Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All Contests
stake.link
Submissions
Public
stake.link
stake.link
DeFi
Hardhat
Bridge
27,500
USDC
Public
27,500
USDC
Dec 22nd, 2023 → Jan 12th, 2024
View repo
View results
415 / 415
Submissions
Severity
Validity
Tags
Author
#1
SDLPool assumes `lockIdsFound` will always be equal to `lockCount`
Low
Invalid
0xtheblackpanther
#2
SDLPoolPrimary.sol::Parralel data structure
Medium
Invalid
0xAbinash
#3
SDLPoolPrimary::User can lock minimum amount of SDL for maximum time and get boost for that.
Medium
Invalid
0xAbinash
#4
renetrency attack
High
Invalid
3shul
#5
Emit event for important state update like `setRewardsInitiator(...)`
Low
Invalid
kaysoft
#6
Lack of storage gap in SDLPool.sol can lead to upgrade storage slot collision.
Low
Valid
storage-gap
kaysoft
#7
Unsafe conversion from unsigned to signed integer in initiateUnlock(...) function
Low
Invalid
kaysoft
#8
Potential Division-by-Zero error in LinearBoostController::getBoostAmount, resulting in unexpected rewards and disruption of intented logic
High
Invalid
azmaeengh
#9
SDLPoolPrimary::After unlocking lockId is not removed which enables a user to lock SDL for lifetime and get reward for lifetime
High
Invalid
0xAbinash
#10
State variables not set when contract is initilized
Low
Invalid
timenov
#11
SDLPoolPrimary::Step wise jump + Back running
High
Invalid
0xAbinash
#12
SDLPoolPrimary::`migrate()` cannot be called by any address
High
Invalid
0xAbinash
#13
Vulnerable version of OpenZeppelin contracts is used
Medium
Invalid
ubl4nk
#14
Return value of approve not checked
Medium
Invalid
ubl4nk
#15
Consider using increaseAllowance() instead of `approve()`/`safeApprove()`
Low
Invalid
ubl4nk
#16
assert() should be replaced with require() or revert()
Low
Invalid
ubl4nk
#17
Large approvals may not work with some ERC20 tokens
Low
Invalid
ubl4nk
#18
SDLPoolPrimary:: `balances` mapping is not updated when a lock is unlcoked
Medium
Invalid
0xAbinash
#19
Lack of two-step process for contract ownership changes
Low
Valid
ownable-2step
ubl4nk
#20
Lack of Input Validation for Constructor Parameters
Medium
Invalid
kaveyjoe
#21
Insufficient Validation in onTokenTransfer
High
Invalid
kaveyjoe
#22
Lack of Event Emission in recoverTokens
Medium
Invalid
kaveyjoe
#23
SDLPoolPrimary::A position can initiate unlocking phase for a stake which was never locked
Medium
Invalid
0xAbinash
#24
Low Findings
Low
Invalid
pacelli
#25
Loss of reSDL tokens
Medium
Invalid
3shul
#26
Logical Error/Improper Lock Duration Update, in SDLPool::_updateLock, resulting in Potential Violation of Locking Constraints
Medium
Invalid
azmaeengh
#27
Unauthorized Distribution Of Rewards
High
Invalid
bhilare71
#28
Missing Event Emissions in SDLPool and SDLPoolCCIPController Admin Setter Functions
Low
Invalid
0xtheblackpanther
#29
Deprecated `safeApprove` OZ function is used, unintended reverts can happen
Low
Invalid
0xtheblackpanther
#30
Assumption of `sdlToken` at Zeroth Index in `destTokenAmounts`: Potential Unintended Consequences
Medium
Invalid
0xtheblackpanther
Previous
1
2
3
...
More pages
14
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
