3 matches found
createBasket re-entrancy
Handle pauliax Vulnerability details Impact function createBasket in Factory should also be nonReentrant as it interacts with various tokens inside the loop and these tokens may contain callback hooks. Recommended Mitigation Steps Add nonReentrant modifier to the declaration of createBasket. ---...
Fee on transfer tokens can lead to incorrect approval
Handle hrkrshnn Vulnerability details Fee on transfer tokens can lead to incorrect approval The createBasket function does not account for tokens with fee on transfer. function createBasketuint256 idNumber external override returns IBasket // ... for uint256 i = 0; i bProposal.weights.length; i++...
Front running basket Creation
Handle goatbug Vulnerability details Impact Anyone can front run and create your basket, circumventing paying any initial fees. Proof of Concept Once proposeBasketLicense is called, anyone can subsequently call createBasket using that ID. Factory contract By calling it first you will avoid paying...