QA Report - Githubissues

code-423n4 / 2023-04-caviar-findings

9 stars 4 forks source link

QA Report #409

Open code423n4 opened 1 year ago

code423n4 commented 1 year ago

See the markdown file with the details of this report here.

GalloDaSballo commented 1 year ago

L-01 Solmate’s SafeTransferLib doesn’t check whether the ERC20 contract exists

L-02 Low level calls don’t check for contract existence

L-03 EthRouter.sol constructor lacking zero address check

L-04 Use `safeTransferOwnership` instead of `transferOwnership` function

L-05 `EthRouter.buy/sell()` possible OOG error

L-06 `Factory.sol` missing Zero address checks

L-07 Using array memory parameter without checking its length

L-08 Incomplete input validation at `PrivatePool.setVirtualReserves()`

L-09 Incomplete input validation at `PrivatePool.initialize()` and `constructor`

c4-judge commented 1 year ago

GalloDaSballo marked the issue as grade-b