issues
search
code-423n4
/
2022-10-thegraph-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
QA Report
#315
code423n4
closed
1 year ago
1
Missing 0 check can lead to unexpected behaviors
#314
code423n4
closed
1 year ago
0
QA Report
#313
code423n4
opened
1 year ago
1
User can send an excess of ETH to L1GraphTokenGateway
#312
code423n4
closed
1 year ago
2
Gas Optimizations
#311
code423n4
closed
1 year ago
0
QA Report
#310
code423n4
closed
1 year ago
1
Gas Optimizations
#309
code423n4
closed
1 year ago
0
# ERC20 transfer / transferFrom with not checked return value
#308
code423n4
closed
1 year ago
1
No check transferFrom() return value
#307
code423n4
closed
1 year ago
0
# Upgradeable contract is missing a __gap[50] storage variable to allow for new storage variables in later versions
#306
code423n4
closed
1 year ago
4
QA Report
#305
code423n4
closed
1 year ago
1
Gas Optimizations
#304
code423n4
closed
1 year ago
0
Gas Optimizations
#303
code423n4
opened
1 year ago
0
QA Report
#302
code423n4
closed
1 year ago
1
Missing gap variable for upgradeable base contract
#301
code423n4
closed
1 year ago
2
Governor can rug pull the escrow
#300
code423n4
opened
1 year ago
5
GRT is inflated by escrowing L1 tokens instead of burning them
#299
code423n4
closed
1 year ago
3
Lack of gap variable in GraphTokenUpgradeable
#298
code423n4
closed
1 year ago
4
Transferfrom must return a bool
#297
code423n4
closed
1 year ago
1
Gas Optimizations
#296
code423n4
closed
1 year ago
0
QA Report
#295
code423n4
closed
1 year ago
0
If L1GraphTokenGateway's outboundTransfer is called by a contract, the entire msg.value is blackholed, whether the ticket got redeemed or not.
#294
code423n4
opened
1 year ago
5
GraphToken permit() function is vulnerable to approval double spending :
#293
code423n4
opened
1 year ago
3
QA Report
#292
code423n4
opened
1 year ago
0
calculateL2TokenAddress() may return old L2GraphToken address from cache leading to critical damage to user funds
#291
code423n4
closed
1 year ago
3
Gas Optimizations
#290
code423n4
opened
1 year ago
0
After proposed 0.8.0 upgrade kicks in, L2 finalizeInboundTransfer might not work.
#289
code423n4
opened
1 year ago
4
Gas Optimizations
#288
code423n4
opened
1 year ago
0
Gas Optimizations
#287
code423n4
closed
1 year ago
0
Gas Optimizations
#286
code423n4
closed
1 year ago
0
Missing two step update mechanism for GraphProxy's ProxyAdmin may leave upgradeable contracts non-upgradeable
#285
code423n4
closed
1 year ago
2
Lack of a contract existence check may lead to undefined behavior
#284
code423n4
closed
1 year ago
2
QA Report
#283
code423n4
closed
1 year ago
0
QA Report
#282
code423n4
opened
1 year ago
0
QA Report
#281
code423n4
opened
1 year ago
1
QA Report
#280
code423n4
closed
1 year ago
1
Using ifAdminOrPendingImpl modifier to forcefully interact with implementation contracts via _fallback() call.
#279
code423n4
closed
1 year ago
3
Gas Optimizations
#278
code423n4
opened
1 year ago
0
Signature can be reused across forks due to lack of chainid validation
#277
code423n4
closed
1 year ago
3
QA Report
#276
code423n4
opened
1 year ago
2
Using ifAdmin modifier to forcefully interact with implementation contracts via _fallback() call.
#275
code423n4
closed
1 year ago
1
Gas Optimizations
#274
code423n4
opened
1 year ago
0
QA Report
#273
code423n4
opened
1 year ago
1
Gas Optimizations
#272
code423n4
closed
1 year ago
0
Gas Optimizations
#271
code423n4
opened
1 year ago
0
Lack of 2-step process for changing the admin can cause loss of administrative power
#270
code423n4
closed
1 year ago
1
Gas Optimizations
#269
code423n4
opened
1 year ago
1
QA Report
#268
code423n4
closed
1 year ago
0
Gas Optimizations
#267
code423n4
closed
1 year ago
0
Remove burn capabilities from `L2GraphToken`
#266
code423n4
closed
1 year ago
3
Next