code-423n4 2023-04-frankencoin-findings issues

code-423n4 / 2023-04-frankencoin-findings

5 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Upgraded Q -> 2 from #928 [1684820150232]

#992 c4-judge closed 1 year ago
2
Upgraded Q -> 2 from #964 [1684819958119]

#991 c4-judge closed 1 year ago
2
Upgraded Q -> 2 from #597 [1684599709636]

#990 c4-judge closed 1 year ago
2
Upgraded Q -> 2 from #597 [1684599598059]

#989 c4-judge closed 1 year ago
2
Upgraded Q -> 2 from #101 [1684391676051]

#987 c4-judge closed 1 year ago
2
Burn logic issue due to lack of checking parameter 0 in burnWithReserve function

#986 code423n4 closed 1 year ago
3
`createNewPosition`/`clonePosition`/`createClone` are suspicious of the reorg attack

#985 code423n4 closed 1 year ago
3
QA Report

#984 code423n4 opened 1 year ago
1
User minting `FPS` can get grieved by equity loss event

#983 code423n4 closed 1 year ago
7
Malicious redeem prevention

#982 code423n4 closed 1 year ago
3
Frankencoin : do not take use the `reservePPM` as function argument. Malicious user can use this value to arbitrarily change the minterReserveE6

#981 code423n4 opened 1 year ago
6
Anyone can open any position with no init period

#980 code423n4 closed 1 year ago
5
Unfair advantage for first minter of `FPS` shares allows them to steal from other holders upon redeem

#979 code423n4 closed 1 year ago
4
Position.sol: usage of an incorrect version of Ownable library can potentially malfunction all onlyOwner functions

#978 code423n4 closed 1 year ago
5
Gas Optimizations

#977 code423n4 opened 1 year ago
3
Lack of slippage in `redeem` can result in loss of shares for redeemer

#976 code423n4 closed 1 year ago
5
Return values of ERC20 transfer and transferFrom are unchecked

#975 code423n4 closed 1 year ago
2
`end()` reverts if bidder blacklisted by collateral token, grieving challenger

#974 code423n4 closed 1 year ago
3
Attacker can extract unlimited ZCHF by setting a high price for a position and challenging it

#973 code423n4 closed 1 year ago
4
`Equity.restructureCapTable` only restructures one address at a time

#972 code423n4 closed 1 year ago
2
QA Report

#971 code423n4 closed 1 year ago
1
QA Report

#970 code423n4 opened 1 year ago
2
MintingHub.sol - modifier validPos can be bricked by taking the position by anyone who not this contract address.

#969 code423n4 closed 1 year ago
5
EQUITY.RECONSTRUCTURECAPTABLE() COULD BE USED TO WIPE ALL FPS HOLDERS WITHOUT A RESCUE PLAN

#968 code423n4 closed 1 year ago
4
SuggestMinter can add m

#967 code423n4 closed 1 year ago
3
`launchChallenge`/`bid` are suspicious of the reorg attack

#966 code423n4 opened 1 year ago
5
`restructure` can be front run

#965 code423n4 closed 1 year ago
5
QA Report

#964 code423n4 opened 1 year ago
2
Allowance not updated correctly

#963 code423n4 closed 1 year ago
3
ERC777 Re-entrancy Risk

#962 code423n4 closed 1 year ago
5
Gas Optimizations

#961 code423n4 closed 1 year ago
3
Result of transferFrom and transfer are not checked.

#960 code423n4 closed 1 year ago
2
`Position` created with `BNB` as collateral will result in locked collateral

#959 code423n4 closed 1 year ago
2
QA Report

#958 code423n4 closed 1 year ago
3
Gas Optimizations

#957 code423n4 opened 1 year ago
2
Gas Optimizations

#956 code423n4 opened 1 year ago
4
Gas Optimizations

#955 code423n4 opened 1 year ago
2
Lack of validation in opening positions parameters can lead to critical vulnerabilities at protocol level

#954 code423n4 closed 1 year ago
4
QA Report

#953 code423n4 opened 1 year ago
2
When the reserve has zero shares everybody has the power to deny everybody's position

#952 code423n4 closed 1 year ago
6
QA Report

#951 code423n4 closed 1 year ago
3
Signature malleability for S

#950 code423n4 closed 1 year ago
5
No donation required to restructure the table

#949 code423n4 opened 1 year ago
4
Gas Optimizations

#948 code423n4 opened 1 year ago
2
QA Report

#947 code423n4 opened 1 year ago
2
System is too permissive of bad debt to maintain faith in peg (especially since it lacks a shutdown mechanism)

#946 code423n4 opened 1 year ago
6
Challenges can be frontrun with de-leveraging to cause lossses for challengers

#945 code423n4 opened 1 year ago
7
QA Report

#944 code423n4 opened 1 year ago
1
Denial Of Service

#943 code423n4 closed 1 year ago
3
Sound adjusting of a position could fail

#942 code423n4 closed 1 year ago
2