issues
search
sherlock-audit
/
2022-10-nftport-judging
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
keccak123 - Operator can change own role bypassing require
#131
sherlock-admin
closed
1 year ago
4
keccak123 - Deployment fee is never paid
#130
sherlock-admin
closed
1 year ago
1
Sm4rty - No Upper limit or Lower limit for setting new deployment and call fees in factory contract.
#129
sherlock-admin
closed
1 year ago
0
Chom - NFT minting both public and presale doesn't have ending time check
#128
sherlock-admin
closed
1 year ago
0
minhquanym - User can use the same signature to deploy and call on different chain
#127
sherlock-admin
closed
1 year ago
0
Chom - Public sales may be attacked by bots if the price is zero
#126
sherlock-admin
closed
1 year ago
1
0xheynacho - <ARRAY>.LENGTH SHOULD NOT BE LOOKED UP IN EVERY LOOP OF A FOR-LOOP and Increments can be unchecked for Gas Optimizations
#125
sherlock-admin
closed
1 year ago
0
minhquanym - User can deploy and call multiple times with the same signature
#124
sherlock-admin
closed
1 year ago
0
0xheynacho - ABI.ENCODEPACKED() SHOULD NOT BE USED WITH DYNAMIC TYPES WHEN PASSING THE RESULT TO A HASH FUNCTION SUCH AS KECCAK256() Use abi.encode() instead which will pad items to 32 bytes, which will prevent hash collisions
#123
sherlock-admin
closed
1 year ago
0
cryptphi - Improper implementation of IERC2981 in ERC2981.sol
#122
sherlock-admin
closed
1 year ago
0
ak1 - Lack of validation check for runtimeConfig durnng initialization in ERC721NFTProduct and ERC1155NFTProduct contracts.
#121
sherlock-admin
closed
1 year ago
0
Chom - Presale minting may not be able to mint the amount that they should be
#120
sherlock-admin
closed
1 year ago
0
Chom - Presale minting can't have a different whitelisted amount for different people
#119
sherlock-admin
closed
1 year ago
1
keccak123 - `abi.encodePacked` Allows Hash Collision
#118
sherlock-admin
opened
1 year ago
3
cryptphi - Malicious Operator can revoke Operator for all other known operators
#117
sherlock-admin
closed
1 year ago
0
ak1 - NFTCollection.sol : Absence of validation check for ownership during the transfer ownership
#116
sherlock-admin
closed
1 year ago
0
ak1 - NFTCollection.sol : Lack of validation for runtime configuration when initialize is dangerous.
#115
sherlock-admin
closed
1 year ago
0
sorrynotsorry - Compromised admin address
#114
sherlock-admin
closed
1 year ago
0
Dravee - `UPDATE_CONTRACT_ROLE` users can't call `update()`. They need to be admins too.
#113
sherlock-admin
closed
1 year ago
0
cryptphi - Possible token Total Supply mismatch in ERC1155NFTProduct
#112
sherlock-admin
closed
1 year ago
3
sorrynotsorry - No fee validation
#111
sherlock-admin
closed
1 year ago
1
cryptphi - Re-entrancy issue in ERC1155NFTProduct contract's mintByOwner function
#110
sherlock-admin
closed
1 year ago
4
0xNazgul - [NAZ-M4] User's May Accidentally Overpay
#109
sherlock-admin
closed
1 year ago
0
0xNazgul - [NAZ-M3] Value Range Validity for Fee Setters
#108
sherlock-admin
closed
1 year ago
0
0xNazgul - `MINTER_ROLE` Can Be Granted By The Deployer and Mint Arbitrary Amount of Tokens
#107
sherlock-admin
closed
1 year ago
1
ak1 - Factory.sol : Issue with arbitrary data as signature in signature based call and deploy methods.
#106
sherlock-admin
opened
1 year ago
2
sorrynotsorry - Eth sent more than the required fees will remain in contract.
#105
sherlock-admin
closed
1 year ago
0
Dravee - No validation for royalties in `ERC721NFTProduct` and `ERC1155NFTProduct`
#104
sherlock-admin
closed
1 year ago
0
0xNazgul - [NAZ-M2] `ADMIN_ROLE` Can Be Granted By The Deployer and Can Lose Collected Fees
#103
sherlock-admin
closed
1 year ago
0
Dravee - `NFTCollection.sol`: Initial Royalties can be over 100%
#102
sherlock-admin
closed
1 year ago
0
cryptphi - Re-entrancy issue in ERC721NFTProduct mintToCaller function
#101
sherlock-admin
closed
1 year ago
4
Dravee - Admin can DOS with fees
#100
sherlock-admin
closed
1 year ago
0
cryptphi - Frontrunning and Access Control Issue on initialize() functions
#99
sherlock-admin
closed
1 year ago
0
cccz - NFTCollection: No limit on royaltiesBps
#98
sherlock-admin
closed
1 year ago
0
Dravee - Setting the wrong Solidity deployment version could introduce vulnerabilities
#97
sherlock-admin
closed
1 year ago
3
0x0 - `UPDATE_CONTRACT_ROLE` Unable To Revoke NFT Port Permissions (721)
#96
sherlock-admin
closed
1 year ago
0
cccz - The supply of NFT for each tokenID in ERC1155NFTProduct cannot be modified after the first minting
#95
sherlock-admin
opened
1 year ago
1
0x0 - Admin Cannot Burn Tokens Owned By `_owner` (721)
#94
sherlock-admin
closed
1 year ago
0
0x0 - Admin Cannot Call `transferByOwner` (721)
#93
sherlock-admin
closed
1 year ago
0
cccz - The upgradeable abstract contract(GranularRoles.sol) should add storage gaps
#92
sherlock-admin
closed
1 year ago
0
0x0 - Admin Cannot Update Token URI (721)
#91
sherlock-admin
closed
1 year ago
1
cccz - Burned NFTs can be reminted
#90
sherlock-admin
closed
1 year ago
1
cccz - Excess ETH not refunded
#89
sherlock-admin
closed
1 year ago
1
GimelSec - `ERC1155NFTProduct` does not support full functionality of `ERC1155`
#88
sherlock-admin
closed
1 year ago
1
GimelSec - `NFTCollection` inherits non-upgradeable contracts
#87
sherlock-admin
closed
1 year ago
7
GimelSec - Corruptible upgrade patterns in `ERC721NFTProduct.sol` and `ERC1155NFTProduct.sol`
#86
sherlock-admin
closed
1 year ago
1
GimelSec - Attackers can bypass `tokensPerMint` and mint lots of tokens in a transaction
#85
sherlock-admin
opened
1 year ago
3
GimelSec - `Factory.sol` lacks methods to revoke signatures
#84
sherlock-admin
closed
1 year ago
1
GimelSec - Template implementations doesn't validate configurations properly
#83
sherlock-admin
opened
1 year ago
2
GimelSec - Should prevent users from sending more fees than required in `Factory.sol`
#82
sherlock-admin
closed
1 year ago
0
Next