issues
search
code-423n4
/
2022-06-nibbl-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
ProxyVault implementation can be changed retroactively bricking old NibblVaults
#274
code423n4
closed
2 years ago
2
[PNM-004] Calculation of `_secondaryReserveRatio` can be overflowed
#273
code423n4
opened
2 years ago
1
## Unsafe usage of Transfer instead of call to move ether
#272
code423n4
closed
2 years ago
2
Buy logic is not correct
#271
code423n4
closed
2 years ago
2
QA Report
#270
code423n4
opened
2 years ago
1
`_rejectBuyout()` does not take buys and sells into account until next block, can lead to false effects due to timing
#269
code423n4
closed
2 years ago
6
[PNM-003] TWAV: The TWAV window is too small
#268
code423n4
closed
2 years ago
2
Do not use the `.transfer` function on an address that is `payable`
#267
code423n4
closed
2 years ago
2
[PNM-002] Unfairness: the curator (or users with large shares) can always reject payout by sandwich attacks
#266
code423n4
closed
2 years ago
2
Gas Optimizations
#265
code423n4
opened
2 years ago
1
[PNM-001] Function `permit` directly uses `_approve`, suffering from the well-known double attacks
#264
code423n4
opened
2 years ago
3
Some functions and return values might revert due to overflow
#263
code423n4
closed
2 years ago
1
call() should be used instead of transfer() on an address payable
#262
code423n4
closed
2 years ago
2
`sell()` and `buy()` should not have `whenNotPaused` modifier
#261
code423n4
closed
2 years ago
3
No check of transfer returns
#260
code423n4
closed
2 years ago
5
QA Report
#259
code423n4
opened
2 years ago
4
Gas Optimizations
#258
code423n4
opened
2 years ago
1
attacker can give a smaller amount of tokens and not pay the fees
#257
code423n4
closed
2 years ago
1
Gas Optimizations
#256
code423n4
opened
2 years ago
1
QA Report
#255
code423n4
opened
2 years ago
2
inconsistency between constructor and setting imporent variables method
#254
code423n4
closed
2 years ago
2
Buyout rejection criteria may not be handled for multiple buy transactions in same block
#253
code423n4
closed
2 years ago
2
QA Report
#252
code423n4
opened
2 years ago
3
Buyout candidate can sell their own tokens to counteract buyout rejection
#251
code423n4
closed
2 years ago
2
ERC20 Return values not checked
#250
code423n4
closed
2 years ago
2
unchecked return value from the transfer of erc20 token
#249
code423n4
closed
2 years ago
2
Buyout cannot be rejected even after the valuation is increased above `buyoutRejectionPremium`
#248
code423n4
closed
2 years ago
2
Basket uses legacy ETH transfer function
#247
code423n4
closed
2 years ago
2
`_updateTwav()` and `_getTwav()` will revert when cumulativePrice overflows
#246
code423n4
opened
2 years ago
1
use of transfer instead of call() to send eth
#245
code423n4
opened
2 years ago
3
NibblVault permit functionality allows redeeming only one "active" signature
#244
code423n4
closed
2 years ago
2
Lack of lock modifier on `sell()` can lead to reentrancy
#243
code423n4
closed
2 years ago
1
QA Report
#242
code423n4
opened
2 years ago
1
Gas Optimizations
#241
code423n4
opened
2 years ago
1
QA Report
#240
code423n4
opened
2 years ago
4
QA Report
#239
code423n4
opened
2 years ago
1
Gas Optimizations
#238
code423n4
opened
2 years ago
1
QA Report
#237
code423n4
opened
2 years ago
1
QA Report
#236
code423n4
opened
2 years ago
2
REENTRANCY-Avoid transfer() as reentrancy mitigations. Transfer do not protect from reentrancies in case of gas price changes.
#235
code423n4
closed
2 years ago
3
QA Report
#234
code423n4
opened
2 years ago
1
Potential denial of service issues
#233
code423n4
closed
2 years ago
2
Division by 0
#232
code423n4
closed
2 years ago
1
Two arrays length mismatch
#231
code423n4
closed
2 years ago
3
Gas Optimizations
#230
code423n4
opened
2 years ago
0
QA Report
#229
code423n4
opened
2 years ago
1
Gas Optimizations
#228
code423n4
opened
2 years ago
0
QA Report
#227
code423n4
opened
2 years ago
2
TWAV can be attacked by flash loan
#226
code423n4
closed
2 years ago
2
QA Report
#225
code423n4
opened
2 years ago
1
Previous
Next