issues
search
code-423n4
/
2022-11-size-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimizations
#139
code423n4
opened
2 years ago
1
`bid` function does not use nonce
#138
code423n4
closed
2 years ago
1
Incompatibility with ERC20 Tokens with Reflection token feature
#137
code423n4
closed
2 years ago
3
Missing ReEntrancy Guard to `finalize` function
#136
code423n4
closed
2 years ago
1
Gas Optimizations
#135
code423n4
closed
2 years ago
1
Calls to `finalize` can avoid updating state allowing an attacker to steal funds
#134
code423n4
closed
2 years ago
3
Gas Optimizations
#133
code423n4
opened
2 years ago
1
QA Report
#132
code423n4
closed
2 years ago
1
It should not be possible to create an auction with a `Point(1,1)` `publicKey`
#131
code423n4
closed
2 years ago
2
no `baseAmount` validation in `bid()` makes gas grieving attacks on `seller` possible, by doing 'ghost' bids
#130
code423n4
closed
2 years ago
3
QA Report
#129
code423n4
closed
2 years ago
3
Stealing fund directly from protocol (Repeating finalizing an auction or Cancelling a finalized auction)
#128
code423n4
closed
2 years ago
3
QA Report
#127
code423n4
closed
2 years ago
1
Preventing other bidders to bid on an auction
#126
code423n4
closed
2 years ago
4
Gas Optimizations
#125
code423n4
closed
2 years ago
1
`Seller` can finalize an auction multiple times
#124
code423n4
closed
2 years ago
3
Bidder can spam an auction to grief seller or to prevent other bidders from joining the auction
#123
code423n4
closed
2 years ago
2
Seller has no commitment and could use the system to create griefing attacks
#122
code423n4
closed
2 years ago
3
QA Report
#121
code423n4
closed
2 years ago
1
Gas Optimizations
#120
code423n4
closed
2 years ago
1
QA Report
#119
code423n4
closed
2 years ago
1
Malicious users may launch DOS attacks or ensure that they buy at the lowest price.
#118
code423n4
closed
2 years ago
3
Gas Optimizations
#117
code423n4
closed
2 years ago
1
SizeSealed do not support fee on transfer and rebasing tokens
#116
code423n4
closed
2 years ago
2
Malicious user can DOS auction with no risk
#115
code423n4
closed
2 years ago
3
CommonTokenMath.tokensAvailableAtTime handles vesting time incorrectly
#114
code423n4
closed
2 years ago
1
QA Report
#113
code423n4
closed
2 years ago
1
QA Report
#112
code423n4
closed
2 years ago
1
Gas Optimizations
#111
code423n4
opened
2 years ago
1
Gas Optimizations
#110
code423n4
closed
2 years ago
1
Gas Optimizations
#109
code423n4
closed
2 years ago
1
QA Report
#108
code423n4
opened
2 years ago
1
Bidder can DOS Auction
#107
code423n4
closed
2 years ago
2
Gas Optimizations
#106
code423n4
closed
2 years ago
1
QA Report
#105
code423n4
closed
2 years ago
1
Seller can skip low rate bidders
#104
code423n4
closed
2 years ago
3
Risk of infomation leakage due to bid with plain quote amount as input parameter
#103
code423n4
opened
2 years ago
5
Malicious user can always buy out the auction at the `minimumBidQuote` by blocking out other bidders
#102
code423n4
closed
2 years ago
2
Malicious ERC20 tokens can cause auction funds to be locked
#101
code423n4
closed
2 years ago
1
QA Report
#100
code423n4
closed
2 years ago
1
Gas Optimizations
#99
code423n4
opened
2 years ago
1
The auction wouldn't work properly when the quote token is a `fee-on-transfer` token.
#98
code423n4
closed
2 years ago
2
The sorting logic is not strict enough
#97
code423n4
opened
2 years ago
11
A malicious seller can cancel the auction after finalization
#96
code423n4
closed
2 years ago
3
A malicious seller can drain the protocol
#95
code423n4
closed
2 years ago
2
Bidders might fail to withdraw their unused funds after the auction was finalized because the contract doesn't have enough balance.
#94
code423n4
opened
2 years ago
5
Sellers can't finalize their auctions by a malicious bidder
#93
code423n4
closed
2 years ago
4
Setting a maximum of 1000 allowed bids can open up auction to griefing
#92
code423n4
closed
2 years ago
2
Gas Optimizations
#91
code423n4
opened
2 years ago
1
Auction can be manipulated by a scheming bidder due to the ability to `cancelBid()` during reveal phase
#90
code423n4
closed
2 years ago
3
Previous
Next