issues
search
code-423n4
/
2024-05-munchables-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Using Fee-On-Transfer Tokens will lead to user token loss.
#515
howlbot-integration[bot]
closed
1 month ago
1
Contracts are vulnerable to fee-on-transfer accounting-related issues
#514
howlbot-integration[bot]
closed
1 month ago
1
Incompatible with fee-on-transfer tokens
#513
howlbot-integration[bot]
closed
1 month ago
1
Fee-on-Transfer tokens are not handled for the lock function
#512
howlbot-integration[bot]
closed
1 month ago
1
Fee-on-tranfer tokens will mess up the accounting of the `LockManager` contract
#511
howlbot-integration[bot]
closed
1 month ago
1
`APPROVE_THRESHOLD` Set to 1 in `LockManager` Contract Requires 2 Approvals, Contradicting Expected Single Approval Behavior
#510
howlbot-integration[bot]
closed
1 month ago
2
Possible approvals of disproven price proposals
#509
howlbot-integration[bot]
closed
1 month ago
1
Possible double voting potentially could manipulate USD price logic
#508
howlbot-integration[bot]
closed
1 month ago
1
`approveUSDPrice` don't have a check to make sure proposal has disapproval before approval.
#507
howlbot-integration[bot]
closed
1 month ago
1
PriceFeed can first `disapproveUSDPrice` and then `approveUSDPrice`
#506
howlbot-integration[bot]
closed
1 month ago
1
Approval After Disapproval in `approveUSDPrice` Function
#505
howlbot-integration[bot]
closed
1 month ago
1
PriceFeed can vote for disapproval and approval for the same proposal
#504
howlbot-integration[bot]
closed
1 month ago
1
Price Feed Caller can Approve and Disapprove USD Price At The Same Time
#503
howlbot-integration[bot]
closed
1 month ago
2
It is possible for a Role.PriceFeed to both approve and disapprove the same proposal
#502
howlbot-integration[bot]
closed
1 month ago
2
Price Feeds can disapprove and approve the same proposal
#501
howlbot-integration[bot]
closed
1 month ago
1
Double Approval Vulnerability in Approve and Disapprove Update Mechanism
#500
howlbot-integration[bot]
closed
1 month ago
1
`Pricefeed roles` who disapproved USD price can still approve the same USD price, breaking protocol invariant
#499
howlbot-integration[bot]
closed
1 month ago
1
The `approveUSDPrice()` Function Allows a Price Feed Updater to Approve a Proposal After Disapproving It Without Decreasing `disapprovalsCount`
#498
howlbot-integration[bot]
closed
1 month ago
4
Pricefeed role users should not be allowed to approve prices after disapproving it, this leads to a single role holder filling up both sides of the proposal threshold.
#497
howlbot-integration[bot]
closed
1 month ago
1
A PriceFeed is able to both approve and disapprove usd price
#496
howlbot-integration[bot]
closed
1 month ago
1
Missing disapproval check in `LockManager.sol::approveUSDPrice` allows simultaneous approval and disapproval of a price proposal
#495
howlbot-integration[bot]
opened
1 month ago
8
Protocol allows a voter to vote both `for` & `against` the same proposal which not only goes against natural voting logic and would cause for wrong approvals/disapprovals since the `>= DISAPPROVE_THRESHOLD`& `>= APPROVE_THRESHOLD` checks would use inflated data
#494
howlbot-integration[bot]
closed
1 month ago
1
Missing validation for already disapproved proposal in approveUSDPrice function
#493
howlbot-integration[bot]
closed
1 month ago
1
A Price Feed role can disapprove and approve a price on the same proposal due to a missing check
#492
howlbot-integration[bot]
closed
1 month ago
1
An oracle can still approve an USD price after it has already disapproved the price.
#491
howlbot-integration[bot]
closed
1 month ago
1
Disapproved Proposal can still be approved
#490
howlbot-integration[bot]
closed
1 month ago
1
A User can Approve the proposed Price even though he has disapproved before and no decrement is done for disapprovalCounts.
#489
howlbot-integration[bot]
closed
1 month ago
1
A price feed can disapprove and approve an USD price simultaneously
#488
howlbot-integration[bot]
closed
1 month ago
1
Missing check that proposal was not disapproved in the `approveUSDPrice()` function.
#487
howlbot-integration[bot]
closed
1 month ago
1
Users Can Disapprove and Then Approve Proposals
#486
howlbot-integration[bot]
closed
1 month ago
1
Proposal Approval/Disapproval Inconsistency
#485
howlbot-integration[bot]
closed
1 month ago
1
a proposal can be disapproved and then approved again
#484
howlbot-integration[bot]
closed
1 month ago
1
A PriceFeed role can disapprove and approve USD price at the same time, which should not be possible
#483
howlbot-integration[bot]
closed
1 month ago
1
Disapprovals are not checked when approving price
#482
howlbot-integration[bot]
closed
1 month ago
1
The approve/disapproveUsdPrice can be functioned unexpectedly
#481
howlbot-integration[bot]
closed
1 month ago
1
approveUSDPrice function does not check if a user already disapproved a specific price already, leading to a user casting multiple votes on the same price proposal
#480
howlbot-integration[bot]
closed
1 month ago
1
Anyone Can Disapprove and Then Approve
#479
howlbot-integration[bot]
closed
1 month ago
1
approveUSDPrice function allows authorized caller to call disapproveUSDPrice function then also call approveUSDPrice function
#478
howlbot-integration[bot]
closed
1 month ago
1
approveUSDPrice() only checks for prior approve but not for disapprove
#477
howlbot-integration[bot]
closed
1 month ago
1
PriceFeed role can disapprove and able to approve same proposal
#476
howlbot-integration[bot]
closed
1 month ago
1
A single Role.PriceFeed_X can both disapprove and approve the same proposal
#475
howlbot-integration[bot]
closed
1 month ago
1
Double Voting Issue in USD Price Update Proposal Contract
#474
howlbot-integration[bot]
closed
1 month ago
1
Missing a check
#473
howlbot-integration[bot]
closed
1 month ago
1
A Price Feed address can vote against and in favor of the same proposal at the same time
#472
howlbot-integration[bot]
closed
1 month ago
1
Users with expired locks who haven't withdrawn their tokens will receive the same benefits as if their tokens are locked
#471
howlbot-integration[bot]
closed
1 month ago
5
Users can lock past the maximum locking duration
#470
howlbot-integration[bot]
closed
1 month ago
1
Incorrect state change in `_lock` function allows user to steal tokens.
#469
howlbot-integration[bot]
closed
1 month ago
1
Players ETH token could be locked forever in the contract
#468
howlbot-integration[bot]
closed
1 month ago
3
Use of payable.transfer and inability to specify a recipient will cause tokens to be locked forever if unlocker is a contract or multisig wallet
#467
howlbot-integration[bot]
closed
1 month ago
2
Stalemate Could Happen and No New Proposal Is Able to Be Made
#466
howlbot-integration[bot]
closed
1 month ago
3
Previous
Next