Skip to content

Issues: code-423n4/2021-11-nested-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

102 Open 131 Closed
102 Open 131 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Passing multiple ETH deposits in orders array will use the same msg.value many times 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
#226 opened Nov 17, 2021 by code423n4
@maximebrugel
2
NestedFactory._decreaseHoldingAmount needs explicit amount control for spending reserve 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#223 opened Nov 17, 2021 by code423n4
2
NestedFactory.removeOperator code doesn't correspond to it's logic 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working
#220 opened Nov 17, 2021 by code423n4
@maximebrugel
2
Ensure on-chain that cache is synced 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working
#217 opened Nov 17, 2021 by code423n4
@maximebrugel
2
mintWithMetadata onlyFactory bug Something isn't working G (Gas Optimization) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#213 opened Nov 17, 2021 by code423n4
OperatorResolver.areAddressesImported doesn't check lengths of argument arrays 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#210 opened Nov 17, 2021 by code423n4
@maximebrugel
_burnNST bug Something isn't working G (Gas Optimization) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#208 opened Nov 17, 2021 by code423n4
@maximebrugel
index + 1 can be simplified bug Something isn't working G (Gas Optimization) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#207 opened Nov 17, 2021 by code423n4
@maximebrugel
INestedToken interface 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#206 opened Nov 17, 2021 by code423n4
@maximebrugel
NestedAsset.setFactory should be named addFactory 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#204 opened Nov 17, 2021 by code423n4
@maximebrugel
Can't revoke factory in NestedRecrods 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#203 opened Nov 17, 2021 by code423n4
@maximebrugel
NestedFactory.addTokens and withdraw functions require NFT reserve check 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#199 opened Nov 17, 2021 by code423n4
@maximebrugel
Check condition before calling NestedFactory._handleUnderSpending bug Something isn't working G (Gas Optimization) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#198 opened Nov 17, 2021 by code423n4
@maximebrugel
Unused local variables bug Something isn't working G (Gas Optimization)
#195 opened Nov 17, 2021 by code423n4
@maximebrugel
2
Small refactor for functions to save some gas bug Something isn't working G (Gas Optimization) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#193 opened Nov 17, 2021 by code423n4
@maximebrugel
Unnecessary Use of _msgSender() bug Something isn't working G (Gas Optimization) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#185 opened Nov 17, 2021 by code423n4
@maximebrugel
1
_handleUnderSpending reverts if condition is false 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#183 opened Nov 17, 2021 by code423n4
@maximebrugel
Function using msg.value called in loop 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#182 opened Nov 17, 2021 by code423n4
1
Can add duplicate operators 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#180 opened Nov 17, 2021 by code423n4
@maximebrugel
Cannot change tokenUri 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#179 opened Nov 17, 2021 by code423n4
2
Missing parameter validation 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#178 opened Nov 17, 2021 by code423n4
@maximebrugel
Cache and read storage variables from the stack can save gas bug Something isn't working G (Gas Optimization) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#175 opened Nov 17, 2021 by code423n4
@maximebrugel
1
Adding unchecked directive can save gas bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#173 opened Nov 17, 2021 by code423n4
1
NestedFactory#removeOperator() Avoid empty items can save gas bug Something isn't working G (Gas Optimization)
#170 opened Nov 17, 2021 by code423n4
@maximebrugel
3
Inconsistent use of _msgSender() bug Something isn't working invalid This doesn't seem right sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#169 opened Nov 17, 2021 by code423n4
2
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.