issues
search
code-423n4
/
2022-02-skale-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Agreements & Disclosures
#83
CloudEllie
opened
2 years ago
0
Messages[] in MessageProxyforMainNet & SChain won't be cleared
#82
code423n4
closed
2 years ago
3
QA Report
#81
code423n4
opened
2 years ago
3
Miners Can Manipulate `tx.gasprice` to Drain Users' Wallets in `postIncomingMessages()`
#80
code423n4
closed
2 years ago
3
Gas Optimizations
#79
code423n4
opened
2 years ago
2
QA Report
#78
code423n4
opened
2 years ago
2
QA Report
#77
code423n4
opened
2 years ago
3
If SChain is Removed Before `kill()` and `getFunds()` all Tokens are Locked in the Bridge
#76
code423n4
closed
2 years ago
4
Gas Optimizations
#75
code423n4
opened
2 years ago
2
Gas Optimizations
#74
code423n4
opened
2 years ago
3
Fee-on-transfer/deflationary tokens cause problems
#73
code423n4
closed
2 years ago
2
Forcing `ERC20Upgradeable` when calling `transfer()` reverts when used with some ERC20 tokens
#72
code423n4
closed
2 years ago
2
Schain owners can rug pull users' funds
#71
code423n4
opened
2 years ago
2
Nodes can drain SKALE chain owners' wallets
#70
code423n4
closed
2 years ago
2
Centralisation Risk: `TokenManager` Gives Unnecessary Permissions to The Default Admin Through `changeDepositBoxAddress()` Which May Cause The Bridge to Get Stuck
#69
code423n4
closed
2 years ago
2
Missing Signature Verification Leads To Critical Parameter Changes
#68
code423n4
closed
2 years ago
2
QA Report
#67
code423n4
opened
2 years ago
3
QA Report
#66
code423n4
opened
2 years ago
2
Gas Optimizations
#65
code423n4
opened
2 years ago
2
Improper Upper Bound Definition on the Transaction Gas
#64
code423n4
closed
2 years ago
2
Loss of pending messages (if any) in case removeConnectedChain is called
#63
code423n4
opened
2 years ago
2
There is a possibility of Token transfer getting stuck when using Erc1155BatchMessage
#62
code423n4
closed
2 years ago
2
Gas Optimizations
#61
code423n4
opened
2 years ago
2
Gas Optimizations
#60
code423n4
opened
2 years ago
2
[WP-H3] S2S Transfer from the origin schain to another schain with automatic deploy disabled can cause funds to be frozen
#59
code423n4
opened
2 years ago
2
[WP-H2] When transferring tokens native on SKALE to Ethereum with `TokenManagerERC20.exitToMainERC20()`, the tokens on the schain will be frozen on `TokenManagerERC20`, but they will not receive tokens on Ethereum
#58
code423n4
opened
2 years ago
3
[WP-H1] Transactions can be replayed when a connectedChain is removed and then reconnected
#57
code423n4
opened
2 years ago
2
QA Report
#56
code423n4
opened
2 years ago
2
Gas Optimizations
#55
code423n4
opened
2 years ago
3
Schain owner dictate fund usage after kill
#54
code423n4
closed
2 years ago
2
DepositBoxERC20 does not support fee-on-transfer token
#53
code423n4
closed
2 years ago
2
Gas Optimizations
#52
code423n4
closed
2 years ago
2
QA Report
#51
code423n4
opened
2 years ago
2
Not compatible with Rebasing/Deflationary/Inflationary tokens
#50
code423n4
opened
2 years ago
2
BURNER_ROLE can burn any amount of EthErc20 from an arbitrary address
#49
code423n4
closed
2 years ago
1
Gas Optimizations
#48
code423n4
opened
2 years ago
2
Gas Optimizations
#47
code423n4
opened
2 years ago
2
Gas Optimizations
#46
code423n4
closed
2 years ago
3
QA Report
#45
code423n4
opened
2 years ago
2
Not leaving storage gaps for future upgrade
#44
code423n4
closed
2 years ago
2
Use of constructor in an upgradeable contract
#43
code423n4
closed
2 years ago
2
Deposit Box Does Not Account for Fee On Transfer Tokens Causing the Bridge To Absorb the Fees
#42
code423n4
closed
2 years ago
2
Division by zero when transmitting message array with zero length
#41
code423n4
opened
2 years ago
4
Possible underflow when exit to mainnet with full amount after receiving tokens from another schain
#40
code423n4
closed
2 years ago
2
Trapped fund in transferredAmount on mainnet with accidental burn by user on schain
#39
code423n4
closed
2 years ago
2
transferredAmount on mainnet can be drained if a malicious account can mint more tokens on Schain
#38
code423n4
opened
2 years ago
2
Malicious `destinationContract` Could Cause Bridge To Become Stucl
#37
code423n4
closed
2 years ago
2
Infinite Recursion in `getMessageType()`
#36
code423n4
closed
2 years ago
2
Centralisation Risk: Admin Role of `TokenManagerEth` can Rug Pull All Eth from the Bridge
#35
code423n4
opened
2 years ago
2
QA Report
#34
code423n4
opened
2 years ago
3
Next