5 matches found
[H-01] Ocean contract and onERC1155Received function is vulnerable to read only reentrancy
Lines of code Vulnerability details Impact The Ocean contract and onERC1155Received function is vulnerable to read only reentrancy when read from another contract. The order of function execution when called externally from the onERC1155Received function in the Ocean contract is as follows. The...
[H-02] The Ocean contract and the onERC721Received function is vulnerable to read-only re-entrancy
Lines of code Vulnerability details Impact The contract.function called Ocean.onERC721Received is vulnerable to read-only re-entrancy. The read-only re-entrancy is possible if the contract function is called externally from another contract. What follows are the functions that are traversed throu...
Batch Execution Failure
Lines of code Vulnerability details Impact A failure in one interaction could potentially cause the entire batch to fail, affecting subsequent interactions. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates...
Core function of Ocean contract like doInteraction | doMultipleInteractions | forwardedDoInteraction may revert under certain conditions
Lines of code Vulnerability details Impact Core functions like doInteraction, forwardedDoInteraction, doMultipleInteractions, forwardedDoMultipleInteractions etc, will always revert under certain conditions due to overflow in calculations. Proof of Concept Core external functions like doInteracti...
Ocean cannot _mintBatch() as onERC1155BatchRecieved() not implemeneted on the Ocean contract when batch transferring to itself
Lines of code Vulnerability details The comment @ Ocean L348 states: The Ocean never initiates ERC1155 Batch Transfers. This is untrue, note the following callstack: Ocean.doMultipleInteractions | Ocean.forwardedDoMultipleInteractions Ocean.doMultipleInteractions calls mintBatch @ L560...