code-423n4 2024-07-basin-validation issues

code-423n4 / 2024-07-basin-validation

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Lack of Input Validation in Stable2.sol

#79 c4-bot-2 closed 3 months ago
1
incorrect check in decoding well data via `decodeWellData` can lead to wrong scaling of reserves and wrong calculations

#78 c4-bot-10 closed 3 months ago
0
Missing `onlyOwner` modifier on `_authorizeUpgrade` allows anyone to change underlying well implementation

#77 c4-bot-8 closed 3 months ago
0
Wrong validation for dividing by zero

#76 c4-bot-6 closed 3 months ago
1
Contract contains payable functions but no withdraw/sweep function

#75 c4-bot-8 closed 3 months ago
1
Wrong code

#74 c4-bot-8 closed 3 months ago
0
Incorrectly assigned `decimal1` parameter upon decoding

#73 c4-bot-4 opened 3 months ago
1
QA Report

#72 c4-bot-6 closed 3 months ago
0
Incorrect Decimal Validation in decodeWellData Function Leading to Inaccurate Calculations and Overflows

#71 c4-bot-1 closed 3 months ago
0
Anyone can upgrade Well's implementation

#70 c4-bot-6 opened 3 months ago
0
Unauthorized Contract Upgrade Vulnerability

#69 c4-bot-4 closed 3 months ago
0
Missing Access Control in `upgradeTo` Function

#68 c4-bot-3 closed 3 months ago
0
QA Report

#67 c4-bot-10 closed 3 months ago
0
Incorrect decimals check in `decodeWellData` function

#66 c4-bot-4 closed 3 months ago
0
`WellUpgradeable` can be upgraded by anyone

#65 c4-bot-6 closed 3 months ago
0
anyone can change the implementation contract due to no access control .

#64 c4-bot-8 closed 3 months ago
0
Flawed Access Control in `notDelegatedOrIsMinimalProxy` Modifier Allows Unauthorized Function Calls

#63 c4-bot-9 closed 3 months ago
0
Incorrect Decimal Usage in `decodeWellData` Function Causes Miscalculation in Scaled Reserves

#62 c4-bot-6 closed 3 months ago
0
Insecure Upgrade Authorization in Minimal Proxy Environments

#61 c4-bot-1 closed 3 months ago
0
QA Report

#60 c4-bot-7 closed 3 months ago
1
Division by Zero Vulnerability in `calcLpTokenSupply` Function

#59 c4-bot-5 closed 3 months ago
1
Gas Optimizations

#58 c4-bot-7 closed 3 months ago
1
Incorrect Conditional Check for Decimals Leading to Incorrect Calculations

#57 c4-bot-6 closed 3 months ago
0
Incorrect Access Control in _authorizeUpgrade

#56 c4-bot-6 closed 3 months ago
0
pd.currentPrice in calcReserveAtRatioSwap() is not updated correctly.

#55 c4-bot-3 closed 3 months ago
0
Unrestricted Contract Upgrade Mechanism in ``WellUpgradeable`` Allows for Arbitrary Implementation Changes and Potential Fund Drainage

#54 c4-bot-7 closed 3 months ago
0
QA Report

#53 c4-bot-6 closed 3 months ago
1
QA Report

#52 c4-bot-1 closed 3 months ago
1
QA Report

#51 c4-bot-9 closed 3 months ago
1
Even though `calcLpTokenSupply()` does not converge, it does not revert.

#50 c4-bot-3 opened 3 months ago
1
Incorrect decimal handling in Newton estimation mechanism of `calcReserveAtRatioSwap` and `calcReserveAtRatioLiquidity` functions of `Stable2` contract

#49 c4-bot-2 opened 3 months ago
0
Incorrect decimal return for token in `Stable2.sol#decodeWellData()` function

#48 c4-bot-6 closed 3 months ago
0
Incorrect condition checking handling in `decodeWellData` function

#47 c4-bot-2 closed 3 months ago
0
Failure to Achieve Convergence in Stable2's Iterative Calculations

#46 c4-bot-9 opened 3 months ago
0
Improper Zero-Value Decimal Handling in the decodeWellData Function

#45 c4-bot-8 closed 3 months ago
0
Stable2LUT1::getRatiosFromPriceLiquidity - In extreme cases, `updateReserve` will start breaking

#44 c4-bot-5 opened 3 months ago
0
`WellUpgradeable#_authorizeUpgrade` should check tokens in the new implementation

#43 c4-bot-8 opened 3 months ago
1
QA Report

#42 c4-bot-5 closed 3 months ago
1
Gas Optimizations

#41 c4-bot-3 closed 3 months ago
1
`calcReserveAtRatioLiquidity` & `calcReserveAtRatioSwap` doesn't normalize result if loop is exited and return 0

#40 c4-bot-8 closed 3 months ago
0
QA Report

#39 c4-bot-1 closed 3 months ago
1
unprotected initializer

#38 c4-bot-5 closed 3 months ago
1
Arbitrary from passed to transferFrom (lor safeTransferFrom)

#37 c4-bot-4 closed 3 months ago
1
Non-compliance with EIP-1822 Standard in `WellUpgradeable` Contract

#36 c4-bot-4 opened 3 months ago
0
Reserve should be greater than 0 on the calcReserve function in the Stable2 contract

#35 c4-bot-3 closed 3 months ago
1
For extreme ratios getRatiosFromPriceSwap will return data for which is impossible to converge into a reserve

#34 c4-bot-3 opened 3 months ago
1
Unchecked External Call on `calcRate` function on `Stable2` contract

#33 c4-bot-8 closed 3 months ago
1
In the ``Stable2`` contract ``calcLpTokenSupply‍‍`` function, there is a potential integer overflow/underflow vulnerability

#32 c4-bot-2 closed 3 months ago
1
High Gas Consumption and Potential Out-of-Gas in calcLpTokenSupply and calcReserve Functions

#31 c4-bot-2 closed 3 months ago
1
Unauthorised Upgrade Vulnerability in upgradeTo Function within WellUpgradeable contract

#30 c4-bot-3 closed 3 months ago
0

Previous Next