issues
search
code-423n4
/
2021-10-tally-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Token Can Deny Execution of `sweepFees()` Function
#81
code423n4
opened
2 years ago
2
`sweepFees()` `tokens.length` Can Overflow
#80
code423n4
closed
2 years ago
2
Lack of Input Validation
#79
code423n4
closed
2 years ago
2
`Ownable` Contract Does Not Implement Two-Step Transfer Ownership Pattern
#78
code423n4
opened
2 years ago
1
fillZrxQuote doesn't return correct values when zrxSellTokenAddress == zrxBuyTokenAddress
#77
code423n4
closed
2 years ago
1
Unnecessary `SLOAD`s in `Swap.sweepFees()`
#76
code423n4
closed
2 years ago
1
Open TODOs
#75
code423n4
opened
2 years ago
0
Unnecessary `CALLDATALOAD`s in for-each loops
#74
code423n4
opened
2 years ago
2
Unnecessary checked arithmetic in for loops
#73
code423n4
opened
2 years ago
4
Unnecessary array boundaries check when loading an array element twice
#72
code423n4
opened
2 years ago
0
Prefix increaments are cheaper than postfix increaments
#71
code423n4
opened
2 years ago
0
`internal` functions can be `private`
#70
code423n4
opened
2 years ago
0
Transfer function is unreliable
#69
code423n4
closed
2 years ago
1
Users can avoid paying fees for ETH swaps
#68
code423n4
opened
2 years ago
2
`Swap.setFeeRecipient()` emits a `NewFeeRecipient` when the fee recipient hasn't changed
#67
code423n4
opened
2 years ago
2
`Swap.setSwapFee()` emits a `NewSwapFee` when the swap fee hasn't changed
#66
code423n4
opened
2 years ago
2
Unnecessary `SLOAD` in `Swap.setFeeRecipient()`
#65
code423n4
closed
2 years ago
1
Cache or use existing memory versions of state variables (feeRecipient, swapFee)
#64
code423n4
opened
2 years ago
0
Unnecessary `SLOAD` in `Swap.setSwapFee()`
#63
code423n4
opened
2 years ago
0
Unnecessary require statement in `Swap`'s constructor
#62
code423n4
opened
2 years ago
1
Unnecessary `SLOAD`s in `EmergencyGovernable.onlyTimelockOrEmergencyGovernance()`
#61
code423n4
opened
2 years ago
1
`SafeMath` is unnecessary in Solidity 0.8.0 or higher
#60
code423n4
closed
2 years ago
1
The initial `swapFee` can be greater than or equal to `SWAP_FEE_DIVISOR`
#59
code423n4
closed
2 years ago
1
Unnecessary `SLOAD`s in `Swap`'s constructor
#58
code423n4
closed
2 years ago
1
Gas Optimization On the Integer/Overflow Protection
#57
code423n4
closed
2 years ago
1
Function sweepFees Can Be Made More Efficient (Swap.sol)
#56
code423n4
closed
2 years ago
1
Do the external call only when the amount is not 0
#55
code423n4
closed
2 years ago
1
Lower than uint256 types are not more efficient
#54
code423n4
closed
2 years ago
1
msg.value should be 0 when token is not ETH
#53
code423n4
closed
2 years ago
2
FeesSwept will emit 0 amounts for ETH
#52
code423n4
closed
2 years ago
1
.transfer is used for transferring ether
#51
code423n4
closed
2 years ago
1
timelocked governance can grief with the fees
#50
code423n4
closed
2 years ago
3
Inclusive check
#49
code423n4
opened
2 years ago
1
Long Revert Strings
#48
code423n4
closed
2 years ago
1
Lack of input validtion of function perimeter while setting swapfee() and feeRecipient()
#47
code423n4
closed
2 years ago
2
use of floating pragma
#46
code423n4
opened
2 years ago
0
Lack of input validationn for address array
#45
code423n4
closed
2 years ago
2
use of transfer() instead of call() to send eth
#44
code423n4
closed
2 years ago
1
Gas: Math library could be "unchecked"
#43
code423n4
opened
2 years ago
0
Gas: SafeMath is not needed when using Solidity version 0.8
#42
code423n4
opened
2 years ago
0
Gas: minReceived check can be simplified
#41
code423n4
opened
2 years ago
1
Contract does not work well with fee-on transfer tokens
#40
code423n4
opened
2 years ago
1
Usage of transfer
#39
code423n4
closed
2 years ago
1
Validate `swapFee`
#38
code423n4
closed
2 years ago
1
Arbitrary contract call allows attackers to steal ERC20 from users' wallets
#37
code423n4
opened
2 years ago
0
Unused ERC20 tokens are not refunded
#36
code423n4
opened
2 years ago
2
Consider removing `Math.sol`
#35
code423n4
opened
2 years ago
0
Wrong calculation of `erc20Delta` and `ethDelta`
#34
code423n4
opened
2 years ago
3
Change `require` conditions can prevent fund loss when called with mistaken input data
#33
code423n4
closed
2 years ago
2
`transfer()` is not recommended for sending ETH
#32
code423n4
closed
2 years ago
1
Next