sherlock-audit 2022-10-nftport-judging issues

sherlock-audit / 2022-10-nftport-judging

1 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

0x52 - Freezing roles in ERC721NFTProduct and ERC1155NFTProduct is moot

#81 sherlock-admin opened 2 years ago
5
bin2chen - registerTemplate() can't handle properly when ITemplate version is 0

#80 sherlock-admin opened 2 years ago
2
bin2chen - call() signature replay attack

#79 sherlock-admin closed 2 years ago
0
__141345__ - Two-step change of privileged roles

#78 sherlock-admin closed 2 years ago
0
0x0 - Admin Cannot Batch Mint (1155)

#77 sherlock-admin closed 2 years ago
1
0x0 - Admin Cannot Mint (1155)

#76 sherlock-admin closed 2 years ago
1
caventa - The latestVersion and latestImplementation values could be wrong

#75 sherlock-admin closed 2 years ago
1
caventa - Unnecessary if and condition can be removed

#74 sherlock-admin closed 2 years ago
0
caventa - MetadataUpdatable flag may not work as expected because the updater can easily skip the require error handling

#73 sherlock-admin closed 2 years ago
1
caventa - Unnecessary boolean checking

#72 sherlock-admin closed 2 years ago
0
caventa - TokenURI should include tokenId

#71 sherlock-admin closed 2 years ago
0
8olidity - Nonces not used in signed data

#70 sherlock-admin closed 2 years ago
0
8olidity - Update freeze price logic error

#69 sherlock-admin closed 2 years ago
1
ElKu - In `ERC721NFTProduct.sol` and `ERC1155NFTProduct.sol` the runtime Config parameters are not checked for validity

#68 sherlock-admin closed 2 years ago
0
Chom - Missing gap cause contracts to not fully upgradable

#67 sherlock-admin closed 2 years ago
0
Chom - Dust funds from buying NFT are not refunded

#66 sherlock-admin closed 2 years ago
1
Sm4rty - No Upper limit or Lower limit for setting new deployment and call fees in factory contract.

#65 sherlock-admin closed 2 years ago
0
ctf_sec - chainId is missing in signature schema in Factory.sol so cross-chain signature reuse / replay is possible

#64 sherlock-admin closed 1 year ago
1
ctf_sec - Nonce is missing the signature schema in Factory.sol so signature can be reused.

#63 sherlock-admin closed 2 years ago
0
ctf_sec - Owner can manipulate the mint price to rug user in NFTCollection.sol

#62 sherlock-admin closed 2 years ago
0
ctf_sec - Owner can reserve a large amount of NFT to make the NFT distribution centralized in NFTCollection.sol

#61 sherlock-admin closed 2 years ago
0
ctf_sec - User can overpay the minting fee / deployee fee / callee fee.

#60 sherlock-admin closed 2 years ago
0
ctf_sec - Owner can set royaltiesBasisPoints more than 10000 (charge more than 100% of the royalty fee) in ERC1155NFTProduct.sol and ERC721NFTProduct.sol

#59 sherlock-admin closed 2 years ago
0
JohnSmith - Signature reuse

#58 sherlock-admin closed 2 years ago
0
JohnSmith - Inconsistent input validation

#57 sherlock-admin closed 2 years ago
0
JohnSmith - Vulnerable to cross-chain replay attacks

#56 sherlock-admin closed 2 years ago
0
JohnSmith - Possible overflow in `royaltyInfo()`

#55 sherlock-admin closed 2 years ago
0
JohnSmith - No Storage Gap for Upgradeable Contracts

#54 sherlock-admin closed 2 years ago
0
Lambda - GranularRoles.transferOwnership can lead to loss of owner

#53 sherlock-admin closed 2 years ago
0
Lambda - Replayable signatures allowing free deploys when they should not be free

#52 sherlock-admin closed 2 years ago
0
ElKu - _validateDeploymentConfig function in NFTCollection.sol doesn't check all conditions

#51 sherlock-admin opened 2 years ago
2
ElKu - Admin Could accidentally transfer his role to zero-address

#50 sherlock-admin closed 2 years ago
0
rvierdiiev - ERC1155NFTProduct and ERC721NFTProduct contracts do not check if deploymentConfig.owner is provided

#49 sherlock-admin closed 1 year ago
3
rvierdiiev - No royalties bps validation in NFTCollection, ERC721NFTProduct and ERC1155NFTProduct

#48 sherlock-admin closed 2 years ago
0
rvierdiiev - `GranularRoles` contract doesn't have gap array for future upgrade variables.

#47 sherlock-admin closed 2 years ago
0
rvierdiiev - Factory uses signature that do not have expiration

#46 sherlock-admin opened 2 years ago
2
rvierdiiev - Factory and NFTCollection doesn't return change to the sender

#45 sherlock-admin closed 2 years ago
0
0x0 - `UPDATE_CONTRACT_ROLE` Unable To Revoke NFT Port Permissions (1155)

#44 sherlock-admin closed 2 years ago
0
0x0 - Admin Contract Configuration Update Inoperable (1155)

#43 sherlock-admin closed 2 years ago
0
0x0 - Batch Admin Transfers Inoperable (1155)

#42 sherlock-admin closed 2 years ago
0
0x0 - Admin Transfers Inoperable (1155)

#41 sherlock-admin closed 2 years ago
0
0x0 - `updateRoles` Requires Administrative Role

#40 sherlock-admin closed 2 years ago
1
0x0 - Admin Role Not Initialised At Deployment

#39 sherlock-admin closed 2 years ago
0
yixxas - Wrong check on `mintingActive()` and `presaleActive()` prevents the mint of tokens in the same block

#38 sherlock-admin closed 2 years ago
1
0xSmartContract - Missing ReEntrancy Guard to `mint` function

#37 sherlock-admin closed 2 years ago
0
obront - Minting times are not checked when RuntimeConfigs are updated

#36 sherlock-admin closed 1 year ago
3
obront - Presale mint remains open indefinitely

#35 sherlock-admin closed 2 years ago
1
obront - Deployer can set royalties to greater than 100%

#34 sherlock-admin closed 2 years ago
0
obront - Missing check for equal length arrays in transferByOwnerBatch and mintByOwnerBatch

#33 sherlock-admin opened 2 years ago
2
obront - Payable deploy functions in Factory keep user funds without forwarding them along

#32 sherlock-admin closed 2 years ago
0

Previous Next