4 matches found
Upgraded Q -> 2 from #16 [1686928129422]
Judge has assessed an item in Issue 16 as 2 risk. The relevant finding follows: L-3 onlyOwner single point of failure Impact The onlyOwner role has a single point of failure and onlyOwner can use critical a few functions. Even if protocol admins/developers are not malicious there is still a chanc...
deposit function of WstEth not working correctly
Lines of code Vulnerability details Impact The deposit function doesnt seem to work at all, or correctly at all. Its missing some code, etc. Please see my natspec notes below for more clarity: Apologies, this is 10mins before contest ends, so I'm just going to copy my NatSpec notes here: function...
[NAZ-H1] Anyone Can Call removeFeeder()
Lines of code Vulnerability details Impact Currently anyone can call removeFeeder which can cause an ample amount of issues across the protocol. It is also stated in the NatSpec: Allows owner to remove feeder. Proof of Concept Anyone can remove a feeder and only the admin should be able to remove...
Division by zero
I'm upgrading the following issue from a QA report issue 48 to Medium risk: Division by zero calculateDeviationThresholdBasisPoints was important enough to be in a separate library rather than being just a normal function of another contract so it should be generic enough for other contracts to u...