issues
search
code-423n4
/
2021-12-maple-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
ERC20 approve method missing return value check
#78
code423n4
closed
2 years ago
3
Gas Optimization: Use external for function not called internally
#77
code423n4
closed
2 years ago
2
Early exit fee and last period interest can be avoided by a borrower
#76
code423n4
closed
2 years ago
4
Gas Optimization: Use != 0 instead of > 0
#75
code423n4
closed
2 years ago
3
Gas Optimization: Unchecked safe math
#74
code423n4
closed
2 years ago
3
Less than 256 uints are not gas efficient
#73
code423n4
closed
2 years ago
2
IsContract Function Usage
#72
code423n4
opened
2 years ago
3
Gas Optimization: Remove amount_ == uint256(0) checks
#71
code423n4
closed
2 years ago
2
Gas Optimization: Reduce uint size to pack variable into 1 slot
#70
code423n4
closed
2 years ago
3
refinancer used in delegatecall can be any contract
#69
code423n4
closed
2 years ago
2
Missing Conditional Check On the Approve Function
#68
code423n4
closed
2 years ago
2
Fund stuck in `Liquidator` if `stopLiquidation` is called
#67
code423n4
opened
2 years ago
4
Reuse arithmetic results can save gas
#66
code423n4
opened
2 years ago
3
Avoid unnecessary arithmetic operations can save gas
#65
code423n4
opened
2 years ago
2
`Liquidator.sol#_locked` Switching between 1, 2 instead of true, false is more gas efficient
#64
code423n4
opened
2 years ago
2
Unnecessary checked arithmetic in for loops
#63
code423n4
closed
2 years ago
3
Cache external call result in the stack can save gas
#62
code423n4
opened
2 years ago
2
A malicious `borrower` can `makePayment()` without sufficient collateral
#61
code423n4
closed
2 years ago
2
Gas Optimization: Let keeper return liquidation proceed from strategy
#60
code423n4
closed
2 years ago
2
Cache storage variables in the stack can save gas
#59
code423n4
closed
2 years ago
2
`MapleLoanInternals.sol#_initialize()` Insufficient input validation
#58
code423n4
closed
2 years ago
2
Consider adding storage gaps to proxied contracts
#57
code423n4
opened
2 years ago
2
`makePayment()` Lack of access control allows malicious `lender` to retrieve a large portion of the funds earlier, making the borrower suffer fund loss
#56
code423n4
opened
2 years ago
2
Gas Optimization: Use constant instead of block.timestamp
#55
code423n4
opened
2 years ago
2
Use immutable variable can save gas
#54
code423n4
closed
2 years ago
2
`MapleLoan.sol#drawdownFunds()` Validation of `amount_` can be done earlier to save gas
#53
code423n4
closed
2 years ago
2
Unchecked return value for `ERC20.approve` call
#52
code423n4
opened
2 years ago
3
Outdated compiler version
#51
code423n4
closed
2 years ago
3
Adding unchecked directive can save gas
#50
code423n4
opened
2 years ago
2
Code Style: public functions not used by current contract should be external
#49
code423n4
closed
2 years ago
2
Use short reason strings can save gas
#48
code423n4
closed
2 years ago
2
Unsafe implementation of `fundLoan()` allows attacker to steal collateral from an unfunded loan
#47
code423n4
opened
2 years ago
2
Anyone can call `closeLoan()` to close the loan
#46
code423n4
opened
2 years ago
2
Insufficient input validation
#45
code423n4
opened
2 years ago
2
Refinancer has no access controls for loan parameters setters, which don't validate new parameters
#44
code423n4
closed
2 years ago
3
MapleLoanInternals._initialize allows arbitrary reinitialization
#43
code423n4
closed
2 years ago
4
UpgradePath Does Not Validate toVersion_ Is Higher Than fromVersion_
#42
code423n4
closed
2 years ago
3
TODOs List May Leak Important Info & Errors
#41
code423n4
closed
2 years ago
3
Long Revert Strings are Waste of Gas
#40
code423n4
closed
2 years ago
2
MapleProxyFactory.sol: Constructor Does Not Check for Zero Address
#39
code423n4
closed
2 years ago
3
Liquidator.sol: Constructor Does Not Check for Zero Addresses
#38
code423n4
closed
2 years ago
2
Drain strategy contracts
#37
code423n4
closed
2 years ago
2
Lack of input validation
#36
code423n4
closed
2 years ago
2
Functionality of liquidation strategies can be broken
#35
code423n4
opened
2 years ago
2
Liquidation strategies are missing authorization checks
#34
code423n4
closed
2 years ago
2
Same implementation can be registerd for several versions
#33
code423n4
opened
2 years ago
2
Missing `success` return value check in liquidations
#32
code423n4
closed
2 years ago
3
MapleLoanInternals._initialize doesn't check validity of its arguments
#31
code423n4
closed
2 years ago
4
UniswapV2Strategy and SushiswapStrategy swap functions treat min return amount as desired amount
#30
code423n4
closed
2 years ago
2
MapleLoanInternals:_getEarlyPaymentBreakdown() save a SLOAD
#29
code423n4
closed
2 years ago
2
Next