issues
search
code-423n4
/
2022-09-party-findings
2
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimizations
#262
code423n4
opened
1 year ago
0
QA Report
#261
code423n4
opened
1 year ago
1
QA Report
#260
code423n4
opened
1 year ago
0
QA Report
#259
code423n4
opened
1 year ago
1
Gas Optimizations
#258
code423n4
opened
1 year ago
0
Attackers can mislead users to think they delegated their voting power to them
#257
code423n4
closed
1 year ago
1
Gas Optimizations
#256
code423n4
opened
1 year ago
0
Rounding errors can lead to wrong voting power
#255
code423n4
closed
1 year ago
1
If auction market finalization always reverts, the fund will be locked in the Crowdfund contract forever.
#254
code423n4
opened
1 year ago
2
Gas Optimizations
#253
code423n4
opened
1 year ago
0
Some users won't be able to burn their crowdfund token to get their voting power
#252
code423n4
closed
1 year ago
1
Unsafe ERC721 operations
#251
code423n4
closed
1 year ago
2
QA Report
#250
code423n4
opened
1 year ago
2
No Transfer Ownership Pattern
#249
code423n4
closed
1 year ago
2
There is no Support For The Trading of Cryptopunks
#248
code423n4
opened
1 year ago
3
ETH will be locked in the crowdfund contracts
#247
code423n4
closed
1 year ago
2
Eth can be stucked in contract when NFT was gifted to party (AuctionCrowdfund.sol)
#246
code423n4
closed
1 year ago
2
Missing Check When Attempting to Check if the List of Precious Tokens are Correct
#245
code423n4
closed
1 year ago
1
Users can contribute to the implementation contract
#244
code423n4
closed
1 year ago
3
Call can return true for EOAs and non-existing contracts
#243
code423n4
closed
1 year ago
2
Using transferfrom on ERC721 tokens
#242
code423n4
closed
1 year ago
2
Arbitrary contract call allows attacker to steal from user's wallet
#241
code423n4
closed
1 year ago
2
Proposer can double spend his votes as many times as he likes, rugging the party
#240
code423n4
closed
1 year ago
1
`LibERC20Compat` doesn't handle fee-on transfer ERC20 tokens
#239
code423n4
closed
1 year ago
2
You can give address(0) _mint(), confused with _burn()
#238
code423n4
closed
1 year ago
1
Locked ether
#237
code423n4
closed
1 year ago
2
QA Report
#236
code423n4
opened
1 year ago
2
QA Report
#235
code423n4
opened
1 year ago
0
Gas Optimizations
#234
code423n4
opened
1 year ago
0
Unchecked return value for `emergencyExecute()` in the `PartyGovernance` contract
#233
code423n4
closed
1 year ago
3
Hardcoded Threshold to Define "Unanimous Votes" May Prevent Proposals as being Unanimous
#232
code423n4
closed
1 year ago
2
# Only part of `keccak256()` is used as hash, making it susceptible to collision attacks
#231
code423n4
opened
1 year ago
3
Gas Optimizations
#230
code423n4
opened
1 year ago
0
Gas Optimizations
#229
code423n4
opened
1 year ago
0
QA Report
#228
code423n4
opened
1 year ago
1
Gas Optimizations
#227
code423n4
opened
1 year ago
0
Accidental `newPartyHost` in `PartyGovernance.sol` Could Result in Irreversible Changes
#226
code423n4
closed
1 year ago
2
_create() function doesn't check if party variable is equal to 0
#225
code423n4
closed
1 year ago
2
Fee = 0 in case supply is less then 10
#224
code423n4
closed
1 year ago
1
QA Report
#223
code423n4
opened
1 year ago
1
Gas Optimizations
#222
code423n4
opened
1 year ago
0
havent specify the solidity compiler version, 8.15 and older version may lead to a mis encoded struct parameter
#221
code423n4
closed
1 year ago
2
Attacker can force AuctionCrowdfunds to bid their entire contribution up to maxBid
#220
code423n4
opened
1 year ago
3
QA Report
#219
code423n4
opened
1 year ago
0
proposals/ArbitraryCallsProposal.sol havent specify the compiler version, using compiler before 8.16 may lead to structure ArbitraryCall mis-encoded
#218
code423n4
closed
1 year ago
1
`propose` function can be called multiple times to create many meaningless proposals for spamming frontend and weakening user experience
#217
code423n4
closed
1 year ago
2
`createParty` function can be called multiple times to create many meaningless parties for spamming frontend
#216
code423n4
closed
1 year ago
2
Users may accidentally send ETH to `Party.sol` and `PartyGovernance.sol` without any way to retrieve the funds back
#215
code423n4
closed
1 year ago
2
Gas Optimizations
#214
code423n4
opened
1 year ago
0
Attacker can list an NFT they own and inflate to zero all users' contributions, keeping the NFT and all the money
#213
code423n4
opened
1 year ago
6
Previous
Next