Skip to content

Issues: code-423n4/2021-12-perennial-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

38 Open 36 Closed
38 Open 36 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

withdrawTo Does Not Sync Before Checking A Position's Margin Requirements 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#74 opened Dec 15, 2021 by code423n4
2
On updating the Incentive fee greater than UFixedLib18.ONE, new Programs can not be created 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#72 opened Dec 15, 2021 by code423n4
1
Initialization functions can be front-run 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix)
#71 opened Dec 15, 2021 by code423n4
4
Collateral.sol#maintananceInvariant can be combined with collateralnvarant to save gas bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#70 opened Dec 15, 2021 by code423n4
2
At settleAccountInternal, check whether the position can be changeable to pre more efficiently bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#66 opened Dec 15, 2021 by code423n4
2
At Product.sol#closeAll, cache _position[account] bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#65 opened Dec 15, 2021 by code423n4
1
No checks if given product is created by the factory 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix)
#63 opened Dec 15, 2021 by code423n4
2
Adding unchecked directive can save gas bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#57 opened Dec 15, 2021 by code423n4
1
Fixed18 conversions don't work for all values 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#54 opened Dec 15, 2021 by code423n4
1
NotControllerOwnerError error not used bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix)
#52 opened Dec 15, 2021 by code423n4
2
Missing fee parameter validation 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#50 opened Dec 15, 2021 by code423n4
1
claimFee loop does not check for zero transfer amount (Incentivizer.sol) bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#43 opened Dec 14, 2021 by code423n4
1
Removing redundant code can save gas (Collateral, Factory, Incentivizer, ChainlinkOracle) 0 (Non-critical) Code style, clarity, syntax, versioning, off-chain monitoring (events etc), exclude gas optimisation bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#41 opened Dec 14, 2021 by code423n4
1
Cache storage variables in the stack can save gas bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#40 opened Dec 14, 2021 by code423n4
1
Remove unnecessary variables can make the code simpler and save some gas bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#39 opened Dec 14, 2021 by code423n4
1
Inline unnecessary function can make the code simpler and save some gas bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#38 opened Dec 14, 2021 by code423n4
1
Best Practice: public functions not used by current contract should be external bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#37 opened Dec 14, 2021 by code423n4
2
Incentivizer.sol Tokens with fee on transfer are not supported 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix)
#36 opened Dec 14, 2021 by code423n4
7
Factory.sol#updateController() Lack of input validation 1 (Low Risk) Assets are not at risk. State handling, function incorrect as to spec, issues with comments bug Something isn't working resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#35 opened Dec 14, 2021 by code423n4
1
Unnecessary checked arithmetic in for loops bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#34 opened Dec 14, 2021 by code423n4
2
Cache storage read and call results in the stack can save gas bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#33 opened Dec 14, 2021 by code423n4
1
Reuse operation results can save gas bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#32 opened Dec 14, 2021 by code423n4
1
Cache array length in for loops can save gas bug Something isn't working G (Gas Optimization) sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#31 opened Dec 14, 2021 by code423n4
1
Avoid unnecessary SafeCast.toInt256() can save gas bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#30 opened Dec 14, 2021 by code423n4
1
Use immutable variables can save gas bug Something isn't working G (Gas Optimization) resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#29 opened Dec 14, 2021 by code423n4
1
ProTip! Updated in the last three days: updated:>2025-03-10.