issues
search
code-423n4
/
2023-07-arcade-findings
2
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Upgraded Q -> 2 from #422 [1692189363530]
#574
c4-judge
closed
1 year ago
2
Upgraded Q -> 2 from #513 [1691698843467]
#572
c4-judge
opened
1 year ago
3
QA Report
#571
code423n4
closed
1 year ago
1
QA Report
#570
code423n4
closed
1 year ago
1
`NFTBoostVault` incompatible with some NFTs
#569
code423n4
closed
1 year ago
5
Reverts when a User claims Voting Power of address(0) where there exists some for address(0)
#568
code423n4
closed
1 year ago
4
QA Report
#567
code423n4
closed
1 year ago
1
QA Report
#566
code423n4
closed
1 year ago
1
Batch function calls can use up all the gas and fail
#565
code423n4
closed
1 year ago
2
QA Report
#564
code423n4
closed
1 year ago
1
Malicious user can create an harmful proposal and execute it by setting a very low quorum .
#563
code423n4
closed
1 year ago
2
User able to steal all votes escrowed in `LockingVault` due to downcasting
#562
code423n4
closed
1 year ago
2
Analysis
#561
code423n4
closed
1 year ago
2
QA Report
#560
code423n4
closed
1 year ago
1
[NFTBoostVault] User can add NFTs which have not been assigned a multiplier
#559
code423n4
closed
1 year ago
3
Analysis
#558
code423n4
opened
1 year ago
3
User can delegate to address(0) in ARCDVestingVault thereby increasing address(0) VotingPower
#557
code423n4
closed
1 year ago
4
Analysis
#556
code423n4
opened
1 year ago
3
`Manager` can delete any users voting power
#555
code423n4
closed
1 year ago
5
A user could call mint() with less ETH than the mintPrice and improperly mint badges for a cheaper cost.
#554
code423n4
closed
1 year ago
2
QA Report
#553
code423n4
closed
1 year ago
1
QA Report
#552
code423n4
closed
1 year ago
1
NFTBoostVault.sol: After NFT update, if that NFT does not assigned with any multiplier value, user will lose all of their votes.
#551
code423n4
opened
1 year ago
3
Gas Optimizations
#550
code423n4
closed
1 year ago
1
Gas Optimizations
#549
code423n4
closed
1 year ago
1
Gas Optimizations
#548
code423n4
closed
1 year ago
1
QA Report
#547
code423n4
closed
1 year ago
1
Unsafe downcast can lead to silent Overflow that causes accounting issues which can be exploited.
#546
code423n4
closed
1 year ago
8
If a lower multiplier for a particular NFT was set the owner of this NFT can avoid syncing votes with new values.
#545
code423n4
closed
1 year ago
3
QA Report
#544
code423n4
closed
1 year ago
1
voting power is insufficiently tracked
#543
code423n4
closed
1 year ago
5
NFTBoostVault is not a proper implementation/logic contract in upgradeability system
#542
code423n4
closed
1 year ago
3
token address checks in batchCalls can be bypassed with approve call on unset tokens
#541
code423n4
opened
1 year ago
6
Missing Validation which could cause Underflow Error
#540
code423n4
closed
1 year ago
11
ARCDVestingVault.sol::revokeGrant can revert for zero value transfers with weird ERC20 tokens.
#539
code423n4
closed
1 year ago
3
QA Report
#538
code423n4
closed
1 year ago
1
faulty users can abuse the function `delegate` in `NFTBoostVault.sol`
#537
code423n4
closed
1 year ago
2
withdrawFees Have a vulnerability leading to
#536
code423n4
closed
1 year ago
2
Loss of previous spending power for same spender address in Treasury Contract
#535
code423n4
closed
1 year ago
2
Malicious proposal can drain the treasury contract and bypass the gscAllowance[token] check
#534
code423n4
closed
1 year ago
5
treasury approveSmallSpending, approveMediumSpend and approveLargeSpend and setThreshold and setGSCAllowance can be frontrunned
#533
code423n4
closed
1 year ago
2
Analysis
#532
code423n4
opened
1 year ago
1
Arbitrary from in transferFrom
#531
code423n4
closed
1 year ago
3
Analysis
#530
code423n4
closed
1 year ago
1
ImmutableVestingVault does not support multiple grants for the same recipient, breaking core logic
#529
code423n4
closed
1 year ago
6
Incorrect accounting in GSC approval mechanism in `ArcadeTreasury`
#528
code423n4
closed
1 year ago
2
setThreshold can bypass cool down period in setGSCAllowance
#527
code423n4
closed
1 year ago
3
`ARCDVestingVault._syncVotingPower` could revert if `newVotingPower` is big enough.
#526
code423n4
closed
1 year ago
3
treasury approveSmallSpending / MediumSpend / LargeSpend and small / medium / large transfer can be blocked
#525
code423n4
closed
1 year ago
7
Block Gas Calculation Error
#524
code423n4
closed
1 year ago
2
Next