Competitive Audits
First Flights
Judging
Leaderboard
Docs
Toggle theme
Sign up
Log in
All Contests
stake.link
Submissions
stake.link
stake.link
stake.link
stake.link
DeFi
Hardhat
Bridge
27,500
USDC
Public
27,500
USDC
Dec 22nd, 2023 → Jan 12th, 2024
View repo
View results
415 / 415
Submissions
Severity
Validity
Tags
Author
#1
SDLPool assumes `lockIdsFound` will always be equal to `lockCount`
Low
Invalid
0xTheBlackPanther
#2
SDLPoolPrimary.sol::Parralel data structure
Medium
Invalid
0xAbinash
#3
SDLPoolPrimary::User can lock minimum amount of SDL for maximum time and get boost for that.
Medium
Invalid
0xAbinash
#4
renetrency attack
High
Invalid
3shul
#5
Emit event for important state update like `setRewardsInitiator(...)`
Low
Invalid
kaysoft
#6
Lack of storage gap in SDLPool.sol can lead to upgrade storage slot collision.
Low
Valid
storage-gap
kaysoft
#7
Unsafe conversion from unsigned to signed integer in initiateUnlock(...) function
Low
Invalid
kaysoft
#8
Potential Division-by-Zero error in LinearBoostController::getBoostAmount, resulting in unexpected rewards and disruption of intented logic
High
Invalid
AzmaeenGH
#9
SDLPoolPrimary::After unlocking lockId is not removed which enables a user to lock SDL for lifetime and get reward for lifetime
High
Invalid
0xAbinash
#10
State variables not set when contract is initilized
Low
Invalid
Timenov
#11
SDLPoolPrimary::Step wise jump + Back running
High
Invalid
0xAbinash
#12
SDLPoolPrimary::`migrate()` cannot be called by any address
High
Invalid
0xAbinash
#13
Vulnerable version of OpenZeppelin contracts is used
Medium
Invalid
ubl4nk
#14
Return value of approve not checked
Medium
Invalid
ubl4nk
#15
Consider using increaseAllowance() instead of `approve()`/`safeApprove()`
Low
Invalid
ubl4nk
#16
assert() should be replaced with require() or revert()
Low
Invalid
ubl4nk
#17
Large approvals may not work with some ERC20 tokens
Low
Invalid
ubl4nk
#18
SDLPoolPrimary:: `balances` mapping is not updated when a lock is unlcoked
Medium
Invalid
0xAbinash
#19
Lack of two-step process for contract ownership changes
Low
Valid
ownable-2step
ubl4nk
#20
Lack of Input Validation for Constructor Parameters
Medium
Invalid
Kaveyjoe
#21
Insufficient Validation in onTokenTransfer
High
Invalid
Kaveyjoe
#22
Lack of Event Emission in recoverTokens
Medium
Invalid
Kaveyjoe
#23
SDLPoolPrimary::A position can initiate unlocking phase for a stake which was never locked
Medium
Invalid
0xAbinash
#24
Low Findings
Low
Invalid
pacelli
#25
Loss of reSDL tokens
Medium
Invalid
3shul
#26
Logical Error/Improper Lock Duration Update, in SDLPool::_updateLock, resulting in Potential Violation of Locking Constraints
Medium
Invalid
AzmaeenGH
#27
Unauthorized Distribution Of Rewards
High
Invalid
bhilare71
#28
Missing Event Emissions in SDLPool and SDLPoolCCIPController Admin Setter Functions
Low
Invalid
0xTheBlackPanther
#29
Deprecated `safeApprove` OZ function is used, unintended reverts can happen
Low
Invalid
0xTheBlackPanther
#30
Assumption of `sdlToken` at Zeroth Index in `destTokenAmounts`: Potential Unintended Consequences
Medium
Invalid
0xTheBlackPanther
Previous
1
2
3
...
More pages
14
Next
Support
FAQs
Can’t find an answer? Join our Discord or follow us on Twitter.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
What is community judging?
How do I get rewarded?
What is a First Flight?
Give us feedback!
