4 matches found
Check-Effect-Interact Violations and possible Reentrancy
Lines of code Vulnerability details Impact Some contracts functions make external calls and do not follow the CEI pattern thereby allowing the function to possibly be re-entered. Proof of Concept 1. ArtGobblers.mintFromGoo - , numMintedFromGoo and currentNonLegendaryId state variables updated aft...
Re-entrancy risk to Project in ArtGobblers.gobble()
Lines of code Vulnerability details Impact In ArtGobblers.gobble, the function accepts user controlled input which may create re-entrancy opportunity in the ERC1155.safeTransferFrom and ERC721.transferFrom external calls . Since the nft parameter is user-controlled, any user can create a maliciou...
Potential Re-entrancy Attack via ETH or ERC777 Token Transfer
Lines of code Vulnerability details Impact The CEI pattern is not being implemented properly in the claimRewards function of the ConcurRewardPool.sol. function claimRewardsaddress calldata tokens external override for uint256 i = 0; i tokens.length; i++ uint256 getting = rewardmsg.sendertokensi;...
ConcentratedLiquidityPoolManager: reclaimIncentive() does not decrement rewardsUnclaimed
Handle hickuphh3 Vulnerability details Impact reclaimIncentive withdraws any unclaimed rewards to the incentive owner. While there is a check to prevent re-claiming of rewards requireincentive.rewardsUnclaimed = amount, "ALREADYCLAIMED"; it is ineffective because incentive.rewardsUnclaimed is not...