issues
search
code-423n4
/
2024-05-munchables-findings
3
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Potential Loss of Funds in _lock Function
#415
howlbot-integration[bot]
closed
5 months ago
0
Incompatibility with Rebased Tokens Leads to Balance Discrepancies
#414
howlbot-integration[bot]
closed
5 months ago
0
Non-standard ERC20 tokens not properly accounted for
#413
howlbot-integration[bot]
closed
5 months ago
0
Rebase Tokens Not Supported
#412
howlbot-integration[bot]
closed
5 months ago
0
A user cant withdraw the remainder
#411
howlbot-integration[bot]
closed
5 months ago
0
Default `miniLockDuration` always Used for Locking on Behalf of Others
#410
howlbot-integration[bot]
closed
5 months ago
2
`LockManager.approveUSDPrice` and `LockManager.disapproveUSDPrice` are vulnerable to reorg attack
#409
howlbot-integration[bot]
closed
5 months ago
0
Current USD update proposal cannot be read by the price feeds leading to no way to know the current proposal's price as there is no getter function for it as well
#408
howlbot-integration[bot]
closed
5 months ago
0
Unsafe downcasting of _duration leads to precision loss
#407
howlbot-integration[bot]
closed
5 months ago
0
LockManager does not handle Fee on Transfer tokens properly
#406
howlbot-integration[bot]
closed
5 months ago
0
Contract does not account for fee on transfer tokens
#405
howlbot-integration[bot]
closed
5 months ago
0
The entire locking/unlocking functionality can be DOS'ed.
#404
howlbot-integration[bot]
closed
5 months ago
0
Tokens with more than 18 decimal points will cause issues
#403
howlbot-integration[bot]
closed
5 months ago
2
Incorrect decimals configuration can lead to breaking external functionality
#402
howlbot-integration[bot]
closed
5 months ago
0
Number of NFTs can overflow
#401
howlbot-integration[bot]
closed
5 months ago
0
PriceFeed will report stale prices
#400
howlbot-integration[bot]
closed
5 months ago
0
`LockManager::_lock` allows for multiple locks without reducing the token amount, enabling you to accumulate more tokens than your original holdings.
#399
howlbot-integration[bot]
closed
5 months ago
0
Read-Only Re-entrancy in the getLocked function
#398
howlbot-integration[bot]
closed
5 months ago
0
Read-Only-Re-entrancy if read in other functions starting from getPlayerSettings
#397
howlbot-integration[bot]
closed
5 months ago
0
Non-Unique `_usdProposalId` Values May Cause Incorrect Approval Tracking and Potential Security Vulnerabilities
#396
howlbot-integration[bot]
closed
5 months ago
0
`LockManager.approveUSDPrice` and `LockManager.disapproveUSDPrice's` check is not correct
#395
howlbot-integration[bot]
closed
5 months ago
0
Failure to Reset `_usdProposalId` Causes Approval Issues for New Proposals
#394
howlbot-integration[bot]
closed
5 months ago
0
usdPriceProposal can be deleted without approval when approveUSDPrice is called and also without approveUSDPrice reverting
#393
howlbot-integration[bot]
closed
5 months ago
0
[M-01] Lockdrop can be configured in a way to DoS the locking mechanism
#392
howlbot-integration[bot]
closed
5 months ago
0
Missing validation for lockDrop start date - it can be set to the past
#391
howlbot-integration[bot]
closed
5 months ago
0
There should be a limit on "setUSDThresholds" in LockManager
#390
howlbot-integration[bot]
closed
5 months ago
0
Users will lose their remainder
#389
howlbot-integration[bot]
closed
5 months ago
0
_lock function should check the validation of _tokenContract.
#388
howlbot-integration[bot]
closed
5 months ago
0
Lack of _quantity Check in lock and lockOnBehalf Functions.
#387
howlbot-integration[bot]
closed
5 months ago
0
The way you update the price of a token is wrong, because you don't use the price directly from an Oracle.
#386
howlbot-integration[bot]
closed
5 months ago
0
Users will get less `_lockedWeightedValue` due to precision loss in `getLockedWeightedValue()`.
#385
howlbot-integration[bot]
closed
5 months ago
0
Inconsistent Token Value Handling in `_lock` Function
#384
howlbot-integration[bot]
closed
5 months ago
0
When _tokenContract is not zero address, there is no check if msg.value matches quantity, msg.value is 0, or allowance is less than quantity
#383
howlbot-integration[bot]
closed
5 months ago
0
The lock() function will always revert if minLockDuration is bigger than the MaxLockDuration
#382
howlbot-integration[bot]
closed
5 months ago
0
Users can't lock assets because of overflow, so protocol gets insolvency for a while
#381
howlbot-integration[bot]
closed
5 months ago
0
Locking ETH/ERC20 tokens on behalf of unprepared contracts results in loss of funds
#380
howlbot-integration[bot]
closed
5 months ago
0
A price feed can approve and disapprove the same usd proposal
#379
howlbot-integration[bot]
closed
5 months ago
0
ERC20 tokens can have more than 18 decimals in getLockedWeightedValue.
#378
howlbot-integration[bot]
closed
5 months ago
0
wrong "approvalsCount" in LockManager
#377
howlbot-integration[bot]
closed
5 months ago
0
There is no function to allowing users to unlock their remaining tokens(remainder). The unlock function does not allow users to withdraw their remaining tokens.
#376
howlbot-integration[bot]
closed
5 months ago
0
Token configure can accept tokens with more or less than 18 decimals
#375
howlbot-integration[bot]
closed
5 months ago
0
Inaccurate NFT Calculations Due to Token Decimal Mismatches
#374
howlbot-integration[bot]
closed
5 months ago
0
The less decimals a token has the more reward a user gets
#373
howlbot-integration[bot]
closed
5 months ago
0
` getLockedWeightedValue` breaks if tokens have more than 18 decimals or fewer than 6 decimals
#372
howlbot-integration[bot]
closed
5 months ago
0
Incorrect Calculation of `deltaDecimal` Variable in `getLockedWeightedValue` Function Causes Inaccurate Weighted Values for Tokens with More Than 18 Decimal Places
#371
howlbot-integration[bot]
closed
5 months ago
0
Risk of Inaccurate Locked Weighted Value Due to Unsupported Decimals
#370
howlbot-integration[bot]
closed
5 months ago
1
Protocol doesn't follow documentation. While docs states it supports low decimal tokens - protocol will return incorrect result for low decimal tokens
#369
howlbot-integration[bot]
closed
5 months ago
0
Protocol is not compatible with tokens more than 18 decimals
#368
howlbot-integration[bot]
closed
5 months ago
0
Wrong handling of rebasing tokens (USDB)
#367
howlbot-integration[bot]
closed
5 months ago
0
Rebasing token USDB is not being handled properly
#366
howlbot-integration[bot]
closed
5 months ago
0
Previous
Next