code-423n4 2021-11-badgerzaps-findings issues

code-423n4 / 2021-11-badgerzaps-findings

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Gas Optimization on the Public Function

#79 code423n4 opened 2 years ago
1
Gas optimization: Unnecessary ops

#78 code423n4 opened 2 years ago
1
Gas optimization: Unreachable code in Zap.sol

#77 code423n4 opened 2 years ago
1
Gas optimization: Use else if for mutually exclusive conditions

#76 code423n4 opened 2 years ago
2
`setGuardian` incorrectly set governance in SettToRenIbbtcZap.sol

#75 code423n4 closed 2 years ago
3
`setGuardian` incorrectly set governance in IbbtcVaultZap.sol

#74 code423n4 closed 2 years ago
3
`redeem` may return less than `minOut`

#73 code423n4 closed 2 years ago
2
`calcMint` always return poolId=0 and idx=0

#72 code423n4 opened 2 years ago
1
No slippage control on `deposit` of IbbtcVaultZap.sol

#71 code423n4 opened 2 years ago
0
The Contracts Should safeApprove(0) first

#70 code423n4 closed 2 years ago
2
Upgrade pragma to at least 0.8.4

#69 code423n4 closed 2 years ago
2
Require statements without messages

#68 code423n4 closed 2 years ago
2
Open TODOs

#67 code423n4 opened 2 years ago
3
Unnecessary checked arithmetic in for loops

#66 code423n4 closed 2 years ago
2
Unnecessary array boundaries check when loading an array element twice

#65 code423n4 closed 2 years ago
2
Double reading of memory array index inside a loop

#64 code423n4 closed 2 years ago
2
You don't emit events

#63 code423n4 closed 2 years ago
2
safeApprove of openZeppelin is deprecated

#62 code423n4 closed 2 years ago
2
public function that could be set external instead

#61 code423n4 opened 2 years ago
1
Zap.sol init for loop - uint default value is 0

#60 code423n4 opened 2 years ago
1
named return issue - Zap.sol calcMint

#59 code423n4 opened 2 years ago
2
Unnecessary `SLOAD`s / `MLOAD`s / `CALLDATALOAD`s in for-each loops

#58 code423n4 opened 2 years ago
1
Calculate balance of twice as part of an important function

#57 code423n4 closed 2 years ago
2
Critical changes should use two-step procedure

#56 code423n4 opened 2 years ago
1
Missing events for critical operations

#55 code423n4 opened 2 years ago
3
Use immutable variables for settings that will be configured at deploy time

#54 code423n4 closed 2 years ago
2
Missing `_token.approve()` to `curvePool` in `setZapConfig`

#53 code423n4 opened 2 years ago
3
`blockLock` of `RENCRV_SETT` makes transactions likely to fail as only 1 transaction is allowed in 1 block

#52 code423n4 opened 2 years ago
3
`setGuardian()` Wrong implementation

#51 code423n4 opened 2 years ago
0
Excessive `require` makes the transaction fail unexpectedly

#50 code423n4 opened 2 years ago
2
`Zap.sol#mint()` Check `blockLock` earlier can save gas

#49 code423n4 opened 2 years ago
1
`IbbtcVaultZap.sol#deposit()` can be front run

#48 code423n4 closed 2 years ago
2
Improper implementation of slippage check

#47 code423n4 opened 2 years ago
1
Access control : wrongly setting the new guardian address to governance address

#46 code423n4 closed 2 years ago
1
Avoid unnecessary arithmetic operations can save gas

#45 code423n4 opened 2 years ago
1
Arithmetic operations without using SafeMath may over/underflow

#44 code423n4 opened 2 years ago
2
`initializer` functions can be front run

#43 code423n4 closed 2 years ago
2
Redundant type casting

#42 code423n4 opened 2 years ago
2
Avoid unnecessary code execution can save gas

#41 code423n4 opened 2 years ago
1
Use else if can save gas

#40 code423n4 closed 2 years ago
2
Unused local variables

#39 code423n4 opened 2 years ago
1
Missing error messages in require statements

#38 code423n4 closed 2 years ago
2
`Zap.sol#redeem()` Lack of input validation

#37 code423n4 opened 2 years ago
1
Avoid unnecessary read of array length in for loops can save gas

#36 code423n4 opened 2 years ago
1
`Zap.sol#mint()` Validation of `poolId` can be done earlier to save gas

#35 code423n4 opened 2 years ago
1
Adding `recipient` parameter to mint functions can help avoid unnecessary token transfers and save gas

#34 code423n4 opened 2 years ago
1
mint() Input Variable minOut Does Not Pass Value to interface ICurveFi add_liquidity()

#33 code423n4 closed 2 years ago
2
MAX_FEE Is Not Correct

#32 code423n4 closed 2 years ago
2
setGuardian() Privilage Escalation Causing Governance Lose Control of The Contract

#31 code423n4 closed 2 years ago
2
TODOs List May Leak Important Info & Errors

#30 code423n4 closed 2 years ago
1