code-423n4 2021-12-nftx-findings issues

code-423n4 / 2021-12-nftx-findings

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Validations

#234 code423n4 opened 2 years ago
0
Anyone can remove the manager role with NFTXVaultUpgradeable.finalizeVault

#233 code423n4 closed 2 years ago
2
Griefing attack is possible as NFTXStakingZap, PalmNFTXStakingZap, NFTXMarketplaceZap rely on zero vault token balance for LP and minting

#232 code423n4 closed 2 years ago
2
NFTXMarketplaceZap: Balance check can result in DOS

#231 code423n4 closed 2 years ago
2
NFTXSimpleFeeDistributor#addReceiver: Failure to check for existing receiver

#230 code423n4 opened 2 years ago
2
NFTXStakingZap: Balance check can result in griefing

#229 code423n4 closed 2 years ago
2
NFTXMarketplaceZap: incorrect parameter name

#228 code423n4 opened 2 years ago
1
NFTXStakingZap: Sanity checks on “to” (dest) address

#227 code423n4 opened 2 years ago
0
NFTXMarketplaceZap: Add rescue() function

#226 code423n4 opened 2 years ago
0
NFTXMarketplaceZap: Ensure “to” (dest address) is not the marketplace zap contract

#225 code423n4 closed 2 years ago
1
NFTXMarketplaceZap: Restrict native ETH transfers to WETH contract

#224 code423n4 opened 2 years ago
0
NFTXStakingZap: Restrict native ETH transfers to WETH contract

#223 code423n4 closed 2 years ago
1
NFTXSimpleFeeDistributor: Inconsistency between implementation and comment

#222 code423n4 opened 2 years ago
1
PausableUpgradeable: Document lockId code 10 = deposit

#221 code423n4 opened 2 years ago
0
NFTXLPStaking: Implementation Upgrade Storage Layout Caution

#220 code423n4 opened 2 years ago
1
NFTXSimpleFeeDistributor: Changes are not compatible with existing FeeDistributor

#219 code423n4 closed 2 years ago
2
NFTXInventoryStaking: Index vaultId in events

#218 code423n4 opened 2 years ago
1
NFTXStakingZap: Unused xTokenMinted variable

#217 code423n4 opened 2 years ago
0
NFTXInventoryStaking: Unused variables

#216 code423n4 closed 2 years ago
1
Using x!= 0 costs less gas than x>0 for uint

#215 code423n4 closed 2 years ago
1
Cached lpStaking and inventoryStaking in Zap contracts

#214 code423n4 opened 2 years ago
1
Pool Manager can frontrun fees to 100% and use it to steal the value from users

#213 code423n4 opened 2 years ago
2
Unused receive in NFTXStakingZap, NFTXMarketplaceZap and PalmNFTXStakingZap contracts

#212 code423n4 closed 2 years ago
2
_sendForReceiver returns false when receiver is EOA

#211 code423n4 closed 2 years ago
2
Long revert messages

#210 code423n4 closed 2 years ago
1
Constants can be made internal / private

#209 code423n4 opened 2 years ago
0
Use unchecked math and cache values

#208 code423n4 opened 2 years ago
0
Explicit initialization with zero not required

#207 code423n4 opened 2 years ago
0
!= 0 costs less gass compared to > 0 for unsigned integer inside pure or view functions

#206 code423n4 closed 2 years ago
1
Unused function input argument "vault"

#205 code423n4 opened 2 years ago
0
Redundant code: NFTXLPStaking.sol function emergencyExit()

#204 code423n4 closed 2 years ago
2
Use `calldata` instead of `memory` for external functions where the function argument is read-only.

#203 code423n4 closed 2 years ago
1
Use temporary variable for array.length

#202 code423n4 closed 2 years ago
1
TimelockRewardDistributionTokenImpl.sol function withdrawableRewardOf() visibility can be changed from internal to public

#201 code423n4 opened 2 years ago
0
UpgradeableBeacon should initialize OwnableUpgradeable ?

#200 code423n4 closed 2 years ago
2
isContract() duplication and Address.sol library usage

#199 code423n4 opened 2 years ago
0
Unnecessary checked arithmetic in for-loops

#198 code423n4 opened 2 years ago
0
Unused imports

#197 code423n4 closed 2 years ago
1
NFTXVaultFactoryUpgradeable.sol function assignFees() does not have onlyOwner modifier

#196 code423n4 opened 2 years ago
1
`++i` costs less gass compared to `i++`

#195 code423n4 opened 2 years ago
0
An array's length should be cached to save gas in for-loops

#194 code423n4 closed 2 years ago
1
Using 10**X for constants isn't gas efficient

#193 code423n4 opened 2 years ago
0
Ownable Contract Does Not Implement Two-Step Transfer Ownership Pattern

#192 code423n4 closed 2 years ago
1
Cache storage variables in the stack can save gas

#191 code423n4 opened 2 years ago
0
Wrong code style

#190 code423n4 opened 2 years ago
0
Upgrade pragma to at least 0.8.4

#189 code423n4 opened 2 years ago
0
Unsafe transfer in XTokenUpgradeable

#188 code423n4 closed 2 years ago
2
Gas Optimization: Use immutable to cache beaconhash

#187 code423n4 opened 2 years ago
0
Unsafe approve in NFTXSimpleFeeDistributor

#186 code423n4 opened 2 years ago
0
NFTXStakingZap and NFTXMarketplaceZap's transferFromERC721 transfer Cryptokitties to the wrong address

#185 code423n4 opened 2 years ago
1