code-423n4 2024-01-renft-findings issues

code-423n4 / 2024-01-renft-findings

2 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Blacklisted Borrowers could lock the NFTs in their Safe

#550 c4-bot-2 closed 10 months ago
3
Lack of events for critical

#549 c4-bot-9 closed 10 months ago
3
Rental stop transaction will be blocked if the payment recipient gets blacklisted

#548 c4-bot-2 closed 10 months ago
2
onERC721Received could fail if the lender is a contract

#547 c4-bot-2 closed 10 months ago
4
Asset can be stuck in renters safe and funds stolen from the escrow preventing other lenders from settling their positions.

#546 c4-bot-9 closed 10 months ago
6
Seaport malfunction could lock the NFTs and the payments

#545 c4-bot-8 closed 10 months ago
5
Denial-of-service issue on rental stop transactions

#544 c4-bot-6 closed 10 months ago
7
Adding new variables to Module contracts may result in unexpected storage collisions

#543 c4-bot-3 closed 10 months ago
2
if ESCRW does not call stopRental(…) at the end of the rental, renter can still make use of rented asset.

#542 c4-bot-5 closed 10 months ago
5
Rental safes are unable to interact with other contracts via the receive ether function

#541 c4-bot-7 opened 10 months ago
8
Token Balance Skimming issue

#540 c4-bot-6 closed 10 months ago
2
Any renter can burn a lender's rented tokens

#539 c4-bot-10 closed 10 months ago
3
Risk of DoS when stoping large rental orders due to block gas limit

#538 c4-bot-10 opened 10 months ago
7
QA Report

#537 c4-bot-9 closed 10 months ago
5
QA Report

#536 c4-bot-2 opened 10 months ago
2
There is no check in "updateHookPath()" and "updateHookStatus()" in Storage.sol to make sure the change of hook status won't affect current rental order, it can result in an active rental order cannot be stopped.

#535 c4-bot-2 closed 10 months ago
2
"Indivisible Token Rounding Issue Affecting NFT Rental Payouts in `PaymentEscrow.sol`"

#534 c4-bot-2 closed 10 months ago
2
Gas Griefing in Hook Execution

#533 c4-bot-4 closed 10 months ago
2
Data Race Conditions

#532 c4-bot-6 closed 10 months ago
2
Denial of Service in stopRent function

#531 c4-bot-4 closed 10 months ago
2
Contract Upgrade During Execution can lead to inconsistent contract states

#530 c4-bot-3 closed 10 months ago
2
Invalid Rental Order Data

#529 c4-bot-7 closed 10 months ago
2
Front-Running in stopRent function

#528 c4-bot-7 closed 10 months ago
2
Dependency Failure not handled

#527 c4-bot-7 closed 10 months ago
2
Gas Optimizations

#526 c4-bot-7 closed 10 months ago
1
Permission Revocation Handling

#525 c4-bot-7 closed 10 months ago
2
Escrow Settlement Failure Handling

#524 c4-bot-7 closed 10 months ago
2
Hook Reentrancy Attack

#523 c4-bot-7 closed 10 months ago
2
Simultaneous Stops not handled correctly

#522 c4-bot-3 closed 10 months ago
2
Block Gas Limitations in stopRentBatch function

#521 c4-bot-9 closed 10 months ago
2
Reentrancy: Malicious Hook can disrupt stop process

#520 c4-bot-5 closed 10 months ago
2
Insuffecient Access Control when Changing the Guard Contract

#519 c4-bot-6 closed 10 months ago
2
Batch Transfers can lead to unauthorized transfer of rented assets

#518 c4-bot-2 closed 10 months ago
2
Delegate Call Restriction

#517 c4-bot-3 closed 10 months ago
2
Gas Optimizations

#516 c4-bot-3 opened 10 months ago
3
Rental Token Transfer Attempt

#515 c4-bot-5 closed 10 months ago
2
CREATE_SIGNER signatures can be maliciously used on wrong orders

#514 c4-bot-5 closed 10 months ago
3
Signature Replay Risks with Static Implementation of _DOMAIN_SEPARATOR in EIP-712 Signatures

#513 c4-bot-7 closed 10 months ago
3
Missing events for Safe Ownership and Threshold Changes

#512 c4-bot-1 closed 10 months ago
2
Safe Deployment Event needs more information

#511 c4-bot-1 closed 10 months ago
2
Delegate Call Security

#510 c4-bot-1 closed 10 months ago
2
Malicious Module and Guard addresses can be set

#509 c4-bot-6 closed 10 months ago
2
Reentrancy can lead to potential loss of funds

#508 c4-bot-6 closed 10 months ago
2
Insuffecient Threshold Validation

#507 c4-bot-8 closed 10 months ago
2
Users funds can be locked in escrow module due to possibility of feeNumerator being set too high

#506 c4-bot-6 closed 10 months ago
2
Storage and escrow functionality can be compromised

#505 c4-bot-9 closed 10 months ago
2
Order Fulfillment hashing not suffeciently validated

#504 c4-bot-7 closed 10 months ago
2
ChainID Dependency could allow signature replay attacks

#503 c4-bot-3 closed 10 months ago
4
Insuffecient Signature Validation

#502 c4-bot-10 closed 10 months ago
2
DoS of Rental stopping mechanism

#501 c4-bot-10 opened 10 months ago
5

Previous Next