code-423n4 2022-06-nibbl-findings issues

code-423n4 / 2022-06-nibbl-findings

1 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Gas Optimizations

#224 code423n4 opened 2 years ago
1
Gas Optimizations

#223 code423n4 closed 2 years ago
1
BuyoutInitiated event's bid price can be substantially inflated

#222 code423n4 closed 2 years ago
2
Gas Optimizations

#221 code423n4 opened 2 years ago
0
QA Report

#220 code423n4 opened 2 years ago
5
TWAP array can be artificially filled up with the most recent quote

#219 code423n4 closed 2 years ago
4
_getTwav is not correct. It is not considering all last 4 blocks.

#218 code423n4 closed 2 years ago
3
QA Report

#217 code423n4 opened 2 years ago
1
Issue with TWAV calculation.

#216 code423n4 closed 2 years ago
2
QA Report

#215 code423n4 opened 2 years ago
1
QA Report

#214 code423n4 opened 2 years ago
1
Gas Optimizations

#213 code423n4 opened 2 years ago
0
Gas Optimizations

#212 code423n4 opened 2 years ago
0
QA Report

#211 code423n4 closed 2 years ago
2
QA Report

#210 code423n4 opened 2 years ago
1
QA Report

#209 code423n4 opened 2 years ago
8
Discrepancies between document and code implementation

#208 code423n4 closed 2 years ago
2
QA Report

#207 code423n4 closed 2 years ago
4
Users Are Not Able To Create A NibblVault Under Certain Scenario

#206 code423n4 closed 2 years ago
2
Gas Optimizations

#205 code423n4 opened 2 years ago
0
Gas Optimizations

#204 code423n4 opened 2 years ago
0
Buyer Unable To Initiate Buyout Beyond Current Valuation

#203 code423n4 closed 2 years ago
2
Gas Optimizations

#202 code423n4 opened 2 years ago
0
Basket's withdrawETH uses payable.transfer with an arbitrary receiver

#201 code423n4 closed 2 years ago
2
User Could Change The State Of The System While In `Pause` Mode

#200 code423n4 opened 2 years ago
2
Gas Optimizations

#199 code423n4 closed 2 years ago
3
`Transfer()` is used instead of `Call()` to transfer ETH

#198 code423n4 closed 2 years ago
2
Malicious Users Could Perform Griefing Attack On A NibblVault

#197 code423n4 closed 2 years ago
2
QA Report

#196 code423n4 opened 2 years ago
0
Malicious Basket Could Be Used To Rug Fractionalized Token Holders

#195 code423n4 closed 2 years ago
2
TWAP Price Should Be Updated At The End Of The Block

#194 code423n4 closed 2 years ago
2
Buyout Rejection Feature Is Not Deterministic

#193 code423n4 closed 2 years ago
2
Gas Optimizations

#192 code423n4 closed 2 years ago
3
Ineffective TWAV Implementation

#191 code423n4 opened 2 years ago
10
NFT Vault Owner Can Disable Buyout Feature

#190 code423n4 closed 2 years ago
2
Fee Was Not Charged When Buying On Secondary Curve

#189 code423n4 closed 2 years ago
1
Gas Optimizations

#188 code423n4 closed 2 years ago
3
QA Report

#187 code423n4 opened 2 years ago
2
Gas Optimizations

#186 code423n4 opened 2 years ago
1
Reentrancy bug in Basket's withdraw multiple tokens function which gives attacker ability to transfer basket ownership and spend it but withdraw all the tokens out of basket

#185 code423n4 opened 2 years ago
7
Gas Optimizations

#184 code423n4 closed 2 years ago
2
Gas Optimizations

#183 code423n4 opened 2 years ago
1
QA Report

#182 code423n4 opened 2 years ago
3
QA Report

#181 code423n4 opened 2 years ago
1
Gas Optimizations

#180 code423n4 opened 2 years ago
0
missing validation for the param _to before the low-level function call.

#179 code423n4 closed 2 years ago
3
`Twav.sol#_getTwav()` will revert when timestamp > 4294967296

#178 code423n4 opened 2 years ago
4
`_secondaryReserveRatio` is likely to be overflowed due to an unsafe downcast

#177 code423n4 closed 2 years ago
1
`Twav.sol#_updateTWAV()` will revert when the `cumulativeValuation` addition overflows

#176 code423n4 closed 2 years ago
1
Part of the `CuratorFee` and `AdminFee` for the `SecondaryCurve` may not be charged for certain `buy()` transactions

#175 code423n4 closed 2 years ago
1

Previous Next