sherlock-audit 2023-10-looksrare-judging issues

sherlock-audit / 2023-10-looksrare-judging

6 stars 6 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Milad-Sha - Unsafe downcast

#144 sherlock-admin closed 1 year ago
1
0xpep7 - Gas Consumption Vulnerability in Infiltration's `fulfillRandomWords`

#143 sherlock-admin2 closed 1 year ago
1
0xWSeeC - Order of operations and solidity rounding down affects the correct value

#142 sherlock-admin closed 1 year ago
0
BoRonGod - `sqrtPriceLimitX96` and `deadline` are not defined in InfiltrationPeriphery.sol

#141 sherlock-admin2 closed 1 year ago
0
detectiveking - Wounded agents are killed without the next phase starting

#140 sherlock-admin closed 1 year ago
0
SilentDefendersOfDeFi - Prevent Healing of Agents by price manipulation

#139 sherlock-admin2 closed 12 months ago
11
gkrastenov - Missing approve before transferring of WETH to the recipient

#138 sherlock-admin closed 1 year ago
1
klaus - fulfillRandomWords - may be reverted due to a hardcoded callbackGasLimit

#137 sherlock-admin2 closed 1 year ago
0
ge6a - fulfillRandomWords() could revert under certain circumstances

#136 sherlock-admin opened 1 year ago
24
syahirAmali - Game Creator might not start the actual game.

#135 sherlock-admin2 closed 1 year ago
1
detectiveking - _woundRequestFulfilled is not actually random

#134 sherlock-admin closed 1 year ago
0
BoRonGod - Unsafe `minimumRequestConfirmations`

#133 sherlock-admin2 closed 1 year ago
0
gkrastenov - Possible blocking of the game

#132 sherlock-admin closed 1 year ago
2
syahirAmali - Fairness of Randomness is threatened and possibilities for gaming the jackpot.

#131 sherlock-admin2 closed 1 year ago
0
Kral01 - [H-01] '_swap' can break things while in a loop.

#130 sherlock-admin closed 12 months ago
12
detectiveking - Frontrunning with startNewRound()

#129 sherlock-admin2 closed 1 year ago
7
gkrastenov - Bypassing MAX_MINT_PER_ADDRESS requirement

#128 sherlock-admin closed 1 year ago
0
detectiveking - `agents[1].agentId` access in `claimGrandPrize` is potentially incorrect and can lead to loss of grand prize

#127 sherlock-admin2 closed 1 year ago
0
dethera - Permanent DoS - inappropriate struct definition makes every call to UniSwap V3 `SwapRouter` contract's function `exactOutputSingle` to always revert

#126 sherlock-admin closed 1 year ago
0
0xrobsol - Inefficiency and Potential Gas Overhead Due to Forced ETH Transfer Failures

#125 sherlock-admin2 closed 1 year ago
0
Milad-Sha - Divide before multiply (Logical Bug)

#124 sherlock-admin closed 1 year ago
0
chainNue - `fulfillRandomWords` it's open for revert while it must not revert at any condition

#123 sherlock-admin2 closed 1 year ago
1
John_Femi - Sync between GameInfo and agents list

#122 sherlock-admin closed 1 year ago
1
beval - Usage of transferFrom() instead of safeTransferFrom()

#121 sherlock-admin2 closed 1 year ago
0
MaslarovK - Using `transferFrrom()` instead of `safeTransferFrom()`

#120 sherlock-admin closed 1 year ago
1
beval - Missing validation for agent ownership in heal() function

#119 sherlock-admin2 closed 1 year ago
0
0xWSeeC - Time calculation inconsistency in `emergencyWithdraw` function

#118 sherlock-admin closed 1 year ago
1
MaslarovK - Re-request for randomness is a security anti-pattern.

#117 sherlock-admin2 closed 1 year ago
0
0xWSeeC - Reentrancy vulnerability in `escapeReward`

#116 sherlock-admin closed 1 year ago
0
0xWSeeC - Unsafe downcasts will silently overflow

#115 sherlock-admin2 closed 1 year ago
1
cheatc0d3 - Missing zero address check for 'to' address

#114 sherlock-admin closed 1 year ago
1
JP_Courses - It's possible to start a game with zero funds and zero rewards.

#113 sherlock-admin2 closed 1 year ago
1
0xWSeeC - `MAX_MINT_PER_ADDRESS` invariant can be broke

#112 sherlock-admin closed 1 year ago
0
dethera - Agent tokens can be minted for free

#111 sherlock-admin2 closed 1 year ago
1
cheatc0d3 - setMintPeriod Function can be more optimized

#110 sherlock-admin closed 1 year ago
0
cheatc0d3 - setMintPeriod Function can be more optimized

#109 sherlock-admin2 closed 1 year ago
1
shtesesamoubiq - The agent with index 1 has greater chance to be wounded, because of the calculation

#108 sherlock-admin closed 1 year ago
1
p-tsanev - Infiltration.sol#fulfillRandomWords() - possible out-of-gas error during the callback method, DoS of the entire contract

#107 sherlock-admin2 closed 1 year ago
7
lil.eth - Front-running heal function

#106 sherlock-admin closed 1 year ago
0
shtesesamoubiq - In setMintPeriod there is no check if the game has began, and can change the end mint period

#105 sherlock-admin2 closed 1 year ago
0
lil.eth - If a winner (primary or secondary) forgets to claim it's reward, money will be stuck undefinitely

#104 sherlock-admin closed 1 year ago
3
Zims - The input agentIds is never checked

#103 sherlock-admin2 closed 1 year ago
1
MaslarovK - Funds may remain locked forever in InfiltrationPeriphery contract.

#102 sherlock-admin closed 1 year ago
0
lil.eth - Game is not fair if less round passed than 2 and agents pass under the threshold of 50 users

#101 sherlock-admin2 closed 1 year ago
0
bareli - Didnot check ROUNDS_TO_BE_WOUNDED_BEFORE_DEAD_MINUS_ONE.

#100 sherlock-admin closed 1 year ago
0
0xReiAyanami - Attacker can prevent users from healing with eth

#99 sherlock-admin2 closed 1 year ago
0
SilentDefendersOfDeFi - Attacker can steal reward of actual winner by force ending the game

#98 sherlock-admin opened 1 year ago
2
phenom - Using block.timestamp as the deadline/expiry invites MEV

#97 sherlock-admin2 closed 1 year ago
1
0xReiAyanami - attacker can win the game without being last active agent

#96 sherlock-admin closed 1 year ago
0
bareli - Bad implementation

#95 sherlock-admin2 closed 1 year ago
0