issues
search
code-423n4
/
2022-03-lifinance-findings
6
stars
4
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Lack of checks between `_swapData` and `_lifiData` could lead to loss of funds and reputation risk.
#67
code423n4
closed
2 years ago
4
Anyone can get swaps for free given certain conditions in `swap`.
#66
code423n4
opened
2 years ago
4
Reputation Risks with `contractOwner`
#65
code423n4
opened
2 years ago
3
No zero address check for `setContractOwner`
#64
code423n4
closed
2 years ago
3
Comprimised whitelisted dex could drain all funds from LiFi.
#63
code423n4
closed
2 years ago
1
Lack of checks may lead to faulty data collection in `startBridgeTokensViaNXTP`
#62
code423n4
closed
2 years ago
3
No zero address check for `initNXTP`.
#61
code423n4
closed
2 years ago
4
fregre
#60
code423n4
closed
2 years ago
0
AnyswapFacet and CBridgeFacet don't account for msg.value when use native balance
#59
code423n4
closed
2 years ago
1
SwapData attributes can be different than calldata attributes
#58
code423n4
closed
2 years ago
1
Only one DEX removed while performing `batchRemoveDEX()` in `DexManagerFacet.sol`
#57
code423n4
closed
2 years ago
1
QA Report
#56
code423n4
opened
2 years ago
7
CBridgeFacet's startBridgeTokensViaCBridge do not revert on excess msg.value
#55
code423n4
closed
2 years ago
1
Instead of `call()`, `transfer()` is used for the withdraw mechanism
#54
code423n4
closed
2 years ago
1
ERC20 bridging functions do not revert on non-zero msg.value
#53
code423n4
opened
2 years ago
2
QA Report
#52
code423n4
opened
2 years ago
4
Gas Optimizations
#51
code423n4
opened
2 years ago
8
QA Report
#50
code423n4
opened
2 years ago
5
`safeApprove` in `LibAsset` is unnecessary and waste gas
#49
code423n4
opened
2 years ago
2
users can bypass the approveTo checks
#48
code423n4
closed
2 years ago
3
low-level calls returning success although it doesn't succeeded
#47
code423n4
closed
2 years ago
1
QA Report
#46
code423n4
opened
2 years ago
6
Gas Optimizations
#45
code423n4
opened
2 years ago
8
Gas Optimizations
#44
code423n4
opened
2 years ago
11
Gas Optimizations
#43
code423n4
opened
2 years ago
1
QA Report
#42
code423n4
opened
2 years ago
0
Native token balance can be stolen as LibSwap's swap is reusing msg.value
#41
code423n4
closed
2 years ago
1
QA Report
#40
code423n4
opened
2 years ago
3
Gas Optimizations
#39
code423n4
opened
2 years ago
1
AnyswapFaucet: Unlimited token allowance can be given to malicious router
#38
code423n4
closed
2 years ago
2
CBridgeFaucet: Users may lose excess native funds if msg.value > specified amount
#37
code423n4
closed
2 years ago
1
Latent contract funds can be used for swaps
#36
code423n4
closed
2 years ago
1
cBridge integration fails to send native tokens
#35
code423n4
opened
2 years ago
2
DexManagerFacet: batchRemoveDex() removes first dex only
#34
code423n4
opened
2 years ago
2
LibSwap: Excess funds from swaps are not returned
#33
code423n4
opened
2 years ago
3
Dex removal is not done properly
#32
code423n4
closed
2 years ago
1
Funds can be stolen
#31
code423n4
closed
2 years ago
1
Incorrect amount approved
#30
code423n4
closed
2 years ago
2
QA Report
#29
code423n4
opened
2 years ago
4
Gas Optimizations
#28
code423n4
opened
2 years ago
7
CBridgeFacet doesn't transfer native tokens for bridging, possibly freezing the funds
#27
code423n4
closed
2 years ago
2
QA Report
#26
code423n4
opened
2 years ago
0
swapAndStartBridgeTokensViaAnyswap always revert when _anyswapData.token == address(0)
#25
code423n4
closed
2 years ago
2
startBridgeTokensViaAnyswap always revert when _anyswapData.token == address(0)
#24
code423n4
closed
2 years ago
2
ERC20 Token sent to LiFiDiamond directly can be took by anyone
#23
code423n4
closed
2 years ago
1
Gas Optimizations
#22
code423n4
opened
2 years ago
1
Swapper cannot handle inputs with more than one swap if msg.value > 0
#21
code423n4
closed
2 years ago
1
Gas Optimizations
#20
code423n4
opened
2 years ago
2
DexManagerFacet's batchRemoveDex removes first DEX only
#19
code423n4
closed
2 years ago
1
Fee on transfer tokens aren't supported in AnyswapFacet, HopFacet, CBridgeFacet and NXTPFacet
#18
code423n4
closed
2 years ago
3
Previous
Next