4 matches found
wrong implementation of maxHeap.extractMax();
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. wrong implementation of maxHeap.extractMax; as it should return values but here its not assigned to anything. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, log...
Two items having same number of votes above the quorum can lead to invariant violation and unfairness towards either of the item
Lines of code Vulnerability details Impact When an item is dropped or extracted from the maxHeap tree, it is directly done so from the item at the root of the tree i.e. index 0. Although this is expected, if one of the child itemIds have number of votes equal to that of the root node, this would ...
Error prone and complex code
Lines of code Vulnerability details Used function is error prone and complex that leads to incorrect asset handling so have suggested below maxHeapify implementation. function maxHeapifyuint256 pos internal uint256 left = 2 pos + 1; uint256 right = 2 pos + 2; uint256 largest = pos; if left...
Slippage protection missing
Lines of code Vulnerability details The MaxHeap contract does not check for slippage when updating item values. This could enable the admin to manipulate asset prices. Recommendation: Implement slippage protection by adding min/max checks in updateValue: function updateValueuint256 itemId, uint25...