code-423n4 2022-09-frax-findings issues

code-423n4 / 2022-09-frax-findings

2 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

test

#403 ankushgoel27 closed 1 year ago
0
Possible lost msg.value

#401 code423n4 closed 2 years ago
1
Wrong value returned in numValidators() function

#400 code423n4 closed 2 years ago
3
Recovererc20 uses transfer -> token transfers do not verify that the tokens were successfully transferred (safeTransfer)

#399 code423n4 closed 2 years ago
2
QA Report

#398 code423n4 opened 2 years ago
0
Gas Optimizations

#397 code423n4 opened 2 years ago
0
QA Report

#396 code423n4 opened 2 years ago
0
QA Report

#395 code423n4 closed 2 years ago
0
Gas Optimizations

#394 code423n4 closed 2 years ago
0
Some users may not be able to withdraw till the end of the rewardsCycle, due to possible underflow in the function beforeWithdraw()

#393 code423n4 closed 2 years ago
3
Gas Optimizations

#392 code423n4 opened 2 years ago
0
QA Report

#391 code423n4 opened 2 years ago
0
xERC4626.sol#beforeWithdraw will fail under certain conditions

#390 code423n4 closed 2 years ago
1
Gas Optimizations

#389 code423n4 opened 2 years ago
0
use safeERC20

#388 code423n4 closed 2 years ago
2
QA Report

#387 code423n4 opened 2 years ago
0
Not checking 0 address in `moveWithheldETH()` can lead into loss of funds

#386 code423n4 closed 2 years ago
3
QA Report

#385 code423n4 opened 2 years ago
0
Use of `transfer()` instead of `call()` to send eth

#384 code423n4 closed 2 years ago
1
Gas Optimizations

#383 code423n4 opened 2 years ago
0
QA Report

#382 code423n4 opened 2 years ago
0
Gas Optimizations

#381 code423n4 closed 2 years ago
0
Emergency functions `recoverEther` `recoverERC20`, `moveWithheldETH` and `setWitholdRatio` should not allow `owner` to call them

#380 code423n4 closed 2 years ago
2
Gas Optimizations

#379 code423n4 opened 2 years ago
0
First xERC4626 deposit can break the share calculation.

#378 code423n4 closed 2 years ago
2
[H1] Owner of frxETHMinter can rug pull the contract

#377 code423n4 closed 2 years ago
2
QA Report

#376 code423n4 opened 2 years ago
0
Missing payable

#375 code423n4 closed 2 years ago
1
Gas Optimizations

#374 code423n4 opened 2 years ago
0
An attacker taking over the timelock_address or the owner address will result in DoS and unusable contract (frxETHMinter).

#373 code423n4 closed 2 years ago
2
Risk of ETH funds Rug Pull in the `moveWithheldETH` and `recoverEther` functions

#372 code423n4 closed 2 years ago
2
A mistake made by the Minters can result in minting tokens to a wrong address or a zero address.

#371 code423n4 closed 2 years ago
2
High privilege of `setWithholdRatio` function

#370 code423n4 closed 2 years ago
4
[M3] It is impossible to recover stucked non complying ERC-20 tokens

#369 code423n4 closed 2 years ago
2
Gas Optimizations

#368 code423n4 opened 2 years ago
0
Low level call returns true if the address doesn't exist

#367 code423n4 closed 2 years ago
3
Gas Optimizations

#366 code423n4 opened 2 years ago
0
Users cannot use `mintWithSignature()` function in most cases

#365 code423n4 closed 2 years ago
3
IERC20.transfer doesn't support all ERC20 tokens

#364 code423n4 closed 2 years ago
2
QA Report

#363 code423n4 opened 2 years ago
0
QA Report

#362 code423n4 closed 2 years ago
0
TIMELOCK_ROLE Can Withdraw FUND from the Contracts via recoverEther()

#361 code423n4 closed 2 years ago
2
[M2] Incomplete reentrancy protection of `submitAndDeposit()`

#360 code423n4 opened 2 years ago
4
Gas Optimizations

#359 code423n4 opened 2 years ago
0
QA Report

#358 code423n4 opened 2 years ago
0
depositEther function DoS with locking funds

#357 code423n4 closed 2 years ago
4
Gas Optimizations

#356 code423n4 opened 2 years ago
0
QA Report

#355 code423n4 closed 2 years ago
0
Gas Optimizations

#354 code423n4 opened 2 years ago
0
QA Report

#353 code423n4 opened 2 years ago
0