issues
search
code-423n4
/
2021-09-sushitrident-2-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Incorrect usage of typecasting in `burn` lets an attacker corrupt the pool state
#94
code423n4
closed
2 years ago
1
Sanity check on the lower and upper ticks
#93
code423n4
opened
2 years ago
3
Incorrect comparison in the `subscribe` of `ConcentratedLiquidityPoolManager`
#92
code423n4
closed
2 years ago
1
Incorrect comparison in the `_updatePosition` of `ConcentratedLiquidityPool`
#91
code423n4
opened
2 years ago
0
Timestamp underflow error in `swap` function of `ConcentratedLiquidityPool`
#90
code423n4
opened
2 years ago
0
Using unlocked/floating pragmas
#89
code423n4
closed
2 years ago
2
Users cannot receive rewards from `ConcentratedLiquidityPoolManager` if their liquidity is too large
#88
code423n4
opened
2 years ago
1
Integer underflow error in `claimReward` of `ConcentratedLiquidityPoolManager`
#87
code423n4
closed
2 years ago
2
Wrong usage of `positionId` in `ConcentratedLiquidityPoolManager`
#86
code423n4
opened
2 years ago
2
Unclaimed rewards are not deducted when reclaiming an incentive
#85
code423n4
closed
2 years ago
1
Overflow in the `mint` function of `ConcentratedLiquidityPool` causes LPs' funds to be stolen
#84
code423n4
opened
2 years ago
1
Incorrect usage of typecasting in `_getAmountsForLiquidity` lets an attacker steal funds from the pool
#83
code423n4
opened
2 years ago
4
Incorrect usage of typecasting in `burn` lets an attacker corrupt the pool state
#82
code423n4
closed
2 years ago
2
Wrong reserve decrease in `burn`
#81
code423n4
closed
2 years ago
1
Wrong reward calculation
#80
code423n4
closed
2 years ago
2
`incentiveId <= incentiveCount[pool]` is bad and can be removed
#79
code423n4
opened
2 years ago
1
Wrong indexes: positionId vs incentiveId
#78
code423n4
closed
2 years ago
1
`subscribe` can be called by anyone
#77
code423n4
opened
2 years ago
3
`addIncentive` may need more inputs checked
#76
code423n4
opened
2 years ago
2
`addIncentive` and `reclaimIncentive` can be external
#75
code423n4
opened
2 years ago
4
Style issues
#74
code423n4
opened
2 years ago
0
Useless state variable wETH
#73
code423n4
opened
2 years ago
0
Unused import
#72
code423n4
opened
2 years ago
0
Wrong subtraction from reserve in burn
#71
code423n4
closed
2 years ago
1
Register protocol
#70
code423n4
closed
2 years ago
2
Anyone can subscribe on behalf of other users
#69
code423n4
closed
2 years ago
1
Boundaries for timestamp values
#68
code423n4
opened
2 years ago
0
Manipulation of secondsClaimed
#67
code423n4
closed
2 years ago
1
Wrong index when accessing incentives
#66
code423n4
closed
2 years ago
1
Handle of deflationary tokens
#65
code423n4
opened
2 years ago
2
Can reclaim the same incentive multiple times
#64
code423n4
closed
2 years ago
1
uint32 for timestamps
#63
code423n4
opened
2 years ago
0
Inclusive conditions
#62
code423n4
opened
2 years ago
3
functions permit and permitAll can be tricked by an invalid signature
#61
code423n4
closed
2 years ago
2
_burn should decrement totalSupply
#60
code423n4
opened
2 years ago
3
Prevent transfers to an empty address
#59
code423n4
closed
2 years ago
2
Replace hex numbers with .selector
#58
code423n4
opened
2 years ago
0
Struct could be optimized for saving gas
#57
code423n4
opened
2 years ago
0
Cache storage variables in the stack can save gas
#56
code423n4
opened
2 years ago
0
Adding unchecked directive can save gas
#55
code423n4
opened
2 years ago
0
`ConcentratedLiquidityPoolManager.sol#reclaimIncentive` Misleading error message
#54
code423n4
opened
2 years ago
0
`ConcentratedLiquidityPosition.sol#collect()` Users may get double the amount of yield when they call `collect()` before `burn()`
#53
code423n4
opened
2 years ago
0
`ConcentratedLiquidityPosition.sol#burn()` Wrong implementation allows attackers to steal yield
#52
code423n4
opened
2 years ago
0
Burning does not update reserves
#51
code423n4
opened
2 years ago
0
Unsafe cast in ConcentratedLiquidityPool burn leads to attack
#50
code423n4
opened
2 years ago
0
Gas: `ConcentratedLiquidityPoolManager.addIncentive`
#49
code423n4
opened
2 years ago
0
`TridentNFT` signature malleability
#48
code423n4
opened
2 years ago
0
`TridentNFT.safeTransferFrom` now EIP-721 compliant
#47
code423n4
opened
2 years ago
0
`TridentNFT._mint` can mint to zero address
#46
code423n4
opened
2 years ago
1
`TridentNFT.permitAll` prviliges discrepancy for operator
#45
code423n4
opened
2 years ago
0
Next