2 years ago
2
The increment in for loop post condition can be made unchecked

#232 code423n4 opened 3 years ago
1
Caching the length in for loops

#231 code423n4 closed 3 years ago
2
Replace `tokenList.length` by existing variable `length`

#230 code423n4 opened 3 years ago
1
Use `calldata` instead of `memory` for function parameters

#229 code423n4 opened 3 years ago
1
Gas: Can save an sload in `changeLicenseFee`

#228 code423n4 opened 3 years ago
1