CodeHawks
Competitive Audits
First Flights
Judging
Leaderboard
Docs
Toggle theme
Connect Wallet
All Contests
Sparkn
Submissions
Sparkn
CodeFox Inc.
Sparkn
CodeFox Inc.
DeFi
Foundry
Proxy
15,000
USDC
Public
15,000
USDC
Aug 21st, 2023 → Aug 29th, 2023
View repo
View results
938 / 938
Submissions
Severity
Validity
Tags
Author
#1
Zero-Address Checks absent in Constructor
Medium
-
0xAxe
#2
ProxyFactory: no ability to add tokens to whitelist after deployment
Low
-
meetm
#3
ProxyFactory: owner can distribute however they want after expiry
High
-
meetm
#4
Premature Contest Closure via `setContest` Function
Medium
-
Daniel526
#5
ProxyFactory: no input validation on proxy param
High
-
meetm
#6
Incorrect Handling of Delegatecall Result in Proxy Contract's Fallback Function
Medium
-
Kaveyjoe
#7
Missing Error Message in Revert Statements
Low
-
Kaveyjoe
#8
Incorrect Error Handling for Mapping Access
Low
-
Kaveyjoe
#9
Potential Integer Overflow
Medium
-
Kaveyjoe
#10
Vunerable to Reentrancy
High
-
Kaveyjoe
#11
Lack of Access Control for Token Whitelisting
Low
-
Kaveyjoe
#12
Gas Limit for Loops
Low
-
Kaveyjoe
#13
Protocol has no way to update whitelisted tokens
Low
-
ZedBlockchain
#14
Concern of Recursive Calls in `_distribute` Function
Medium
-
Daniel526
#15
Potential issue on Distributor Contract
Medium
-
Kaveyjoe
#16
Protocol wont work well with tokens that can prevent transfers
Low
-
ZedBlockchain
#17
Use latest solidity version
Low
-
ZedBlockchain
#18
Storage Layout Clash between Proxy and Distributor Contracts
Low
-
Auditism
#19
Risk of Duplicating Execution in `deployProxyAndDistributeBySignature` Function
Low
-
Daniel526
#20
Deterministic Address Generation flaw in `getProxyAddress` Function
High
-
Auditism
#21
Ownable2Step vs Ownable ownership change risks
Low
-
ZedBlockchain
#22
Potential for Users to Set closeTime Beyond Intended Maximum in setContest Function
Medium
-
Auditism
#23
Potential Distribution Failure Due to Individual Transfer Interruptions in the _distribute Function
Low
-
Auditism
#24
Missing Events
Low
-
ZedBlockchain
#25
"Immutable COMMISSION_FEE Contradicts Comment Indicating Mutability"
Medium
-
Auditism
#26
ProxyFactory Contract never initializes the owner for Ownable.sol
Medium
-
tendency
#27
Missing caller information in events
Low
-
ZedBlockchain
#28
Tokens can't removed and new tokens can't be added to whitelist
Low
-
Timenov
#29
Missing indexing event values
Low
-
ZedBlockchain
#30
Single Point of Failure Due to Centralized Ownership Control
Medium
-
Auditism
Previous
1
2
3
...
More pages
32
Next
Support
FAQs
Can’t find an answer? Join our Discord or follow us on Twitter.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
What is community judging?
How do I get rewarded?
What is a First Flight?
Give us feedback!
