4 matches found
M-01 Usage of deprecated sendValue to send eth
Lines of code Vulnerability details Impact The recommended way to send ether is with call function. Using transfer or sendValue could lead to running out of gas, due to the fact that it is predefined and the transfer will fail, in such scenario there won't be way to withraw the amount from the...
Upgraded Q -> M from 221 [1665738683985]
Judge has assessed an item in Issue 221 as Medium risk. The relevant finding follows: L‑01 Don't use payable.transfer/payable.send The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient is either an EOA accoun...
call() should be used instead of transfer() on address payable
Lines of code Vulnerability details call should be used instead of transfer on address payable Impact The use of the deprecated transfer function for an address wll make the transaction fail when 1. The withdrawer smart contract does not implement a payable function. 2. The withdrawer smart...
Transfer function is unreliable
Handle Koustre Vulnerability details Impact Opcode pricing is not stable and should not be relied upon to protect against re-entrancy attacks. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept...