code-423n4 2022-04-abranft-findings issues

code-423n4 / 2022-04-abranft-findings

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

The bool return value of variable success is not checked/handled in removeCollateral() of NFTPairWithOracle.sol

#201 0xean closed 2 years ago
0
Lower LVT is treated as less restrictive, while it's vice versa

#200 code423n4 closed 2 years ago
1
QA Report

#199 code423n4 opened 2 years ago
3
NFTPairWithOracle's _lend ignores accepted.oracle and allows to start loan with empty params.oracle

#198 code423n4 closed 2 years ago
2
QA Report

#197 code423n4 opened 2 years ago
1
Gas Optimizations

#196 code423n4 opened 2 years ago
1
QA Report

#195 code423n4 opened 2 years ago
1
Signature Verification Functions Do Not Check Address Is Not Zero

#194 code423n4 closed 2 years ago
2
QA Report

#193 code423n4 opened 2 years ago
1
QA Report

#192 code423n4 opened 2 years ago
4
`removeCollateral()` May Be Called in When Loan Status is Initial

#191 code423n4 closed 2 years ago
2
No success required for Oracle market rate queries

#190 code423n4 closed 2 years ago
2
Gas Optimizations

#189 code423n4 opened 2 years ago
1
Skim Functionality Is Front-runnable

#188 code423n4 closed 2 years ago
2
msg.value is not checked in `cook`, might lead to loss of user funds.

#187 code423n4 closed 2 years ago
2
Reentrancy in `removeCollateral()` / `requestLoan()`

#186 code423n4 closed 2 years ago
1
lack of access modifier in BentoboxV1.transfer()

#185 code423n4 closed 2 years ago
2
Outstanding loan Oracle can be arbitrary changed by a lender

#184 code423n4 closed 2 years ago
1
NFT oracle price request successful or not is not checked

#183 code423n4 closed 2 years ago
1
Gas Optimizations

#182 code423n4 opened 2 years ago
1
Users Who `approve()` ERC20 Tokens for `NFTPair` of `NFTPairWithOracle` Contracts May Have Their Allowances Stole By Any User

#181 code423n4 closed 2 years ago
2
QA Report

#180 code423n4 opened 2 years ago
1
Gas Optimizations

#179 code423n4 opened 2 years ago
1
QA Report

#178 code423n4 opened 2 years ago
1
Possible to steal collateral during a reentrant collateral transfer

#177 code423n4 closed 2 years ago
1
Lender can instantly seize the collateral

#176 code423n4 closed 2 years ago
2
`TO` IS UNCHECKED IN `REMOVECOLLATERAL()`, WHICH CAN CAUSE USER’S COLLATERAL NFT TO BE FROZEN

#175 code423n4 closed 2 years ago
2
Lender can immediately liquidate valued Collateral in NFTPairWithOracle contract

#174 code423n4 closed 2 years ago
2
Gas Optimizations

#173 code423n4 opened 2 years ago
1
QA Report

#172 code423n4 opened 2 years ago
1
Params.oracle can be changed to a fake one by front running NFTPairWithOracle's lend function

#171 code423n4 closed 2 years ago
1
Possible Overflow in the Multiple Functions

#170 code423n4 closed 2 years ago
2
Gas Optimizations

#169 code423n4 opened 2 years ago
1
QA Report

#168 code423n4 opened 2 years ago
1
Gas Optimizations

#167 code423n4 opened 2 years ago
1
Malicious lender can change price oracle for outstanding loan

#166 code423n4 closed 2 years ago
1
QA Report

#165 code423n4 opened 2 years ago
1
Any non-native asset on the NFTPair or NFTPairWithOracle balance except collateral is a free grab

#164 code423n4 closed 2 years ago
2
FAILED TRANSFER WITH LOW LEVEL CALL COULD BE OVERLOOKED

#163 code423n4 closed 2 years ago
2
Reducing loan valuation via `updateLoanParams()` after lending results in loss of funds for lender on repay

#162 code423n4 closed 2 years ago
2
QA Report

#161 code423n4 opened 2 years ago
1
Gas Optimizations

#160 code423n4 opened 2 years ago
1
QA Report

#159 code423n4 opened 2 years ago
1
Gas Optimizations

#158 code423n4 opened 2 years ago
0
No successful transfer check on _requestLoan

#157 code423n4 closed 2 years ago
4
Missing zero address check on _requestLoan

#156 code423n4 closed 2 years ago
2
Skim Accidental Transfer of Collateral

#155 code423n4 closed 2 years ago
2
Frontrunning Attack - Steal Victims Collateral

#154 code423n4 closed 2 years ago
2
Use Victims Collateral by Frontrunning

#153 code423n4 closed 2 years ago
2
Oracle failure allows NFT to be stolen

#152 code423n4 closed 2 years ago
1