projectCost may be reverted due to out of gas problem if having too many tasks. lendToProject and recoverTokens may always revert because of this.

Lines of code Vulnerability details Impact projectCost may be reverted due to out of gas problem if having too many tasks. lendToProject and recoverTokens may always revert because of this. If lendToProject always revert, community owner won't be able to lends fund to the published project. Tasks...

Tokens can be stolen when depositToken == rewardToken

Handle cmichel Vulnerability details The Streaming contract allows the deposit and reward tokens to be the same token. I believe this is intended, think Sushi reward on Sushi as is the case with xSushi. The reward and deposit balances are also correctly tracked independently in depositTokenAmount...

Reward token not correctly recovered

Handle cmichel Vulnerability details The Streaming contract allows recovering the reward token by calling recoverTokensrewardToken, recipient. However, the excess amount is computed incorrectly as ERC20token.balanceOfaddressthis - rewardTokenAmount + rewardTokenFeeAmount: function...

Fund freezing is possible as claimed reward tokens aren't accounted for by recoverTokens

Handle hyh Vulnerability details Impact Reward tokens accidently sent to the Stream contract cannot be recovered with recoverTokens if some reward tokens were already claimed with claimReward. As recoverTokens is the only recovering functionality in the contract the corresponding reward tokens wi...

recoverTokens did not consider depositTokenFlashloanFeeAmount

Handle gzeon Vulnerability details Impact In recoverTokens, when token == depositToken, the excess is defined as follow excess = ERC20token.balanceOfaddressthis - depositTokenAmount - redeemedDepositTokens; Instead we should also consider depositTokenFlashloanFeeAmount gained from flashloan fee...

depositToken != rewardToken

Handle pauliax Vulnerability details Impact function createStream should validate that depositToken != rewardToken, otherwise, some functionality may not work as intended, e.g. in function recoverTokens it will become impossible to reach the second 'if' statement. Recommended Mitigation Steps...

Locke.sol:Stream - recoverTokens can bork depositToken balance

Handle ScopeLift Vulnerability details Impact if there's been a flashloan which adds to depositTokenFlashloanFeeAmount which gov can then collect but then recoverTokens is called before governor calls claimFees, then depositToken.balanceOfaddressthis is gonna be off by...