issues
search
code-423n4
/
2022-06-notional-coop-findings
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Vulnerable and Inconsistency in @openzeppelin/contracts versions
#90
code423n4
closed
2 years ago
5
mintFCashPosition() in NotionalTradeModule may revert because of wrong logic in _approve() function which don't consider remaining dust in allowance and tries to set allowance without setting to 0 first
#89
code423n4
closed
2 years ago
3
Withdraw function does not conform to EIP4626
#88
code423n4
closed
2 years ago
1
The logic of _isUnderlying() in NotionalTradeModule is wrong which will cause mintFCashPosition() and redeemFCashPosition() revert on `fcash` tokens which asset token is underlying token (asset.tokenType == TokenType.NonMintable)
#87
code423n4
opened
2 years ago
7
VULNERABLE VERSION OF OPEN-ZEPPELIN CAN LEAD TO INITIALIZER() MALFUNCTION
#86
code423n4
closed
2 years ago
3
DEPOSIT() IS NOT WORKING WITH FEE-ON-TRANSFER TOKENS
#85
code423n4
closed
2 years ago
2
QA Report
#84
code423n4
opened
2 years ago
0
Gas Optimizations
#83
code423n4
opened
2 years ago
0
deposit() and mint() and _redeemInternal() in wfCashERC4626() will revert for all fcash that asset token is underlying token because they always call _mintInternal() with useUnderlying==True
#82
code423n4
opened
2 years ago
2
Gas Optimizations
#81
code423n4
opened
2 years ago
0
Functions convertToShares() and convertToAssets() don't consider hasMatured() state when totalSupply()==0
#80
code423n4
opened
2 years ago
3
function onERC1155Received() in wfCashLogic won't check that fcash is not matured and if NotionalV2 allow transfers for mature fcash, then it will be possible to mint wfcash after maturity time
#79
code423n4
closed
2 years ago
1
Malicious users can DOS `onERC1155Received` through donating fcash before the contract is deployed.
#78
code423n4
closed
2 years ago
1
It's possible to perform DOS and make onERC1155Received() of wfCashLogic to always revert by transferring other fcashs to contract address before its deployment
#77
code423n4
closed
2 years ago
1
Deposit of wrappedFCash does not follow EIP 4626
#76
code423n4
closed
2 years ago
2
Users cannot `initialize()` a proxy with a `currencyId` with a different maturity
#75
code423n4
closed
2 years ago
1
Non matured positions are lost when the module is removed
#74
code423n4
closed
2 years ago
1
QA Report
#73
code423n4
opened
2 years ago
0
Gas Optimizations
#72
code423n4
opened
2 years ago
0
Gas Optimizations
#71
code423n4
opened
2 years ago
0
Gas Optimizations
#70
code423n4
opened
2 years ago
0
QA Report
#69
code423n4
opened
2 years ago
0
Re-entrancy in wfCashERC4626.withdraw() can lead to more gains in assets
#68
code423n4
closed
2 years ago
2
wfCashERC4626.withdraw() missing some asset balance checks and calculations can drain contract
#67
code423n4
closed
2 years ago
2
Re-entrancy in wfCashERC4626.withdraw() can lead to more gains in assets
#66
code423n4
closed
2 years ago
1
Re-entrancy in wfCashERC4626.redeem() can lead to more gains in assets and/or shares
#65
code423n4
closed
2 years ago
2
QA Report
#64
code423n4
opened
2 years ago
2
QA Report
#63
code423n4
opened
2 years ago
0
Maturity is potentially subject to timestamp manipulation
#62
code423n4
closed
2 years ago
1
maxImpliedRate defaults to 0 or type(uint32).max in some functions, resulting in lack of slippage control
#61
code423n4
closed
2 years ago
1
NotionalTradeModule allows anybody to remove the module from the SetToken allowing an attacker to DOS the protocol
#60
code423n4
closed
2 years ago
1
ERC20.approve to 0 before approving a new value
#59
code423n4
closed
2 years ago
2
TEST
#58
code423n4
closed
2 years ago
0
TEST
#57
code423n4
closed
2 years ago
0
QA Report
#56
code423n4
closed
2 years ago
3
Gas Optimizations
#55
code423n4
opened
2 years ago
0
NotionalTradeModule doesn't follow the IWrappedFCash interface properly
#54
code423n4
closed
2 years ago
3
NotionalTradeModule initiates Notional trades without checking for slippage
#53
code423n4
closed
2 years ago
1
`NotionalV2` is not initialized
#52
code423n4
closed
2 years ago
1
deposit through `onERC1155Received` can be locked by attackers, making the function useless
#51
code423n4
closed
2 years ago
3
Gas Optimizations
#50
code423n4
opened
2 years ago
0
QA Report
#49
code423n4
opened
2 years ago
0
QA Report
#48
code423n4
opened
2 years ago
0
minImpliedRate defaults to 0 in some functions, resulting in lack of slippage control
#47
code423n4
closed
2 years ago
2
Loss of tokens due to wrong burn function
#46
code423n4
closed
2 years ago
3
Loss of tokens due to wrong burn function
#45
code423n4
closed
2 years ago
3
Must approve 0 first
#44
code423n4
opened
2 years ago
2
Loss of underlying tokens due to ERC4626 non-compliance in redeem function in wfCashERC4626.sol
#43
code423n4
closed
2 years ago
3
Loss of underlying tokens due to ERC4626 non-compliance in withdraw function in wfCashERC4626.sol
#42
code423n4
closed
2 years ago
2
Gas Optimizations
#41
code423n4
opened
2 years ago
0
Previous
Next