Lucene search
K

12 matches found

Packet Storm News
Packet Storm News
added 2025/05/19 12:0 a.m.5 views

DeFeed: Secure Decentralized Cross-Contract Data Feed in Web 3.0 for Connected Autonomous Vehicles

Smart contracts have been a topic of interest in blockchain research and are a key enabling technology for Connected Autonomous Vehicles CAVs in the era of Web 3.0. These contracts enable trustless interactions without the need for intermediaries, as they operate based on predefined rules encoded...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/12/20 12:0 a.m.12 views

Some tokens may revert when zero value transfers are made

Lines of code 356, 371, 145, 272, 252, 116, 445, 374, 506, 488https://github.com/Tapioca-DAO/tap-token-audit/blob/59749be5bc2286f0bdbf59d7ddc258ddafd49a9f/contracts/options/TapiocaOptionBroker...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/29 12:0 a.m.14 views

Some tokens may revert when zero value transfers are made

Lines of code 356, 371, 145, 272, 252, 116, 445, 374, 506, 488https://github.com/Tapioca-DAO/tap-token-audit/blob/59749be5bc2286f0bdbf59d7ddc258ddafd49a9f/contracts/options/TapiocaOptionBroker...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/13 12:0 a.m.7 views

cancelBid() and cancelAllBids() functions are incorrectly implemented, resulting in partial/complete DoS-ing of bid cancelling functionality.

Lines of code Vulnerability details Impact cancelBid and cancelAllBids functions are incorrectly implemented, resulting in partial/complete DoS-ing of bid cancelling functionality. bidder could lose funds when they change their mind and want to cancel their bid, imagine they were the top bidder a...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/04/28 12:0 a.m.6 views

High Gas Costs Due to Unnecessary String Iteration in HexUtils Library's hexStringToBytes32() Function.

Lines of code Vulnerability details Impact The hexStringToBytes32 function in the HexUtils library iterates over the entire input string, even though only a portion of it is needed to compute the output, but still, this can lead to unnecessarily high gas costs, especially for large input strings...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/04/03 12:0 a.m.14 views

Params of Lien struct are not emitted when lien is created making it difficult to track

Lines of code Vulnerability details Impact Protocol does not store any information about Lien. When users want to interact, they have to send the whole Lien struct along with lienId, and the protocol will verify if this data is correct by hash. This approach reduces onchain storage and can save a...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/02/03 12:0 a.m.13 views

setDrips may distribute the drip too fast if the time hints are not good enough

Lines of code Vulnerability details Impact The setDrips function is used to configure a drip. It can either be withdrawing it, adding a new one, or even managing an existing one by updating the configuration. Internally, it account for the drips that are yet to be distributed to refund them to th...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/27 12:0 a.m.9 views

Gas Optimizations

See the markdown file with the details of this report here. --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/30 12:0 a.m.13 views

Leftover balance in the Executioner contract can be drained

Handle gzeon Vulnerability details Impact Leftover balance in the Executioner contract can be drained by swapping the target assetnative/erc20 into another asset. Slingshot.executeTrades allow user to execute trade using modules as long as the module is registered in the ModuleRegistry. The...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2021/07/12 12:0 a.m.20 views

Gas griefing attack on the removeUserActiveBlocks function

Handle shw Vulnerability details Impact The consumed gas to remove a user's active block is proportional to the total number of array elements i.e., block numbers. However, the array size can be arbitrarily increased by an attacker with only paying gas fees, causing a gas griefing attack when the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/07/11 12:0 a.m.7 views

activeTransactionBlocks are vulnerable to DDoS attacks

Handle pauliax Vulnerability details Impact There is a potential issue in function removeUserActiveBlocks and the for loop inside it. I assume you are aware of block gas limits they may be less relevant on other chains but still needs to be accounted for, so as there is no limit for...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/06/17 12:0 a.m.58 views

usage of safeApprove

Handle pauliax Vulnerability details Impact depositInVault in contract YearnV2YieldSource calls safeApprove when the allowance is less than the token balance: if token.allowanceaddressthis, addressv token.balanceOfaddressthis token.safeApproveaddressv, typeuint256.max; This does not mean that the...

6.9AI score
Exploits0
Rows per page
Query Builder