issues
search
code-423n4
/
2021-09-yaxis-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
ERC20 return values not checked
#114
code423n4
opened
2 years ago
2
`YAxisVotePower.balanceOf` can be manipulated
#113
code423n4
opened
2 years ago
2
wrong YAXIS estimates
#112
code423n4
opened
2 years ago
1
Unbounded iterations over strategies or tokens
#111
code423n4
opened
2 years ago
1
Unused event `Controller.InsuranceClaimed`
#110
code423n4
closed
2 years ago
3
# Unused event `Harvester.VaultManagerSet`
#109
code423n4
closed
2 years ago
3
Unused event `Harvester.ControllerSet`
#108
code423n4
closed
2 years ago
2
Missing parameter validation
#107
code423n4
opened
2 years ago
2
The function `addToken` does not check if the token was already added
#106
code423n4
closed
2 years ago
3
`addToken` does not check if token decimals is at most `18`
#105
code423n4
closed
2 years ago
2
The `sqrt` function can overflow execute invalid operation
#104
code423n4
opened
2 years ago
2
Tokens that have multiple addresses can break some computations
#103
code423n4
closed
2 years ago
2
Overflow in `depositMultiple` can lead to infinite loop and incorrect deposit
#102
code423n4
closed
2 years ago
2
The function `removeToken` can get prohibitively expensive
#101
code423n4
opened
2 years ago
2
VaultHelper contract should never have tokens at the end of a transaction
#100
code423n4
opened
2 years ago
2
Safety of the Vyper compiler
#99
code423n4
opened
2 years ago
1
Upgrade to at least 0.8.4
#98
code423n4
opened
2 years ago
2
Redundant `notHalted` modifier in `depositMultiple`
#97
code423n4
closed
2 years ago
1
Caching storage pointer in `removeToken`
#96
code423n4
closed
2 years ago
2
Caching the length in for loops
#95
code423n4
opened
2 years ago
1
Consider making some constants as non-public to save gas
#94
code423n4
opened
2 years ago
1
Style issues
#93
code423n4
opened
2 years ago
2
notHalted in depositMultiple is not needed
#92
code423n4
closed
2 years ago
2
Join _checkToken function and modifier together
#91
code423n4
opened
2 years ago
3
Useless addition of _shares
#90
code423n4
closed
2 years ago
1
Unused imports
#89
code423n4
opened
2 years ago
2
Cache storage access
#88
code423n4
closed
2 years ago
1
Dead code
#87
code423n4
opened
2 years ago
1
uint8 is less efficient than uint256 in loop iterations
#86
code423n4
opened
2 years ago
1
VaultHelper could validate that amount is greater than 0
#85
code423n4
opened
2 years ago
3
_normalizeDecimals does not handle tokens with more than 18 decimals
#84
code423n4
closed
2 years ago
3
totalDepositCap caps shares not amount
#83
code423n4
closed
2 years ago
2
Decimals of upgradeable tokens may change
#82
code423n4
opened
2 years ago
3
setMinter should check that _minter is not empty
#81
code423n4
opened
2 years ago
1
Deposit event should emit amount or shares
#80
code423n4
closed
2 years ago
2
Gauge can be updated
#79
code423n4
closed
2 years ago
2
Inclusive check in setSlippage
#78
code423n4
opened
2 years ago
2
An attacker can steal funds from multi-token vaults
#77
code423n4
opened
2 years ago
1
Controller.withdraw(...) User may lose funds when withdraw wantToken from the underlying contract
#76
code423n4
closed
2 years ago
2
Vault: Zero Withdrawal Fee If Protocol Halts
#75
code423n4
opened
2 years ago
2
Vault: Withdrawals can be frontrun to cause users to burn tokens without receiving funds in return
#74
code423n4
opened
2 years ago
3
Vault: Withdrawal amount isn't un-normalized
#73
code423n4
closed
2 years ago
1
Vault: Unnecessary _add in _shares assignment
#72
code423n4
closed
2 years ago
2
Vault: Swaps at parity with swap fee = withdrawal fee
#71
code423n4
opened
2 years ago
3
Vault: Redundant notHalted modifier in depositMultiple()
#70
code423n4
opened
2 years ago
1
Removed tokens can't be withdrawn from vault
#69
code423n4
opened
2 years ago
2
Harvester: Unneeded safemath subtraction in removeStrategy()
#68
code423n4
closed
2 years ago
2
Harvester: Unnecessary rotation and timeout mechanism
#67
code423n4
closed
2 years ago
1
Harvester: Simpler implementation for canHarvest()
#66
code423n4
opened
2 years ago
2
Controller: Extra sload of _vaultDetails[_vault].balance
#65
code423n4
opened
2 years ago
1
Previous
Next