code-423n4 2023-03-wenwin-findings issues

code-423n4 / 2023-03-wenwin-findings

1 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Rounding division error could occur in the receiveRandomNumber function

#472 code423n4 closed 1 year ago
1
Modernizing the game mechanics by incorporating a more advanced and immediate random number generation process

#471 code423n4 closed 1 year ago
6
Fixed rewards may also be cut

#470 code423n4 closed 1 year ago
3
Malicious owner could arbitrarily swap random number source if maxFailedAttempts initialized with 0 value

#469 code423n4 closed 1 year ago
2
QA Report

#468 code423n4 closed 1 year ago
5
`drawCoolDownPeriod` of 0 may allow frontrunning the draw with a winning ticket purchase

#467 code423n4 closed 1 year ago
2
Do not re-request randomness

#466 code423n4 closed 1 year ago
5
Ticket may expire sooner or later than after one year

#465 code423n4 closed 1 year ago
6
Estimated profit may drift

#464 code423n4 closed 1 year ago
12
Some reward tokens will require too high reward values

#463 code423n4 opened 1 year ago
3
QA Report

#462 code423n4 closed 1 year ago
2
Winnings might be unable to catch up with prize pot

#461 code423n4 closed 1 year ago
2
QA Report

#460 code423n4 closed 1 year ago
2
Multiplier must be capped to prevent expected payout exceeding ticket price

#459 code423n4 closed 1 year ago
3
Gas Optimizations

#458 code423n4 closed 1 year ago
1
Expected payout should not be determined off-chain

#457 code423n4 closed 1 year ago
11
Gas Optimizations

#456 code423n4 closed 1 year ago
1
IF A SINGLE TICKET OF THE USER IS EXPIRED FOR REWARD CLAIM THEN REST OF THE TICKET REWARD CLAIMS WILL ALSO FAIL

#455 code423n4 opened 1 year ago
4
SWC-101 Artihmetic Overflow test/LotteryInvariantChecks.t.sol testBuyClaimFinalize()

#454 code423n4 closed 1 year ago
1
QA Report

#453 code423n4 opened 1 year ago
5
Gas Optimizations

#452 code423n4 opened 1 year ago
7
Gas Optimizations

#451 code423n4 closed 1 year ago
1
Malicious owner can steal funds

#450 code423n4 closed 1 year ago
2
QA Report

#449 code423n4 closed 1 year ago
1
QA Report

#448 code423n4 opened 1 year ago
5
expected outgoing rewards for non-jackpot tiers are not normalized

#447 code423n4 closed 1 year ago
2
QA Report

#446 code423n4 opened 1 year ago
4
No security checks in VRF might lead to compromised results

#445 code423n4 closed 1 year ago
8
Gas Optimizations

#444 code423n4 opened 1 year ago
3
QA Report

#443 code423n4 opened 1 year ago
7
QA Report

#442 code423n4 opened 1 year ago
8
Gas Optimizations

#441 code423n4 opened 1 year ago
4
Fixed multiplicator for minInitialPot and jackpotBound can exclude tokens

#440 code423n4 opened 1 year ago
4
Gas Optimizations

#439 code423n4 opened 1 year ago
2
QA Report

#438 code423n4 closed 1 year ago
6
Source can change the result of the Lottery

#437 code423n4 closed 1 year ago
1
Gas Optimizations

#436 code423n4 closed 1 year ago
1
QA Report

#435 code423n4 opened 1 year ago
5
MaxFailedAttempt is not properly enforced when calling `retry() ` after failed calls in RNSourceController.sol

#434 code423n4 closed 1 year ago
2
QA Report

#433 code423n4 opened 1 year ago
4
10% of ticket price can be locked on zero address

#432 code423n4 opened 1 year ago
3
Ticket minting should use `safeMint`

#431 code423n4 opened 1 year ago
5
`Lottery`: Buyers can spoof frontend for 10% discount

#430 code423n4 closed 1 year ago
2
QA Report

#429 code423n4 opened 1 year ago
4
Owner can silently withdraw funds just before deadline in `StakedTokenLock`

#428 code423n4 opened 1 year ago
5
There is no way to withdraw stuck funds from the lottery contract if the `initialPot` is not reached before the `initialPotDeadline`

#427 code423n4 closed 1 year ago
8
Malicious user can frontrun the selling or transferring of a ticket to claim the rewards

#426 code423n4 closed 1 year ago
3
`Ticket`: Owner of winning ticket can frontrun secondary sales

#425 code423n4 closed 1 year ago
4
Fixed rewards in DAI (or similar token) can potentially overflow when being packed

#424 code423n4 closed 1 year ago
5
Protocol fails to support arbitrary token for rewards

#423 code423n4 opened 1 year ago
5

Previous Next