issues
search
code-423n4
/
2021-10-slingshot-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Contract Selfdestruct via delegatecall
#102
code423n4
closed
2 years ago
3
Privilege Escalation via Delegate Call
#101
code423n4
closed
2 years ago
3
Slingshot is ConcatString
#100
code423n4
closed
2 years ago
0
dead code
#99
code423n4
closed
2 years ago
1
onlyAdmin batch
#98
code423n4
closed
2 years ago
0
Unchecked maths
#97
code423n4
closed
2 years ago
0
rescueTokens validation of the recipient
#96
code423n4
closed
2 years ago
2
msg.value should be 0 when input token is not native
#95
code423n4
closed
2 years ago
2
receive function
#94
code423n4
opened
2 years ago
0
payable swap
#93
code423n4
closed
2 years ago
3
i and j indexes and the iToken and jToken addresses
#92
code423n4
closed
2 years ago
2
Minimum amount front running/sandwich attacks
#91
code423n4
closed
2 years ago
2
Small gas improvement
#90
code423n4
opened
2 years ago
0
No Input Validation When Setting Up Values For Immutable State Variables (Slingshot.sol)
#89
code423n4
closed
2 years ago
2
ConcatStrings prependNumber is not used
#88
code423n4
opened
2 years ago
1
Unused internal _sendFunds function in Slingshot
#87
code423n4
closed
2 years ago
1
No tests for protocol
#86
code423n4
closed
2 years ago
2
Confusing comment in CurveModule
#85
code423n4
opened
2 years ago
2
Confusing comment on IUniswapModule
#84
code423n4
opened
2 years ago
2
Gas: Use a constant instead of `block.timestamp` for the deadline
#83
code423n4
opened
2 years ago
0
Left-over tokens can be stolen
#82
code423n4
opened
2 years ago
1
`LibERC20Token.approveIfBelow` should approve(0) first
#81
code423n4
opened
2 years ago
0
`Slingshot._sendFunds` function not used and wrong
#80
code423n4
opened
2 years ago
1
Missing parameter validation
#79
code423n4
closed
2 years ago
1
Inconsistent balance comparison of nativeToken in executeTrades
#78
code423n4
closed
2 years ago
1
Trades where toToken is feeOnTransferToken might send user less tokens than finalAmountMin
#77
code423n4
opened
2 years ago
2
Admin can abuse grantSlingshot and steal user funds
#76
code423n4
closed
2 years ago
2
`Slingshot.sol` Unused code
#75
code423n4
closed
2 years ago
1
`Executioner.sol` should not be `payable`
#74
code423n4
closed
2 years ago
2
Combine external calls into one can save gas
#73
code423n4
opened
2 years ago
0
Critical changes should use two-step procedure
#72
code423n4
closed
2 years ago
1
Typos
#71
code423n4
opened
2 years ago
0
Outdated compiler version
#70
code423n4
opened
2 years ago
0
Avoid unnecessary storage read can save gas
#69
code423n4
opened
2 years ago
0
Adding unchecked directive can save gas
#68
code423n4
opened
2 years ago
1
Code Style: consistency
#67
code423n4
opened
2 years ago
0
`SlingshotI` is unnecessary
#66
code423n4
opened
2 years ago
0
Code Style: Abstract contracts should not be prefixed by `I`
#65
code423n4
opened
2 years ago
0
Use short reason strings can save gas
#64
code423n4
closed
2 years ago
0
Cache array length in for loops can save gas
#63
code423n4
opened
2 years ago
0
Remove redundant access control checks can save gas
#62
code423n4
opened
2 years ago
1
`IUniswapModule.sol` use an immutable variable `router` can save gas and simplify implementation
#61
code423n4
opened
2 years ago
0
`require(msg.value == 0)` should be added to prevent fund loss when called with mistaken input data
#60
code423n4
closed
2 years ago
1
`initialBalance` for native token is wrong
#59
code423n4
opened
2 years ago
1
Wrong implementation of `Slingshot.sol#_sendFunds()`
#58
code423n4
closed
2 years ago
1
Avoid unnecessary code execution can save gas
#57
code423n4
opened
2 years ago
0
`CurveModule.sol#swap()` Unused parameter
#56
code423n4
opened
2 years ago
2
Redundant code
#55
code423n4
opened
2 years ago
2
DOS attack possible for Token->ETH trades
#54
code423n4
closed
2 years ago
1
Function documentation incorrect for `Slingshot::_transferFromOrWrap`
#53
code423n4
opened
2 years ago
2
Next