issues
search
code-423n4
/
2022-01-yield-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
`ConvexYieldWrapper` Does Not Check If A Vault Is Undercollateralised In `_getDepositedBalance`
#139
code423n4
closed
2 years ago
2
Chainlink oracles might return stale data
#138
code423n4
closed
2 years ago
2
Miscalculation of rewards due to removal of vaults
#137
code423n4
closed
2 years ago
1
Oracle data feed is insufficiently validated.
#136
code423n4
opened
2 years ago
1
ConvexYieldWrapper griefing attack is possible that removes all the vaults from any user
#135
code423n4
closed
2 years ago
2
ConvexYieldWrapper wrap can be front-run
#134
code423n4
closed
2 years ago
3
Costly reentrance modifier
#133
code423n4
closed
2 years ago
2
Cvx3CrvOracle can report stale prices
#132
code423n4
closed
2 years ago
2
Remove unused variables
#131
code423n4
closed
2 years ago
2
Some variables can be set immutable
#130
code423n4
closed
2 years ago
1
Assigning default value costs unnecessary gas
#129
code423n4
closed
2 years ago
2
Cvx3CrvOracle.setSource doesn't check provided core configuration values
#128
code423n4
closed
2 years ago
3
Function `ConvexYieldWrapper.removeVault()` can be rewritten
#127
code423n4
closed
2 years ago
1
Using pre-increment (++i) instead of post-increment (i++) can save gas
#126
code423n4
closed
2 years ago
1
Use '!= 0' rather than '> 0' for unsigned integers
#125
code423n4
closed
2 years ago
2
can save gas using `immutable`
#124
code423n4
closed
2 years ago
2
Missing isShutdown on _checkpointAndClaim()
#123
code423n4
closed
2 years ago
4
calldata is cheaper than memory
#122
code423n4
opened
2 years ago
2
double update on storage pointer
#121
code423n4
closed
2 years ago
1
Use immutable variables if values don't change after the constructor
#120
code423n4
closed
2 years ago
1
Cvx3CrvOracle.sol _peek() returns wrong units
#119
code423n4
closed
2 years ago
3
`ConvexStakingWrapper.sol#earned()` Implementation can be simpler and save some gas
#118
code423n4
closed
2 years ago
2
Redundant `return` for named returns
#117
code423n4
closed
2 years ago
2
Rewards distribution can be disrupted by a early user
#116
code423n4
opened
2 years ago
2
latestRoundData data may be stale
#115
code423n4
closed
2 years ago
1
Attacker can steal part of the rewards if one of the `extraRewards` is rewarded with Convex Token
#114
code423n4
closed
2 years ago
2
Comment missing function parameter
#113
code423n4
opened
2 years ago
1
Unsafe uint128 casting may overflow
#112
code423n4
opened
2 years ago
2
`ConvexYieldWrapper#removeVault()` `found` is redundant
#111
code423n4
opened
2 years ago
1
Missing approve(0) for CVX
#110
code423n4
closed
2 years ago
1
removeVault function can be external
#109
code423n4
closed
2 years ago
1
Remove duplicate address variables
#108
code423n4
closed
2 years ago
2
`ConvexYieldWrapper.sol` Redundant code
#107
code423n4
opened
2 years ago
1
Perform math inside code branch
#106
code423n4
opened
2 years ago
1
Adding unchecked directive can save gas
#105
code423n4
opened
2 years ago
3
Chainlink's `latestRoundData` might return stale results
#104
code423n4
closed
2 years ago
1
Using immutable variable can save gas
#103
code423n4
closed
2 years ago
2
`ConvexStakingWrapper.sol#` Switching between 1, 2 instead of 0, 1 is more gas efficient
#102
code423n4
opened
2 years ago
1
Avoid unnecessary arithmetic operations and storage reads can save gas
#101
code423n4
opened
2 years ago
1
stop execution when extraRewardsLength on convexpool is zero
#100
code423n4
closed
2 years ago
2
Arbitrary call
#99
code423n4
closed
2 years ago
2
MINTING to collateralVault could inflating totalsupply, without giving the balance to anyone
#98
code423n4
closed
2 years ago
2
Prefix (++i), rather than postfix (i++), increment/decrement operators should be used in for-loop
#97
code423n4
closed
2 years ago
1
Reentrancy modifier is suboptimal
#96
code423n4
closed
2 years ago
2
Cvx3CrvOracle earned function calculates cvx wrongly if pool claimed indirectly
#95
code423n4
opened
2 years ago
1
Cvx3CrvOracle misses sanity checks for Chainlink responses
#94
code423n4
closed
2 years ago
1
Cvx3CrvOracle returns 0 for small baseAmount
#93
code423n4
opened
2 years ago
2
Cvx3CrvOracle missing natspec param baseAmount for peek, _peek, _get
#92
code423n4
closed
2 years ago
1
`setSource` Does Not Validate That The Chainlink Price Feeds Are `18` Decimals
#91
code423n4
closed
2 years ago
2
Improper Validation Of Chainlink's `latestRoundData` Function
#90
code423n4
closed
2 years ago
1
Next