LPDA.sol and FixedPrice.sol will lock the funds forever

Lines of code Vulnerability details Impact Possibility of IDs collision The ether will be locked on FixedPrice or LPDA Proof of Concept On the same Escher721 Let’s say the first collection start from id = 0 and end on id = 10 So the next collection of the same Escher721 We can say the next part o...

quoteToken could be fee-on-transfer token

Lines of code Vulnerability details Impact Some ERC20 tokens could have fees for each transfer, they are known as "fee-on-transfer" tokens. While there is a check inside createAuction function that prevents these tokens from being baseToken, FoT tokens still allowed to be quoteToken which could...

Lack of input array length check in UNSAFE_swapExactTokensForTokens() could lock user's funds

Lines of code Vulnerability details Impact In case the amounts and routes array do not match in length by mistake: the swap might fail the swap could stop early during the swap path user funds could be locked forever in some situations Proof of Concept src/Swap/BaseV1-periphery.sol function...

Owner of project NFT has no purpose

Lines of code Vulnerability details Owner of project NFT has no purpose Impact Creating a new project mints a NFT to the sender builder. The builder of a project has special permissions and is required to perform various tasks. However, if the minted NFT is transferred to a different address, the...