issues
search
code-423n4
/
2022-05-vetoken-findings
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
test
#279
ankushgoel27
closed
1 year ago
0
Upgraded Q -> M from 268 [1659038665057]
#277
code423n4
closed
2 years ago
1
Upgraded Q -> M from 264 [1659038303960]
#276
code423n4
closed
2 years ago
1
Upgraded Q -> M from 234 [1659038052827]
#275
code423n4
closed
2 years ago
1
Upgraded Q -> M from 232 [1659037895855]
#274
code423n4
closed
2 years ago
1
Upgraded Q -> M from 9 [1659036743700]
#273
code423n4
closed
2 years ago
1
Gas Optimizations
#272
code423n4
opened
2 years ago
1
Gas Optimizations
#271
code423n4
opened
2 years ago
1
in VeAssetDepositor and Booster contract don't set safeApprove() to 0 first and that token uses OpenZeppelin’s ERC20 implementation
#270
code423n4
closed
2 years ago
2
QA Report
#269
code423n4
opened
2 years ago
1
QA Report
#268
code423n4
opened
2 years ago
3
Since calling `_lockVeAsset()` `incentiveVeAsset` is always set to `0`
#267
code423n4
closed
2 years ago
2
infalting the price of tokens to your benfit and no reentracy gaurd you can make your own function for stakefor
#266
code423n4
closed
2 years ago
2
QA Report
#265
code423n4
closed
2 years ago
1
QA Report
#264
code423n4
opened
2 years ago
3
totalSupplyAtEpoch will revert
#263
code423n4
closed
2 years ago
2
totalSupply will revert
#262
code423n4
closed
2 years ago
2
QA Report
#261
code423n4
opened
2 years ago
1
Logic error in inversely traversed loops could lead to DoS
#260
code423n4
closed
2 years ago
2
QA Report
#259
code423n4
opened
2 years ago
2
pendingLockAtEpochOf will revert
#258
code423n4
closed
2 years ago
2
balanceAtEpochOf will revert
#257
code423n4
closed
2 years ago
2
you should always approve zero amount because some contracts need it to interact with it (ust)
#256
code423n4
closed
2 years ago
2
In VoterProxy the address veAsset is not added to protectedTokens[] list so it's possible to call withdraw() with veAsset address by stash protocol and withdraw veAsset Balance of VoterProxy
#255
code423n4
closed
2 years ago
2
QA Report
#254
code423n4
opened
2 years ago
2
safetransferfrom a user has to give allowance to make the function work
#253
code423n4
closed
2 years ago
2
If a new extra reward is added later, existing stakes will not be able to withdraw
#252
code423n4
closed
2 years ago
2
Gas Optimizations
#251
code423n4
opened
2 years ago
1
attacker can steal funds from staker contract and this contract)with decrease allownace frontrunning
#250
code423n4
closed
2 years ago
2
Gas Optimizations
#249
code423n4
closed
2 years ago
1
Gas Optimizations
#248
code423n4
opened
2 years ago
1
setOwner() function in VoterProxy allow new owner to be set as 0x0, so if owner call it by wrong value the contract will be in broken state and funds would be lost
#247
code423n4
closed
2 years ago
2
In VeAssetDepositor constructor if deployer set wrong value for maxTime or if maxTime in veAsset project changes then funds can be locked in VeAssetDepositor and contract will be in broken state
#246
code423n4
closed
2 years ago
2
Add a tme lock to `VoterProxy.sol` setter function
#245
code423n4
closed
2 years ago
2
user can pay alot of money with out getting his tokens
#244
code423n4
closed
2 years ago
2
QA Report
#243
code423n4
closed
2 years ago
1
Revert if too many rewardTokens in VE3DLocker
#242
code423n4
closed
2 years ago
2
QA Report
#241
code423n4
opened
2 years ago
1
Gas Optimizations
#240
code423n4
opened
2 years ago
1
Unable to updateReward if there are too many rewardTokens
#239
code423n4
closed
2 years ago
2
Unable to shutdown if there are too many pool
#238
code423n4
closed
2 years ago
2
user can mint anything he wants
#237
code423n4
closed
2 years ago
2
attacker or user can take advantage of percsion error and effect staking
#236
code423n4
closed
2 years ago
2
Bad use of safeApprove
#235
code423n4
closed
2 years ago
3
QA Report
#234
code423n4
opened
2 years ago
2
Governance can arbitrarily burn VeToken from any address
#233
code423n4
opened
2 years ago
2
QA Report
#232
code423n4
opened
2 years ago
3
lockVeAsset() in VeAssetDepositor don't follow the check-effect-interact pattern and it's vulnerable to reentrancy attack
#231
code423n4
opened
2 years ago
2
Gas Optimizations
#230
code423n4
opened
2 years ago
1
QA Report
#229
code423n4
opened
2 years ago
3
Next