issues
search
code-423n4
/
2022-05-cally-findings
2
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
If users don’t handle ERC721 received, the ERC721 token will be frozen
#246
code423n4
closed
2 years ago
1
It should prevent users from sending more native tokens
#245
code423n4
closed
2 years ago
1
Attackers can re-vault `vault token` to deceive users
#244
code423n4
closed
2 years ago
1
`createVault()` does not confirm whether `tokenType` and `token`’s type are the same
#243
code423n4
opened
2 years ago
2
Admin can use a front-running attack to steal ETHs from users
#242
code423n4
closed
2 years ago
1
There should be a cap on `feeRate`
#241
code423n4
closed
2 years ago
1
Owner can grief with high fees
#240
code423n4
closed
2 years ago
1
Incorrect balance of `CallyNFT` can cause misunderstandings in other marketplaces
#239
code423n4
closed
2 years ago
1
Inconsistent balance when depositing fee-on transfer tokens
#238
code423n4
closed
2 years ago
1
Overpaying option premium
#237
code423n4
closed
2 years ago
1
Using `transferFrom` on ERC721 tokens
#236
code423n4
closed
2 years ago
1
QA Report
#235
code423n4
closed
2 years ago
1
The buyer of an option can overpay
#234
code423n4
closed
2 years ago
1
QA Report
#233
code423n4
opened
2 years ago
0
QA Report
#232
code423n4
opened
2 years ago
1
Gas Optimizations
#231
code423n4
opened
2 years ago
1
Gas Optimizations
#230
code423n4
opened
2 years ago
0
Potential fund loss when fee-on-transfer tokens are used as `vault.token`
#229
code423n4
closed
2 years ago
1
`transferFrom()` is used for ERC721 instead of `safeTransferFrom()`, which can cause user's NFT to be frozen
#228
code423n4
closed
2 years ago
1
`setVaultBeneficiary()` to a contract address that can not receive ETH may cause user's funds to be frozen
#227
code423n4
closed
2 years ago
3
Lack of input validation for `feeRate` can malfunction `exercise()`
#226
code423n4
closed
2 years ago
1
[WP-H0] Fake balances can be created for not-yet-existing ERC20 tokens, which allows attackers to set traps to steal funds from future users
#225
code423n4
opened
2 years ago
2
It shouldn’t be possible to create a vault with Cally’ own token
#224
code423n4
opened
2 years ago
3
Gas Optimizations
#223
code423n4
opened
2 years ago
0
User NFT could be locked because of wrong parameter specified in `createVault`
#222
code423n4
closed
2 years ago
1
User can bypass protocol fee while exercising options
#221
code423n4
closed
2 years ago
2
QA Report
#220
code423n4
opened
2 years ago
2
QA Report
#219
code423n4
opened
2 years ago
0
Gas Optimization
#218
code423n4
opened
2 years ago
0
incorrect calculation of fee
#217
code423n4
opened
2 years ago
3
Gas Optimizations
#216
code423n4
opened
2 years ago
0
QA Report
#215
code423n4
opened
2 years ago
0
OnlyOwner functions that make critical changes should have safeguards
#214
code423n4
closed
2 years ago
1
NFT's can be frozen at exercise()
#213
code423n4
closed
2 years ago
1
QA Report
#212
code423n4
closed
2 years ago
1
Admin can change fee parameter at any time. Fee parameter is ubounded
#211
code423n4
closed
2 years ago
1
Lack maximum value of `feeRate`
#210
code423n4
closed
2 years ago
1
Gas Optimizations
#209
code423n4
opened
2 years ago
0
Options Cannot Be Exercised If a Vault is Created Upon a Fee-On-Transfer Token
#208
code423n4
closed
2 years ago
1
Cally Protocol Does Not Support Cryptopunk or Cryptokitties Tokens
#207
code423n4
opened
2 years ago
2
`feeRate` is Not Configured Upon Contract Deployment
#206
code423n4
closed
2 years ago
2
`exercise()` Does Not Burn a Vault's NFT
#205
code423n4
closed
2 years ago
2
QA Report
#204
code423n4
opened
2 years ago
0
[2022-05-cally] User can ise the protocol to scam another user
#203
code423n4
closed
2 years ago
1
QA Report
#202
code423n4
opened
2 years ago
0
Gas Optimization
#201
code423n4
opened
2 years ago
0
If balance of an ERC20 token increases between transfers, then some tokens are locked forever in Cally
#200
code423n4
closed
2 years ago
2
Attempts to exercise options for fee on transfer tokens fail
#199
code423n4
closed
2 years ago
1
The owner can suddenly change feeRate to 100% without giving users time to react.
#198
code423n4
closed
2 years ago
1
QA Report
#197
code423n4
opened
2 years ago
2
Previous
Next