sherlock-audit 2024-03-zap-protocol-judging issues

sherlock-audit / 2024-03-zap-protocol-judging

3 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

merlin - There is no receive or payable function in Vesting.sol

#147 sherlock-admin3 closed 7 months ago
0
Varun_05 - claim function is vulnerable to reentrancy attack

#146 sherlock-admin2 closed 7 months ago
0
denzi_ - No deadline protection in `Vesting.sol::updateVestingPoints()` can cause Loss/Increase in `pctAmount` for users through `Vesting.sol::claim()`

#145 sherlock-admin4 closed 7 months ago
7
Silvermist - TokenSale.sol#claim Incorrect check allows blacklisted users to claim

#144 sherlock-admin3 closed 7 months ago
0
AMOW - Bricked functionality due to deprecated method

#143 sherlock-admin2 closed 7 months ago
0
AMOW - There is no way to remove a user from the blacklist

#142 sherlock-admin4 closed 7 months ago
0
Silvermist - Vesting.sol#claim() Reentrancy allows a malisious user to drain the contract

#141 sherlock-admin3 closed 7 months ago
0
AMOW - Blacklisted users can still call `claim`

#140 sherlock-admin2 closed 7 months ago
0
AMOW - updateVestingPoints can disturb token distribution

#139 sherlock-admin4 closed 7 months ago
9
AMOW - `Vesting.sol` can be drained due to reentrancy

#138 sherlock-admin3 closed 7 months ago
0
AMOW - `Vesting.sol` not compatible with nativeETH

#137 sherlock-admin2 closed 7 months ago
0
AMOW - Overwriting amount in `updateDepositBalance`

#136 sherlock-admin4 closed 7 months ago
6
HonorLt - Native token vesting is not supported

#135 sherlock-admin3 closed 7 months ago
0
nilay27 - `claim` in `Vesting.sol` is vulnerable to reentrancy

#134 sherlock-admin2 closed 7 months ago
0
denzi_ - `Vesting.sol::claim()` does not follow CEI making the function susceptible to Reentrancy Attacks.

#133 sherlock-admin4 closed 7 months ago
0
HonorLt - Vesting claim re-entrancy

#132 sherlock-admin3 closed 7 months ago
0
ZdravkoHr. - Investors can claim back all the tax they have paid

#131 sherlock-admin2 closed 7 months ago
11
HonorLt - Unprotected destroy of IDO

#130 sherlock-admin4 closed 7 months ago
0
cryptonoob - No Sum Invariant check in Vesting::initialize could allow to lock user's tokens

#129 sherlock-admin3 closed 7 months ago
0
cryptonoob - Lack of check on _globalTaxRate in TokenSale::initialize and TokenSale::setAllocationAndTax results in excesive fees

#128 sherlock-admin2 closed 7 months ago
0
psb01 - Attacker can drain ETH from vesting contract

#127 sherlock-admin4 closed 7 months ago
0
cryptonoob - Decimals could be up to 77 on SimpleERC20::constructor

#126 sherlock-admin3 closed 7 months ago
0
cryptonoob - Admin::addToBlackList doesnt provide a method to unblacklist user

#125 sherlock-admin2 closed 7 months ago
0
cryptonoob - Lack of check on maxAllocation in TokenSale::initialize mades users unable to buy tokens

#124 sherlock-admin4 closed 7 months ago
0
Silvermist - Admin.sol#destroyInstance Missing access control

#123 sherlock-admin3 closed 7 months ago
0
cryptonoob - Admin::createPool function mades unable to createPool as it reverts everytime

#122 sherlock-admin2 closed 7 months ago
0
denzi_ - Insufficient Validation on user inputs for `Admin.sol::createPoolNew` in `zap-launches-contracts` can lead to instances susceptible to DoS

#121 sherlock-admin4 closed 7 months ago
20
404666 - Reentrancy can drain the Vesting contract

#120 sherlock-admin3 closed 7 months ago
0
0xkeesmark - [H-1] Call Send is a Potential Reentrancy Attack Risk

#119 sherlock-admin2 closed 7 months ago
2
denzi_ - Any user can call `Admin.sol::destroyInstance()` and destroy a Token Sale Instance.

#118 sherlock-admin4 closed 7 months ago
26
xiao - Initialization functions can be front-run

#117 sherlock-admin3 closed 7 months ago
0
0xkeesmark - [M-1]No Protection of Uninitialized Implementation Contracts From Attacker

#116 sherlock-admin2 closed 7 months ago
0
offside0011 - no limit of vestingPoints will lead to DoS

#115 sherlock-admin4 closed 7 months ago
0
offside0011 - The attacker can initialize the implementation contract and destroy the contract which leads to DoS

#114 sherlock-admin3 closed 7 months ago
0
offside0011 - destroyInstance does not limit admin or operator

#113 sherlock-admin2 closed 7 months ago
0
zraxx - Hardcoded taxFreeAllcOfUser cannot be adjusted.

#112 sherlock-admin4 closed 7 months ago
0
kgothatso - make function payable

#111 sherlock-admin3 closed 7 months ago
0
psb01 - Anyone can destroy TokenSale's incoming instance

#110 sherlock-admin2 closed 7 months ago
0
0xR360 - Vesting.sol allows unlimited claims due to reentrancy

#109 sherlock-admin4 closed 7 months ago
0
ydlee - `updateUserDeposit` does not support Blast chain's native token.

#108 sherlock-admin3 closed 7 months ago
0
ydlee - `updateUserDeposit` may overwrite user's existing deposit.

#107 sherlock-admin2 closed 7 months ago
0
ydlee - The sum of vesting points is not guaranteed to be equal to 1000 in `Vesting.initialize`.

#106 sherlock-admin4 closed 7 months ago
2
matejdb - Contract writer left hardhat console in production contracts

#105 sherlock-admin3 closed 7 months ago
0
aman - All the funds are at risk due to reentrancy attack

#104 sherlock-admin2 closed 7 months ago
0
aman - The `Vesting::removeOtherERC20Tokens` does not check for `distributionToken` removal.

#103 sherlock-admin4 closed 7 months ago
2
0x4non - Missing `payable fallback` or `receive` method to Vesting Contract

#102 sherlock-admin3 closed 7 months ago
0
0x4non - `removeOtherERC20Tokens` and `takeLockedBNB` methods allow withdrawal of Vesting tokens

#101 sherlock-admin2 closed 7 months ago
0
0x4non - Reentrancy vulnerability in Vesting contract on `claim`

#100 sherlock-admin4 closed 7 months ago
0
ZanyBonzy - Lack of access control on the `destroyInstance` function can lead to unauthorized destruction of tokenSale contracts.

#99 sherlock-admin3 closed 7 months ago
0
BengalCatBalu - Potential Reentrancy attack on Vesting.sol

#98 sherlock-admin2 closed 7 months ago
0

Previous Next