code-423n4 2022-09-frax-findings issues

code-423n4 / 2022-09-frax-findings

2 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

TIMELOCK CAN BE BYPASSED

#352 code423n4 closed 2 years ago
2
Gas Optimizations

#351 code423n4 opened 2 years ago
0
QA Report

#350 code423n4 closed 2 years ago
0
removeMinter function DoS

#349 code423n4 closed 2 years ago
2
Gas Optimizations

#348 code423n4 opened 2 years ago
0
QA Report

#347 code423n4 opened 2 years ago
0
`recoverEther` not updating `currentWithheldETH` breaks calculation of withheld amount for further deposits

#346 code423n4 opened 2 years ago
2
Gas Optimizations

#345 code423n4 opened 2 years ago
0
QA Report

#344 code423n4 opened 2 years ago
0
Admin rug vector in `moveWithheldETH()`

#343 code423n4 closed 2 years ago
2
Gas Optimizations

#342 code423n4 opened 2 years ago
0
IERC20().transfer may revert for some tokens

#341 code423n4 closed 2 years ago
2
QA Report

#340 code423n4 opened 2 years ago
0
The Frax ETH liquid staking protocol WRONGLY assumes that the users can convert their sfrxETH for more frxETH over time

#339 code423n4 closed 2 years ago
2
Malicious owner can DoS `frxETHMinter.depositEther` by adding the same validator twice

#338 code423n4 opened 2 years ago
2
QA Report

#337 code423n4 opened 2 years ago
0
[M1] 32-bit timestamp usage will make contract unusable in 2106

#336 code423n4 closed 2 years ago
3
Gas Optimizations

#335 code423n4 opened 2 years ago
0
Malicious user can grief `frxETHMinter.sol` by depositing small amounts of ETH

#334 code423n4 closed 2 years ago
2
Large deposits can dos frxETHMinter#depositEther due to unbounded loop

#333 code423n4 closed 2 years ago
3
Gas Optimizations

#332 code423n4 opened 2 years ago
0
Gas Optimizations

#331 code423n4 opened 2 years ago
0
Gas Optimizations

#330 code423n4 opened 2 years ago
0
Mistakenly use of arithmetic operation can lead to loss

#329 code423n4 closed 2 years ago
3
QA Report

#328 code423n4 opened 2 years ago
0
Missing checks of return value of transfer()

#327 code423n4 closed 2 years ago
2
M01: USE SAFETRANSFERFROM INSTEAD OF TRANSFERFROM

#326 code423n4 closed 2 years ago
3
ERC20 return values not checked in `frxETHMinter.sol`

#325 code423n4 closed 2 years ago
2
QA Report

#324 code423n4 opened 2 years ago
0
Gas Optimizations

#323 code423n4 opened 2 years ago
0
Gas Optimizations

#322 code423n4 opened 2 years ago
0
Precision Loss While Dividing First and Multiplying Later

#321 code423n4 closed 2 years ago
3
Gas Optimizations

#320 code423n4 opened 2 years ago
0
QA Report

#319 code423n4 opened 2 years ago
0
removeValidator without dont_care_about_ordering may always revert if there are too many validators.

#318 code423n4 closed 2 years ago
2
syncRewards must be called on all cycles. If one cycle is missed, the reward may be miscalculated.

#317 code423n4 closed 2 years ago
2
QA Report

#316 code423n4 closed 2 years ago
0
Gas Optimizations

#315 code423n4 opened 2 years ago
0
Ether cannot be staked in the `frxETHMinter.sol` contract if an attacker forces ether into the contract with `selfdestruct`

#314 code423n4 closed 2 years ago
3
Very large deposits cause OOG in `depositEther()`

#313 code423n4 closed 2 years ago
3
Gas griefing on moveWithheldETH

#312 code423n4 closed 2 years ago
3
Withdraw may revert when the last user tries to withdraw all

#311 code423n4 closed 2 years ago
2
[NAZ-H1] `syncRewards()` Can be Front-Run With A Flashloan To Force `lastRewardAmount` To Equal Zero

#310 code423n4 closed 2 years ago
2
Gas Optimizations

#309 code423n4 opened 2 years ago
0
Incorrect staking rewards due to delay in calling `syncRewards()`

#308 code423n4 closed 2 years ago
2
QA Report

#307 code423n4 opened 2 years ago
0
`syncRewards()` after xERC4626's `beforeWithdraw()` can result in wrong reward amount

#306 code423n4 closed 2 years ago
2
Gas Optimizations

#305 code423n4 opened 2 years ago
0
Gas Optimizations

#304 code423n4 opened 2 years ago
0
Governor can rug all unstaked ether in contract using recoverEther. frxETH will become unbacked by real staked ETH since it is rugged by an admin.

#303 code423n4 closed 2 years ago
2

Previous Next