Lucene search
+L

8 matches found

Code423n4
Code423n4
added 2023/11/10 12:0 a.m.8 views

Users can lose eth when contributing.

Lines of code Vulnerability details Impact When contributing in InitialETHCrowdfund, if minting adjusts the voting power for that user to cap it at totalVotingPower, the user does not get refunded the eth he lost. Proof of Concept PartyGovernanceNFTmint caps the mintedVotingPower at...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.9 views

totalVotingPower is not being decreased in burn function in PartyGovernanceNFT.

Lines of code Vulnerability details Impact In PartyGovernanceNFT.burn function, burnAndUpdateVotingPower is being used which will reduce the votingPower from the burned nft and the mintedVotingPower. The totalVotingPower should be explicitly decreased in burn function which was missing here...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.12 views

Fund Drainage Due to Reentrancy Vulnerability in Crowdfunding

Lines of code Vulnerability details Impact in the refund function, there is a problem, this function is reads the isAuthority state variable from the PartyGovernanceNFT contract after making an external call to the burn function of the same contract. The burn function in the PartyGovernanceNFT...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.11 views

members can get less funds out than they should have in a rageQuit

Lines of code Vulnerability details Vulnerability details: Details: the function getVotingPowerShareOf in PartyGovernanceNft get's the voting power share of a tokenId and it does that by dividing the voting power that nft has by the totalVotingPower: function getVotingPowerShareOfuint256 tokenId...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/11/10 12:0 a.m.10 views

Potential DDOS

Lines of code Vulnerability details Impact With three loops, and an On+ 0n2 complexity this could cause DOS with users not being able to call this functions Proof of Concept Tools Used Recommended Mitigation Steps Assessed type DoS --- The text was updated successfully, but these errors were...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/30 12:0 a.m.14 views

Rage quit modifications should be limited to provide stronger guarantees to party members

Lines of code Vulnerability details Rage quit modifications should be limited to provide stronger guarantees to party members Party hosts can arbitrarily change the rage quit settings overriding any existing preset. Impact Rage quit is implemented in the PartyGovernanceNFT contract by using a...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/30 12:0 a.m.5 views

Fairness should be denominated in mintedVotingPower rather than totalVotingPower

Lines of code Vulnerability details Impact Rage quitter receives too little. Proof of Concept The rage quitter receives a share votingPowerByTokenIdtokenId 1e18 / totalVotingPower of each token balance. However the sum of votingPowerByTokenIdtokenId over all tokenId, i.e. mintedVotingPower, may b...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/09/19 12:0 a.m.19 views

Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol

Lines of code Vulnerability details Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol In contract TokenDistributor.sol we initializing the value of uint128 fee using a mathematical way but in a wrong manner their brackets are missing which will clear out the instance of usi...

6.8AI score
Exploits0
Rows per page
Query Builder