4 matches found
MED - NFTs become no longer holographable once new factory is connected.
Lines of code Vulnerability details Description The basic premise of the Holograph platform is that NFTs / ERC20s are holographable, in other words they will have the same address across all ERC20 compatible blockchains. This invariant is used countless times in the code base. For example, when...
Arbitrary transfers following approvals can lead to loss of funds/NFTS
Lines of code Vulnerability details Impact These three transfer functions allow an attacker to supply an arbitrary from and to to transfer ERC20s, ERC721s, and ERC1155s. The moment that a user sets approval for the contract to spend their tokens, an attacker can front-run the next call and steal...
Create a short call order with non empty floor makes the option impossible to exercise and withdraw
Lines of code Vulnerability details Impact HIGH - assets can be lost If a short call order is created with non empty floorTokens array, the taker cannot exercise. Also, the maker cannot withdraw after the expiration. The maker will still get premium when the order is filled. If the non empty...
exitZcTokenFillingZcTokenInitiate in Swivel.sol, token transfer may fail without function reverting
Handle GalloDaSballo Vulnerability details Impact exitZcTokenFillingZcTokenInitiate in Swivel.sol uses transferFrom this function can failmeaning tokens are not transferred,without causing a revert. This can break the accounting of the protocol The reason why this can happen is that certain ERC20...