code-423n4 2022-05-cudos-findings issues

code-423n4 / 2022-05-cudos-findings

1 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Calls inside loops that may address DoS.

#126 code423n4 opened 2 years ago
1
Gas Optimizations

#125 code423n4 opened 2 years ago
0
QA Report

#124 code423n4 opened 2 years ago
0
Missing check in the updateValset function

#123 code423n4 opened 2 years ago
2
Voting power of new validators not checked in ```updateValset``` function, ```Gravity.sol```

#122 code423n4 closed 2 years ago
1
Gas Optimizations

#121 code423n4 opened 2 years ago
0
Missing check in the updateValset function

#120 code423n4 closed 2 years ago
1
Overflowing powers in constructor

#119 code423n4 closed 2 years ago
2
QA Report

#118 code423n4 opened 2 years ago
3
Gas Optimizations

#117 code423n4 opened 2 years ago
0
QA Report

#116 code423n4 opened 2 years ago
3
no way to change the threshold

#115 code423n4 closed 2 years ago
2
it's possible that validators don't have enough power

#114 code423n4 closed 2 years ago
1
Gas Optimizations

#113 code423n4 opened 2 years ago
0
QA Report

#112 code423n4 opened 2 years ago
1
Gas Optimizations

#111 code423n4 opened 2 years ago
0
QA Report

#110 code423n4 opened 2 years ago
0
Gas Optimizations

#109 code423n4 opened 2 years ago
0
The ```sendToCosmos``` function does not check for transfer-on-fee/deflationary tokens

#108 code423n4 closed 2 years ago
1
deploying an erc20 may sometimes timeout and result in failure with vague log message

#107 code423n4 closed 2 years ago
2
Missing powerThreshold validation in function updateValset(in Gravity.sol) could cause the contract non-functional

#106 code423n4 closed 2 years ago
1
QA Report

#105 code423n4 opened 2 years ago
1
QA Report

#104 code423n4 opened 2 years ago
1
Gas Optimizations

#103 code423n4 opened 2 years ago
0
`updateValset()` Insufficient validation of new validator set may brick the contract

#102 code423n4 closed 2 years ago
1
`CosmosERC20.sol#totalSupply()` should return the actual supply bridged from Cosmos

#101 code423n4 closed 2 years ago
2
The validators can rug users by transferring funds from users' wallets

#100 code423n4 closed 2 years ago
4
Admin can rug users, withdraw all the locked funds

#99 code423n4 closed 2 years ago
1
Tokens with fee on transfer are not supported

#98 code423n4 closed 2 years ago
1
Anyone in the whitelist can change the whitelisted status for others

#97 code423n4 closed 2 years ago
1
Gas Optimizations

#96 code423n4 opened 2 years ago
1
No limit on nonces can cause Gravity bridge to be bricked

#95 code423n4 closed 2 years ago
1
Gas Optimizations

#94 code423n4 closed 2 years ago
0
QA Report

#93 code423n4 opened 2 years ago
0
Gas Optimizations

#92 code423n4 opened 2 years ago
0
QA Report

#91 code423n4 opened 2 years ago
0
QA Report

#90 code423n4 opened 2 years ago
0
Gas Optimizations

#89 code423n4 opened 2 years ago
0
QA Report

#88 code423n4 opened 2 years ago
0
QA Report

#87 code423n4 opened 2 years ago
0
Gas Optimizations

#86 code423n4 opened 2 years ago
0
Lack of minimum amount checks make griefing attack possible

#85 code423n4 closed 2 years ago
2
Gas Optimizations

#84 code423n4 opened 2 years ago
0
Batch Transfer will likely fail on ERC777 transfers, either maliciously or accidentally

#83 code423n4 closed 2 years ago
1
Gas Optimizations

#82 code423n4 opened 2 years ago
0
Gas Optimizations

#81 code423n4 opened 2 years ago
0
QA Report

#80 code423n4 opened 2 years ago
0
Compromised `AdminRole` or `whitelisted` user could be used as backdoor

#79 code423n4 closed 2 years ago
1
ERC20 tokens with before/afterTokenTransfer hooks can be manipulated to cause submitBatch to fail

#78 code423n4 closed 2 years ago
1
No cumulative power check when updating valset

#77 code423n4 closed 2 years ago
1

Previous Next