issues
search
code-423n4
/
2022-01-sandclock-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
the order of the tokenids is different between the `Depositors` and `Claimers`
#144
code423n4
closed
2 years ago
3
Missing reentrant check can be abused by increasing total share, before transfering underlying token
#143
code423n4
closed
2 years ago
1
`Vault.deposit()` Does Not Prevent Zero Amount Deposits
#142
code423n4
closed
2 years ago
1
it is better to make the `salt` non user input
#141
code423n4
closed
2 years ago
2
require check doesnt comply with an underlying token that implemented fee in the transfer and transferFrom function
#140
code423n4
closed
2 years ago
3
`NonUSTStrategy` invested assets can be manipulated
#139
code423n4
closed
2 years ago
1
Missing slippage/min-return check in `NonUSTStrategy`
#138
code423n4
closed
2 years ago
1
NonUST strategies lose value with swap fees
#137
code423n4
closed
2 years ago
1
Depositors are at mercy of admins to get their funds back
#136
code423n4
closed
2 years ago
2
DoS on finishing deposits
#135
code423n4
closed
2 years ago
1
Re-entrancy in _createDeposit allows stealing tokens
#134
code423n4
closed
2 years ago
2
Re-entrancy in _withdraw allows stealing tokens
#133
code423n4
closed
2 years ago
3
A Single Malicious Trusted Account Can Takeover Parent Contract
#132
code423n4
closed
2 years ago
1
bug in claimers contract dissable users from claiming yield and more.
#131
code423n4
closed
2 years ago
2
Well-Funded Sponsors Can Severely Inhibit The Availability Of The Protocol
#130
code423n4
closed
2 years ago
2
typo miskate in comment
#129
code423n4
closed
2 years ago
3
No slippage protection on _swapUstToUnderlying can lead to lost funds
#128
code423n4
closed
2 years ago
1
No slippage protection on _swapUnderlyingToUst can lead to lost funds
#127
code423n4
closed
2 years ago
1
Vault withdraws should withdraw from strategy if necessary
#126
code423n4
closed
2 years ago
1
Vault._withdraw miscalculates shares and amounts for second and subsequent deposits being withdrawn
#125
code423n4
closed
2 years ago
4
strategy change can be prevented
#124
code423n4
closed
2 years ago
1
Typos
#123
code423n4
closed
2 years ago
1
Lack of slippage checks during swap
#122
code423n4
closed
2 years ago
1
forgot to remove todo comment
#121
code423n4
closed
2 years ago
2
fees amounts are wrong
#120
code423n4
closed
2 years ago
2
`Vault._withdraw()` uses cached totalShares instead of the updated value in for loop
#119
code423n4
closed
2 years ago
3
unimplemented todo task
#118
code423n4
closed
2 years ago
2
Sensitive actions in BaseStrategy don't emit events
#117
code423n4
closed
2 years ago
1
Missing topic in Unsponsored event
#116
code423n4
closed
2 years ago
1
TODO Comments
#115
code423n4
closed
2 years ago
2
Non-informative error messages in require()
#114
code423n4
closed
2 years ago
2
Different Solidity versions used
#113
code423n4
closed
2 years ago
1
Unused `nextId` variable
#112
code423n4
closed
2 years ago
2
Event ProfitShared in IStrategy is never used
#111
code423n4
closed
2 years ago
1
Both _mint and _safeMint are used to mint NFTs
#110
code423n4
closed
2 years ago
1
`Depositor` and `Sponsor` are used interchangeably
#109
code423n4
closed
2 years ago
2
Ensure that EthAnchor processed funds successfully
#108
code423n4
closed
2 years ago
1
Missing validation in constructors
#107
code423n4
closed
2 years ago
1
BaseStrategy implements USTStrategy and is risky to inherit from
#106
code423n4
closed
2 years ago
3
No slippage tolerance set in NonUSTStrategy
#105
code423n4
closed
2 years ago
2
Possibility of insufficient funds in Vault
#104
code423n4
closed
2 years ago
1
Some Strategy functions can't be called from the Vault
#103
code423n4
closed
2 years ago
2
Possible griefing attack on vault setStrategy
#102
code423n4
closed
2 years ago
1
No slippage control on _swapUnderlyingToUst of NonUSTStrategy.sol
#101
code423n4
closed
2 years ago
2
No slippage control on _swapUstToUnderlying of NonUSTStrategy.sol
#100
code423n4
closed
2 years ago
2
Reentrancy vulnerability allows attacker to steal underlying tokens with withdraw
#99
code423n4
closed
2 years ago
1
Reentrancy vulnerability allows attacker to gain more shares than deserved
#98
code423n4
closed
2 years ago
1
_transferAndCheckUnderlying doesn't work with fee-on-transfer tokens
#97
code423n4
closed
2 years ago
2
Open TODOs
#96
code423n4
closed
2 years ago
2
BaseStrategy.finishRedeemStable can produce a low-level division revert
#95
code423n4
closed
2 years ago
3
Previous
Next