Skip to content

Issues: code-423n4/2021-12-defiprotocol-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

89 Open 88 Closed
89 Open 88 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Use of deprecated safeApprove() function 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#177 opened Dec 11, 2021 by code423n4
2
Reentrancy vulnerability in Basket contract's initialize() method. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#176 opened Dec 10, 2021 by code423n4
1
Basket:handleFees(): fees are overcharged 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#170 opened Dec 10, 2021 by code423n4
4
Auction:bondBurn(): cache bondAmount bug Something isn't working G (Gas Optimization)
#167 opened Dec 10, 2021 by code423n4
Auction:bondForRebalance() store calculation of bondAmount in local variable bug Something isn't working G (Gas Optimization)
#166 opened Dec 10, 2021 by code423n4
Check for tokenAmount > 0 is missing in pushUnderlying function [basket.sol] bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#165 opened Dec 10, 2021 by code423n4
2
Auction:settleAuction() cache address(basket) bug Something isn't working G (Gas Optimization)
#164 opened Dec 10, 2021 by code423n4
Function changePublisher, changeLicenseFee, and setNewMaxSupply can be refactored for efficiency and clarity bug Something isn't working G (Gas Optimization)
#162 opened Dec 10, 2021 by code423n4
Function handleFees #L148-L151 and updateIBRatio (Basket.sol) can be refactored for efficiency and clarity bug Something isn't working G (Gas Optimization)
#161 opened Dec 10, 2021 by code423n4
Open TODOs 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working
#157 opened Dec 10, 2021 by code423n4
Missing cap on LicenseFee 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#154 opened Dec 10, 2021 by code423n4
2
Fee calculation is slightly off 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#152 opened Dec 10, 2021 by code423n4
2
Factory can block auctions 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#150 opened Dec 10, 2021 by code423n4
1
Division with BASE twice can be optimized bug Something isn't working G (Gas Optimization)
#147 opened Dec 10, 2021 by code423n4
maxSupply can be exceeded 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#146 opened Dec 10, 2021 by code423n4
2
Change in auctionMultiplier/auctionDecrement change profitability of auctions and factory can steal all tokens from a basket abusing it 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#145 opened Dec 10, 2021 by code423n4
3
Basket.sol#auctionBurn calculates ibRatio wrong 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#144 opened Dec 10, 2021 by code423n4
1
mintTo has not an extra require statement bug Something isn't working G (Gas Optimization)
#142 opened Dec 10, 2021 by code423n4
1
Loops can be implemented more efficiently bug Something isn't working G (Gas Optimization)
#140 opened Dec 10, 2021 by code423n4
For uint > 0 can be replaced with != 0 for gas optimization bug Something isn't working G (Gas Optimization)
#139 opened Dec 10, 2021 by code423n4
Use negate(!) rather than == false bug Something isn't working G (Gas Optimization)
#138 opened Dec 10, 2021 by code423n4
Extra payments for an auction gets stucks 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#137 opened Dec 10, 2021 by code423n4
2
TODO comments should be resolved 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working
#135 opened Dec 10, 2021 by code423n4
2
BasketLicenseProposed better emit proposal id 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#134 opened Dec 10, 2021 by code423n4
2
Gas Optimization: Use calldata instead of memory bug Something isn't working G (Gas Optimization)
#130 opened Dec 10, 2021 by code423n4
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.