Lucene search
K

9 matches found

Code423n4
Code423n4
added 2022/05/03 12:0 a.m.7 views

Division by zero

I'm upgrading the following issue from a QA report issue 48 to Medium risk: Division by zero calculateDeviationThresholdBasisPoints was important enough to be in a separate library rather than being just a normal function of another contract so it should be generic enough for other contracts to u...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/28 12:0 a.m.10 views

Potential reentrance in claimRewards

Judge @GalloDaSballo has assessed the 1st item in QA Report 36 as Medium risk. The relevant finding follows: … POC IERC20tokensi.safeTransfermsg.sender, getting; rewardmsg.sendertokensi = 0; Considering there are exterTokens, it is possible that some token will provide reentry opportunities...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/28 12:0 a.m.12 views

Cast to uint192 is unsafe

Judge @GalloDaSballo has assessed the 3rd item in QA Report 197 as Medium risk. The relevant finding follows: … Cast to uint192 is unsafe, user trying to deposit more than 2^192 would recevie less deposits balance. depositspidmsg.sender.amount += uint192amount; --- The text was updated...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/28 12:0 a.m.8 views

User fund stuck

Judge @GalloDaSballo has assessed the 3rd item in QA Report 26 as Medium risk. The relevant finding follows: … Contract: In withdraw function, Funds will stuck if user deposited a amount and then isDepositordepositor is set to false by Admin. Now user cannot withdraw the amount since onlyDeposito...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/27 12:0 a.m.10 views

If currentMonth in init is 0, then CPI update will revert, zero div

This is a manual upgrade of the sixth item in QA report 86 , per judge @jack-the-pug's assessment of it as a Medium risk issue. If currentMonth in init is 0, then CPI update will revert, zero div --- The text was updated successfully, but these errors were encountered: All reactions...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/03/03 12:0 a.m.8 views

Check if a value is in an array before a push

This issue has been created to upgrade a QA report submission to a medium severity finding. From Dravee: Check if a value is in an array before a push In NestedRecords.sol's store function, it's possible to push an existing address token several times in the same array File: NestedRecords.sol 130...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/03/03 12:0 a.m.12 views

Wrong implementation of OperatorResolver::areOperatorsImported

This issue has been created to upgrade a QA report submission to a medium severity finding. From kenzo: Wrong implementation of OperatorResolver::areOperatorsImported The function as implemented will return true if the operators have same implementation but different selector, or different...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/03/03 12:0 a.m.10 views

areOperatorsImported has incorrect logic

This issue has been created to upgrade a QA report submission to a medium severity finding. From 0xliumin: areOperatorsImported has incorrect logic Right now, this function returns false if the implementation AND the selector don't match. It's possible to provide a destination with either a...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/03/03 12:0 a.m.9 views

function rebuildCache() in MixinOperatorResolver does not delete removed operators from operatorCache

This issue has been created to upgrade a QA report submission to a medium severity finding. From pauliax: function rebuildCache in MixinOperatorResolver does not delete removed operators from operatorCache. resolverOperatorsRequired return current active operators, so it will not contain removed...

6.8AI score
Exploits0
Rows per page
Query Builder