code-423n4 2021-11-overlay-findings issues

code-423n4 / 2021-11-overlay-findings

1 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Uniswap pool can be manipulated to exploit OverlayV1OVLCollateral's unwind and liquidate functions

#142 code423n4 closed 2 years ago
3
OverlayV1Governance.setEverything does unnecessary function calls

#141 code423n4 opened 3 years ago
1
UniswapV3Listener.listen has debug gas check left

#140 code423n4 closed 2 years ago
2
OverlayV1OVLCollateral.liquidate storage pos.cost variable is accessed two times, can be saved to memory

#139 code423n4 closed 2 years ago
2
OverlayV1OVLCollateral.liquidate storage pos.market variable is read up to three times, can be saved to memory

#138 code423n4 opened 3 years ago
1
OverlayV1OVLCollateral.getCurrentBlockPositionId does excessive storage structure read

#137 code423n4 closed 2 years ago
2
OverlayV1OVLCollateral.getCurrentBlockPositionId does excessive storage mapping read

#136 code423n4 closed 2 years ago
2
OVL token shouldn't be available for substitution, needs to be set only once

#135 code423n4 opened 3 years ago
2
Fee double counting for underwater positions

#134 code423n4 opened 3 years ago
0
_rewardsTo not empty

#133 code423n4 opened 3 years ago
2
OverlayV1UniswapV3Market constructor doesn’t check immutable variables to be set

#132 code423n4 closed 2 years ago
3
UniswapV3Listener constructor don't check for zero _uniV3Pool and token addresses

#131 code423n4 closed 2 years ago
3
Upgrade pragma to at least 0.8.4

#130 code423n4 closed 2 years ago
2
Cached version of ovl may be outdated

#129 code423n4 opened 3 years ago
3
OverlayV1Governance and OverlayV1OVLCollateral constructors don't check for zero _mothership and OVL addresses

#128 code423n4 closed 2 years ago
2
OZ ERC1155Supply vulnerability

#127 code423n4 opened 3 years ago
0
Pack structs tightly

#126 code423n4 opened 3 years ago
1
Eliminate subtraction

#125 code423n4 opened 3 years ago
1
Eliminate duplicate math operations

#124 code423n4 opened 3 years ago
1
Cache storage access

#123 code423n4 opened 3 years ago
2
Dead code

#122 code423n4 opened 3 years ago
1
Operations in constant variables

#121 code423n4 closed 2 years ago
2
Timelock and events for governor functions

#120 code423n4 opened 3 years ago
3
Discrepancies between the interface and implementation

#119 code423n4 opened 3 years ago
1
Context and msg.sender

#118 code423n4 opened 3 years ago
1
Fee boundaries are not validated

#117 code423n4 closed 2 years ago
2
Open TODOs in Codebase

#116 code423n4 opened 3 years ago
1
Less than 256 uints are not gas efficient

#115 code423n4 closed 2 years ago
2
Redundant SafeMath Library Import

#114 code423n4 closed 2 years ago
3
`> 0` can be replaced with `!= 0` for gas optimization

#113 code423n4 opened 3 years ago
3
Gas optimization: Unused variable in OverlayV1Mothership.sol

#112 code423n4 closed 2 years ago
2
Use of constant keccak variables results in extra hashing (and so gas).

#111 code423n4 opened 3 years ago
1
Changing function visibility from public to external can save gas

#110 code423n4 closed 2 years ago
3
Change unchanged storage variables to constants can save gas

#109 code423n4 closed 2 years ago
2
++i is more gas efficient than i++ in loops forwarding

#108 code423n4 closed 2 years ago
3
Gas optimization: Struct layout

#107 code423n4 closed 2 years ago
2
Mismatch in value of OI added in build compared to value removed in unwind

#106 code423n4 closed 2 years ago
2
At `OverlayV1Comptroller.sol`, `_roller.time` shouldn't be cached

#105 code423n4 opened 3 years ago
1
Unbounded marginMaintenance

#104 code423n4 closed 2 years ago
2
Wrong value of OI used during liquidation in OverlayV1OVLCollateral.sol

#103 code423n4 closed 2 years ago
2
Unbounded fee

#102 code423n4 closed 2 years ago
1
Unbounded feeBurnRate and marginBurnRate

#101 code423n4 closed 2 years ago
1
No bound on marginRewardRate

#100 code423n4 closed 2 years ago
1
_transferBurn not decrementing totalSupply of OVL after burn

#99 code423n4 closed 2 years ago
1
_transferMint not incrementing totalSupply of OVL after minting

#98 code423n4 closed 2 years ago
1
Using/Importing ERC1155Supply.sol from openzeppelin version 4.3.2

#97 code423n4 closed 2 years ago
1
Require statements messages too long

#96 code423n4 closed 2 years ago
1
State variables can be `immutable`s

#95 code423n4 opened 3 years ago
2
approve function is vulnerable

#94 code423n4 opened 3 years ago
2
require should come first

#93 code423n4 opened 3 years ago
0