9 matches found
Division by zero
I'm upgrading the following issue from a QA report issue 48 to Medium risk: Division by zero calculateDeviationThresholdBasisPoints was important enough to be in a separate library rather than being just a normal function of another contract so it should be generic enough for other contracts to u...
Potential reentrance in claimRewards
Judge @GalloDaSballo has assessed the 1st item in QA Report 36 as Medium risk. The relevant finding follows: … POC IERC20tokensi.safeTransfermsg.sender, getting; rewardmsg.sendertokensi = 0; Considering there are exterTokens, it is possible that some token will provide reentry opportunities...
Cast to uint192 is unsafe
Judge @GalloDaSballo has assessed the 3rd item in QA Report 197 as Medium risk. The relevant finding follows: … Cast to uint192 is unsafe, user trying to deposit more than 2^192 would recevie less deposits balance. depositspidmsg.sender.amount += uint192amount; --- The text was updated...
User fund stuck
Judge @GalloDaSballo has assessed the 3rd item in QA Report 26 as Medium risk. The relevant finding follows: … Contract: In withdraw function, Funds will stuck if user deposited a amount and then isDepositordepositor is set to false by Admin. Now user cannot withdraw the amount since onlyDeposito...
If currentMonth in init is 0, then CPI update will revert, zero div
This is a manual upgrade of the sixth item in QA report 86 , per judge @jack-the-pug's assessment of it as a Medium risk issue. If currentMonth in init is 0, then CPI update will revert, zero div --- The text was updated successfully, but these errors were encountered: All reactions...
Check if a value is in an array before a push
This issue has been created to upgrade a QA report submission to a medium severity finding. From Dravee: Check if a value is in an array before a push In NestedRecords.sol's store function, it's possible to push an existing address token several times in the same array File: NestedRecords.sol 130...
Wrong implementation of OperatorResolver::areOperatorsImported
This issue has been created to upgrade a QA report submission to a medium severity finding. From kenzo: Wrong implementation of OperatorResolver::areOperatorsImported The function as implemented will return true if the operators have same implementation but different selector, or different...
areOperatorsImported has incorrect logic
This issue has been created to upgrade a QA report submission to a medium severity finding. From 0xliumin: areOperatorsImported has incorrect logic Right now, this function returns false if the implementation AND the selector don't match. It's possible to provide a destination with either a...
function rebuildCache() in MixinOperatorResolver does not delete removed operators from operatorCache
This issue has been created to upgrade a QA report submission to a medium severity finding. From pauliax: function rebuildCache in MixinOperatorResolver does not delete removed operators from operatorCache. resolverOperatorsRequired return current active operators, so it will not contain removed...