issues
search
code-423n4
/
2024-03-coinbase-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Upgraded Q -> 2 from #91 [1711544923384]
#201
c4-judge
closed
8 months ago
3
Analysis
#200
c4-bot-1
opened
8 months ago
2
Gas Optimizations
#199
c4-bot-2
closed
8 months ago
3
QA Report
#198
c4-bot-8
opened
8 months ago
3
QA Report
#197
c4-bot-10
closed
8 months ago
5
Analysis
#196
c4-bot-9
opened
8 months ago
2
Gas Optimizations
#195
c4-bot-7
opened
8 months ago
5
validatePaymasterUserOp() call should not increase _withdrawableETH balance if signature is invalid
#194
c4-bot-9
closed
8 months ago
6
`SELFBALANCE` opcode cannot be used during validation
#193
c4-bot-9
closed
8 months ago
4
QA Report
#192
c4-bot-9
closed
8 months ago
3
Gas Optimizations
#191
c4-bot-5
opened
8 months ago
3
Analysis
#190
c4-bot-9
opened
8 months ago
2
Analysis
#189
c4-bot-1
opened
8 months ago
2
Gas Optimizations
#188
c4-bot-1
opened
8 months ago
3
Gas Optimizations
#187
c4-bot-10
closed
8 months ago
3
QA Report
#186
c4-bot-8
closed
8 months ago
3
Gas Optimizations
#185
c4-bot-4
opened
8 months ago
3
QA Report
#184
c4-bot-10
opened
8 months ago
3
(Still) incorrect check that point is not identity element.
#183
c4-bot-4
opened
8 months ago
24
'alreadyDeployed' should be change after account initialization.
#182
c4-bot-8
closed
8 months ago
5
All Smart Wallet funds will be lost if users remove all owners
#181
c4-bot-8
opened
8 months ago
20
MultiOwnable Flaw Enables Persistent Owner Exploit
#180
c4-bot-9
opened
8 months ago
10
Non-compliance with EIP-4337 spec
#179
c4-bot-4
closed
8 months ago
5
A Mallicious Owner Can Remove All Other Owners
#178
c4-bot-4
opened
8 months ago
9
Potential Front-Running grieving attack in CoinbaseSmartWalletFactory Contract
#177
c4-bot-3
closed
8 months ago
4
Analysis
#176
c4-bot-3
opened
8 months ago
4
MEV Exploitation in Account Abstraction: Risks to Smart Wallet Transactions
#175
c4-bot-1
closed
8 months ago
5
no check for input in 'postOp'
#174
c4-bot-5
closed
8 months ago
4
Analysis
#173
c4-bot-5
opened
8 months ago
3
`withdraw()` Non-ETH token is not supported by bundler + entry point
#172
c4-bot-1
closed
8 months ago
8
Precompile ModExp at 0x05, used by `FCL.ecdsa_verify()`, does not in general exist on other chains
#171
c4-bot-1
opened
8 months ago
25
An owner can remove other owners and itself through EntryPoint contract
#170
c4-bot-2
opened
8 months ago
14
_withdraw can fail on zero amount transfers if amount is set to zero
#169
c4-bot-4
closed
8 months ago
4
Anyone with valid `WithdrawRequest` can steal excess ETH from `MagicSpend`
#168
c4-bot-8
closed
8 months ago
6
Complete WithdrawalRequest denial of service by manipulating expiry via malicious calldata struct encoding
#167
c4-bot-8
closed
8 months ago
12
Analysis
#166
c4-bot-8
opened
8 months ago
2
Analysis
#165
c4-bot-7
closed
8 months ago
3
Paymaster can be Banned Due to Unmitigated Front-running Attacks on Bundled Transactions
#164
c4-bot-10
closed
8 months ago
5
Malicious State Alteration Impacting Bundler Rewards
#163
c4-bot-4
closed
8 months ago
6
Malicious owner can remove other owners and make themselves sole owner of the wallet.
#162
c4-bot-10
opened
8 months ago
9
Gas Optimizations
#161
c4-bot-4
opened
8 months ago
3
Potential Vulnerability Due to Behavior of slice Function in the WebAuthn.sol
#160
c4-bot-4
closed
8 months ago
5
QA Report
#159
c4-bot-9
closed
8 months ago
3
Gas Optimizations
#158
c4-bot-6
opened
8 months ago
3
An owner can remove other owners and itself
#157
c4-bot-9
closed
8 months ago
12
Analysis
#156
c4-bot-5
opened
8 months ago
2
QA Report
#155
c4-bot-5
closed
8 months ago
3
`withdrawGasExcess()` does not check against `withdrawRequest.expiry`
#154
c4-bot-10
closed
8 months ago
8
Analysis
#153
c4-bot-8
closed
8 months ago
2
Analysis
#152
c4-bot-6
opened
8 months ago
2
Next