issues
search
code-423n4
/
2023-01-drips-findings
0
stars
2
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimizations
#126
code423n4
closed
1 year ago
2
QA Report
#125
code423n4
closed
1 year ago
2
An authorized user can call authorize()/unauthorize() functions via ```CallAs()``` function
#124
code423n4
closed
1 year ago
6
QA Report
#123
code423n4
closed
1 year ago
4
`Caller.callBatched`, `Caller.callSigned` and `Caller.callAs` do not track sent ETH
#122
code423n4
closed
1 year ago
3
Gas Optimizations
#121
code423n4
closed
1 year ago
2
Possible Overflow & No Error Mitigation
#120
code423n4
closed
1 year ago
2
QA Report
#119
code423n4
closed
1 year ago
2
Admin update lacks two step verification for DripsHub
#118
code423n4
closed
1 year ago
2
`Managed.sol` uses single-step ownership transfer
#117
code423n4
closed
1 year ago
2
No reentrancy guard on safeMint() function that has a callback
#116
code423n4
closed
1 year ago
2
QA Report
#115
code423n4
closed
1 year ago
2
ImmutableSplitsDriver is deployed under proxy, but it states that it is immutable
#114
code423n4
closed
1 year ago
5
NftDriver exposes burn function which can be used by mistake in order to remove access to your collectable amount inside DripsHub
#113
code423n4
closed
1 year ago
5
Gas Optimizations
#112
code423n4
opened
1 year ago
2
Gas Optimizations
#111
code423n4
closed
1 year ago
1
Caller contract doesn't have ability to invalidate signed message
#110
code423n4
closed
1 year ago
5
Drips and splits can be go uncreated ids.
#109
code423n4
closed
1 year ago
5
The splitting amount depends on the order of the receivers' userIDs, which could eventually lead to stealing splits
#108
code423n4
closed
1 year ago
6
Splits._setSplits function doesn't transfer splittable amount to receivers before changing
#107
code423n4
closed
1 year ago
14
Fee on transfer and rebase tokens are not supported, however docs says that any erc20 is supported
#106
code423n4
closed
1 year ago
2
DripsHub should verify the driverId of the receiver in setDrips(), give() and setSplits()
#105
code423n4
closed
1 year ago
9
Gas Optimizations
#104
code423n4
closed
1 year ago
2
Admin of the upgradeable proxy contracts can rug users
#103
code423n4
closed
1 year ago
2
QA Report
#102
code423n4
closed
1 year ago
2
Gas Optimizations
#101
code423n4
closed
1 year ago
2
If contract is paused then payer's even if they want to cut payment they should pay receivers.
#100
code423n4
closed
1 year ago
9
QA Report
#99
code423n4
closed
1 year ago
3
QA Report
#98
code423n4
closed
1 year ago
2
Gas Optimizations
#97
code423n4
closed
1 year ago
2
QA Report
#96
code423n4
closed
1 year ago
2
QA Report
#95
code423n4
closed
1 year ago
2
Gas Optimizations
#94
code423n4
closed
1 year ago
2
ImmutableSplitsDriver.createSplits() will always fail due to improper access control
#93
code423n4
closed
1 year ago
6
Gas Optimizations
#92
code423n4
opened
1 year ago
1
QA Report
#91
code423n4
closed
1 year ago
2
Downcasting overflow
#90
code423n4
closed
1 year ago
3
QA Report
#89
code423n4
closed
1 year ago
2
Gas Optimizations
#88
code423n4
closed
1 year ago
2
Gas Optimizations
#87
code423n4
closed
1 year ago
3
Gas Optimizations
#86
code423n4
closed
1 year ago
2
QA Report
#85
code423n4
closed
1 year ago
2
_split will mostly fail/revert on small-weighted receivers due to underflow
#84
code423n4
closed
1 year ago
5
Use reentrancyGuard for safeTransfer
#83
code423n4
closed
1 year ago
2
`receivableCycles` can still be `> maxCycles` in `_receiveDripsResult`
#82
code423n4
closed
1 year ago
5
Gas Optimizations
#81
code423n4
opened
1 year ago
4
Gas Optimizations
#80
code423n4
closed
1 year ago
2
QA Report
#79
code423n4
closed
1 year ago
3
Stealing funds from the Trusted Forwarder (Caller contract); ERC2771
#78
code423n4
closed
1 year ago
4
The setDrips() function gives the wrong accounting of the total balance of ERC20 tokens.
#77
code423n4
closed
1 year ago
5
Previous
Next