issues
search
code-423n4
/
2022-10-thegraph-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimizations
#265
code423n4
closed
1 year ago
0
Cached EIP-712 domain separator may lead to replay attacks
#264
code423n4
closed
1 year ago
1
QA Report
#263
code423n4
opened
1 year ago
1
QA Report
#262
code423n4
opened
1 year ago
0
QA Report
#261
code423n4
opened
1 year ago
0
Gas Optimizations
#260
code423n4
opened
1 year ago
0
Gas Optimizations
#259
code423n4
closed
1 year ago
0
Atomicity Literally NOT Guaranteed
#258
code423n4
closed
1 year ago
2
Permanent lockup of tokens without recovery possible
#257
code423n4
closed
1 year ago
3
QA Report
#256
code423n4
opened
1 year ago
0
Gas Optimizations
#255
code423n4
opened
1 year ago
0
Gas Optimizations
#254
code423n4
opened
1 year ago
0
Gas Optimizations
#253
code423n4
closed
1 year ago
0
Gas Optimizations
#252
code423n4
closed
1 year ago
0
Governor can rug all GRT by setting the gateway to her wallet (Governor may be hacked)
#251
code423n4
closed
1 year ago
1
No check for zero address
#250
code423n4
closed
1 year ago
0
Gas Optimizations
#249
code423n4
closed
1 year ago
0
Gas Optimizations
#248
code423n4
closed
1 year ago
0
Gas Optimizations
#247
code423n4
closed
1 year ago
0
[NAZ-M3] Use `safeTransfer()/safeTransferFrom()` instead of `transfer()/transferFrom()`
#246
code423n4
closed
1 year ago
0
[NAZ-M2] `MINTER_ROLE` Can Be Granted By The Deployer and Can Mint Arbitrary Amount of Tokens
#245
code423n4
closed
1 year ago
1
L2 GRAPH TOKEN CONTRACT AND L1 AND L2 GATEWAY CONTRACTS ARE NOT FULLY UPGRADEABLE BECAUSE `GraphTokenUpgradeable` AND `GraphTokenGateway` CONTRACTS DO NOT INCLUDE STORAGE GAPS
#244
code423n4
closed
1 year ago
11
[NAZ-M1] `GraphTokenUpgradeable.permit()` Should Always Check `recoveredAddress != 0`
#243
code423n4
closed
1 year ago
2
QA Report
#242
code423n4
opened
1 year ago
0
Gas Optimizations
#241
code423n4
opened
1 year ago
0
No Storage Gap for Upgradeable Contracts
#240
code423n4
closed
1 year ago
2
Signature malleability not protected against
#239
code423n4
closed
1 year ago
2
Dont check return type
#238
code423n4
closed
1 year ago
0
Set admin without accept method
#237
code423n4
closed
1 year ago
0
Set admin emit event with wrong data
#236
code423n4
closed
1 year ago
2
`outboundTransfer` should return excess msg.value
#235
code423n4
closed
1 year ago
3
`transferfrom` with arbitrary `from` address allows attackers to receive tokens in L2 without paying
#234
code423n4
closed
1 year ago
1
Gas Optimizations
#233
code423n4
opened
1 year ago
1
QA Report
#232
code423n4
closed
1 year ago
0
QA Report
#231
code423n4
closed
1 year ago
1
QA Report
#230
code423n4
opened
1 year ago
4
`approve` is vulnerable to frontrunning attacks
#229
code423n4
closed
1 year ago
1
No withdraw mechanism for eth sent to GraphProxy contract
#228
code423n4
closed
1 year ago
1
Gas Optimizations
#227
code423n4
opened
1 year ago
0
USE SAFEERC20 (SAFEAPPROVE/SAFEMINT/SAFETRANSFERFROM) INSTEAD OF APPROVE/MINT/TRANSFER FROM
#226
code423n4
closed
1 year ago
0
Use OpenZeppelin's safeTransferFrom instead of transferFrom when transferring ERC20 tokens
#225
code423n4
closed
1 year ago
1
QA Report
#224
code423n4
closed
1 year ago
0
QA Report
#223
code423n4
closed
1 year ago
0
Gas Optimizations
#222
code423n4
closed
1 year ago
0
QA Report
#221
code423n4
closed
1 year ago
0
QA Report
#220
code423n4
closed
1 year ago
1
Gas Optimizations
#219
code423n4
opened
1 year ago
0
Gas Optimizations
#218
code423n4
closed
1 year ago
0
Possible lost msg.value in `L1GraphTokenGateway.outboundTransfer()`.
#217
code423n4
closed
1 year ago
2
QA Report
#216
code423n4
closed
1 year ago
0
Previous
Next