Skip to content

CRYP70-au/web3-security-findings

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 

Repository files navigation

Security findings now published to: https://fortcypress.io/ (SimpleSmart contracts deployed to Goerli as well)

Public Audit Findings

Below are a few of my security audit findings which I would consider to be showcase worthy. Others are either under review or have not been disclosed.

Base tokens in pair contract are assumed to have 1e18 decimals

code-423n4/2022-12-caviar-findings#277

Flaw in pair contract allows users to get free fractional tokens

code-423n4/2022-12-caviar-findings#276

Critical flaw in providing liquidity results in an immediate loss of funds

code-423n4/2022-12-caviar-findings#278

Forcibly sending tokens to the vault can block future investors from receiving myLink causing a denial of service condition and loss of funds

https://github.com/sherlock-audit/2022-10-mycelium-judging/blob/main/029-M/035.md

Users can be rugged by the admin user

https://github.com/sherlock-audit/2022-10-mycelium-judging/blob/main/low-info/008-M/031.md

usdcAmount Will be Incorrect in withdrawAuction() When Attempting to Transfer Proportionate Amount

https://github.com/sherlock-audit/2022-11-opyn-judging/blob/main/008-H/103.md

About

Publicly disclosed web3 bug bounty findings

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published