issues
search
sherlock-audit
/
2023-10-looksrare-judging
6
stars
6
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Milad-Sha - Unsafe downcast
#144
sherlock-admin
closed
1 year ago
1
0xpep7 - Gas Consumption Vulnerability in Infiltration's `fulfillRandomWords`
#143
sherlock-admin2
closed
1 year ago
1
0xWSeeC - Order of operations and solidity rounding down affects the correct value
#142
sherlock-admin
closed
1 year ago
0
BoRonGod - `sqrtPriceLimitX96` and `deadline` are not defined in InfiltrationPeriphery.sol
#141
sherlock-admin2
closed
1 year ago
0
detectiveking - Wounded agents are killed without the next phase starting
#140
sherlock-admin
closed
1 year ago
0
SilentDefendersOfDeFi - Prevent Healing of Agents by price manipulation
#139
sherlock-admin2
closed
1 year ago
11
gkrastenov - Missing approve before transferring of WETH to the recipient
#138
sherlock-admin
closed
1 year ago
1
klaus - fulfillRandomWords - may be reverted due to a hardcoded callbackGasLimit
#137
sherlock-admin2
closed
1 year ago
0
ge6a - fulfillRandomWords() could revert under certain circumstances
#136
sherlock-admin
opened
1 year ago
24
syahirAmali - Game Creator might not start the actual game.
#135
sherlock-admin2
closed
1 year ago
1
detectiveking - _woundRequestFulfilled is not actually random
#134
sherlock-admin
closed
1 year ago
0
BoRonGod - Unsafe `minimumRequestConfirmations`
#133
sherlock-admin2
closed
1 year ago
0
gkrastenov - Possible blocking of the game
#132
sherlock-admin
closed
1 year ago
2
syahirAmali - Fairness of Randomness is threatened and possibilities for gaming the jackpot.
#131
sherlock-admin2
closed
1 year ago
0
Kral01 - [H-01] '_swap' can break things while in a loop.
#130
sherlock-admin
closed
1 year ago
12
detectiveking - Frontrunning with startNewRound()
#129
sherlock-admin2
closed
1 year ago
7
gkrastenov - Bypassing MAX_MINT_PER_ADDRESS requirement
#128
sherlock-admin
closed
1 year ago
0
detectiveking - `agents[1].agentId` access in `claimGrandPrize` is potentially incorrect and can lead to loss of grand prize
#127
sherlock-admin2
closed
1 year ago
0
dethera - Permanent DoS - inappropriate struct definition makes every call to UniSwap V3 `SwapRouter` contract's function `exactOutputSingle` to always revert
#126
sherlock-admin
closed
1 year ago
0
0xrobsol - Inefficiency and Potential Gas Overhead Due to Forced ETH Transfer Failures
#125
sherlock-admin2
closed
1 year ago
0
Milad-Sha - Divide before multiply (Logical Bug)
#124
sherlock-admin
closed
1 year ago
0
chainNue - `fulfillRandomWords` it's open for revert while it must not revert at any condition
#123
sherlock-admin2
closed
1 year ago
1
John_Femi - Sync between GameInfo and agents list
#122
sherlock-admin
closed
1 year ago
1
beval - Usage of transferFrom() instead of safeTransferFrom()
#121
sherlock-admin2
closed
1 year ago
0
MaslarovK - Using `transferFrrom()` instead of `safeTransferFrom()`
#120
sherlock-admin
closed
1 year ago
1
beval - Missing validation for agent ownership in heal() function
#119
sherlock-admin2
closed
1 year ago
0
0xWSeeC - Time calculation inconsistency in `emergencyWithdraw` function
#118
sherlock-admin
closed
1 year ago
1
MaslarovK - Re-request for randomness is a security anti-pattern.
#117
sherlock-admin2
closed
1 year ago
0
0xWSeeC - Reentrancy vulnerability in `escapeReward`
#116
sherlock-admin
closed
1 year ago
0
0xWSeeC - Unsafe downcasts will silently overflow
#115
sherlock-admin2
closed
1 year ago
1
cheatc0d3 - Missing zero address check for 'to' address
#114
sherlock-admin
closed
1 year ago
1
JP_Courses - It's possible to start a game with zero funds and zero rewards.
#113
sherlock-admin2
closed
1 year ago
1
0xWSeeC - `MAX_MINT_PER_ADDRESS` invariant can be broke
#112
sherlock-admin
closed
1 year ago
0
dethera - Agent tokens can be minted for free
#111
sherlock-admin2
closed
1 year ago
1
cheatc0d3 - setMintPeriod Function can be more optimized
#110
sherlock-admin
closed
1 year ago
0
cheatc0d3 - setMintPeriod Function can be more optimized
#109
sherlock-admin2
closed
1 year ago
1
shtesesamoubiq - The agent with index 1 has greater chance to be wounded, because of the calculation
#108
sherlock-admin
closed
1 year ago
1
p-tsanev - Infiltration.sol#fulfillRandomWords() - possible out-of-gas error during the callback method, DoS of the entire contract
#107
sherlock-admin2
closed
1 year ago
7
lil.eth - Front-running heal function
#106
sherlock-admin
closed
1 year ago
0
shtesesamoubiq - In setMintPeriod there is no check if the game has began, and can change the end mint period
#105
sherlock-admin2
closed
1 year ago
0
lil.eth - If a winner (primary or secondary) forgets to claim it's reward, money will be stuck undefinitely
#104
sherlock-admin
closed
1 year ago
3
Zims - The input agentIds is never checked
#103
sherlock-admin2
closed
1 year ago
1
MaslarovK - Funds may remain locked forever in InfiltrationPeriphery contract.
#102
sherlock-admin
closed
1 year ago
0
lil.eth - Game is not fair if less round passed than 2 and agents pass under the threshold of 50 users
#101
sherlock-admin2
closed
1 year ago
0
bareli - Didnot check ROUNDS_TO_BE_WOUNDED_BEFORE_DEAD_MINUS_ONE.
#100
sherlock-admin
closed
1 year ago
0
0xReiAyanami - Attacker can prevent users from healing with eth
#99
sherlock-admin2
closed
1 year ago
0
SilentDefendersOfDeFi - Attacker can steal reward of actual winner by force ending the game
#98
sherlock-admin
opened
1 year ago
2
phenom - Using block.timestamp as the deadline/expiry invites MEV
#97
sherlock-admin2
closed
1 year ago
1
0xReiAyanami - attacker can win the game without being last active agent
#96
sherlock-admin
closed
1 year ago
0
bareli - Bad implementation
#95
sherlock-admin2
closed
1 year ago
0
Next