issues
search
code-423n4
/
2021-09-defiprotocol-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
External visibility should be preferred
#77
code423n4
closed
2 years ago
1
Declare functions as external as gas saving
#76
code423n4
closed
2 years ago
1
Use calldata instead of memory in function parameter declarations
#75
code423n4
opened
2 years ago
1
Initialize function of Basket can be invoked multiple times
#74
code423n4
closed
2 years ago
2
Not handling approve return value
#73
code423n4
opened
2 years ago
1
Unused code
#72
code423n4
closed
2 years ago
1
`proposal` declared as both a function and a Proposal in Factory
#71
code423n4
opened
2 years ago
0
Can change order of global variable declaration in Auction to save 2 storage slots
#70
code423n4
closed
2 years ago
1
Use of uint rather than uint256
#69
code423n4
opened
2 years ago
1
Code lacking comments/spec
#68
code423n4
opened
2 years ago
2
No safety check in `addbounty` allows attackers to steal tokens from `tx.origin`
#67
code423n4
closed
2 years ago
1
Bonding mechanism allows malicious user to DOS auctions
#66
code423n4
opened
2 years ago
2
Remove unused variable from contract
#65
code423n4
closed
2 years ago
2
Basket becomes unusable if everybody burns their shares
#64
code423n4
opened
2 years ago
1
Basket will break and lock all user funds if not used in 100 years
#63
code423n4
opened
2 years ago
3
Missing Transfer Ownership Pattern
#62
code423n4
opened
2 years ago
2
Lack of `SafeERC20` Library Use
#61
code423n4
closed
2 years ago
2
Missing Token Decimals Check
#60
code423n4
closed
2 years ago
2
USE SAFEERC20.SAFEAPPROVE IN approveUnderlying()
#59
code423n4
closed
2 years ago
2
Inaccurate log emitted at deleteNewIndex
#58
code423n4
opened
3 years ago
1
BLOCK_DECREMENT not used
#57
code423n4
opened
3 years ago
0
Scoop ERC20 tokens from basket contract
#56
code423n4
opened
3 years ago
1
malicious tokens could be added with addBounty
#55
code423n4
opened
3 years ago
2
settleAuction() can reset auctionBonder
#54
code423n4
closed
2 years ago
1
handleFees() only mint when necessary
#53
code423n4
opened
3 years ago
1
handleFees() will revert if licenseFee is too high
#52
code423n4
opened
3 years ago
1
More readable constants
#51
code423n4
opened
3 years ago
1
initialize of Basket.sol is missing initializer
#50
code423n4
opened
3 years ago
2
FRONT-RUNNABLE INITIALIZERS
#49
code423n4
closed
2 years ago
2
Reentrancy Risk In Basket.burn and Basket.mintTo
#48
code423n4
closed
2 years ago
2
Basket/Auction Singletons Are Interactable
#47
code423n4
closed
2 years ago
1
`withdrawBounty()` Can Deny Execution of `settleAuction()`
#46
code423n4
closed
2 years ago
2
Auction settler can steal user funds if bond timestamp is high enough
#45
code423n4
opened
3 years ago
3
Reentrancy through `withdrawBounty`
#44
code423n4
closed
2 years ago
2
Redundant call to external contract, result can be saved
#43
code423n4
opened
3 years ago
1
No minimum rate in the auction may break the protocol under network failure
#42
code423n4
opened
3 years ago
1
settleAuction may be impossible if locked at a wrong time.
#41
code423n4
opened
3 years ago
1
Restore state to 0 if not needed anymore
#40
code423n4
opened
3 years ago
1
Unnecessary initializing of variable to 0
#39
code423n4
opened
3 years ago
1
Pack together bool variables in Auction
#38
code423n4
closed
2 years ago
1
TIMELOCK_DURATION is not set to 1 day
#37
code423n4
closed
2 years ago
2
One day is not set correctly
#36
code423n4
closed
2 years ago
2
Unsafe approve would halt the auction and burn the bond
#35
code423n4
opened
3 years ago
2
Declare Auction.sol variable IBasket and Ifactory as immutable to save gas
#34
code423n4
closed
2 years ago
2
Basket.sol is Ownable but not owner capabilites are used
#33
code423n4
closed
2 years ago
1
Unnecessary new list in Basket's validateWeights()
#32
code423n4
closed
2 years ago
1
Reentrancy in settleAuction(): malicious publisher can bypass index timelock mechanism, inject malicious index, and rug the basket
#31
code423n4
opened
3 years ago
1
Cannot change pending while timelocked
#30
code423n4
opened
3 years ago
1
Tokens Provided out of order
#29
code423n4
closed
2 years ago
1
Each basket needs individual ERC20 approval
#28
code423n4
closed
2 years ago
1
Previous
Next