Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All Contests
Flow
Submissions
Public
Flow
Sablier
Foundry
DeFi
20,000
USDC
Public
20,000
USDC
Oct 25th, 2024 → Nov 1st, 2024
View repo
View results
499 / 499
Submissions
Severity
Validity
Tags
Author
#1
`SablierFlowBase` Lacks `EIP-165` Compliance for `EIP4906` Interface Support
Low
Valid
EIP4906
chista0x
#2
Critical Privileges Transferred Without Address Validation in Single-Step Process
Low
Invalid
chista0x
#3
Contract lacks a `createAndDepositViaBroker` function
Low
Invalid
[INVALID] Contract lacks a ...
ljj
#4
Unauthorized Admin Transfer Vulnerability in `Adminable` Contract
High
Invalid
0xrakesh_ummadi28
#5
Non-Unique Metadata for All Token IDs
Low
Invalid
[INVALID] Non-Unique Metadata
0xserpent
#6
Potential Reentrancy Vulnerability in withdraw Function
Medium
Invalid
0xserpent
#7
lack of update of user balance
High
Invalid
cody
#8
Lack of Access Control in void Function
High
Invalid
0xserpent
#9
Integer Underflow/Overflow Risks in Balance Management
High
Invalid
0xserpent
#10
Potential Inconsistency in aggregateBalance Updates
Medium
Invalid
0xserpent
#11
Missing Events for Critical Functions
Low
Invalid
0xserpent
#12
Potential Front-Running in Rate Adjustments
Low
Invalid
0xserpent
#13
Lack of Zero Address Validation in transferAdmin Function
Medium
Invalid
0xserpent
#14
Arbitrary Function Execution via Unrestricted delegatecall
High
Invalid
0xserpent
#15
SablierFlowBase::collectProtocolRevenue() and SablierFlowBase::recover() Lack Zero Address Check for to Parameter(Improper Input Validation + Potential Asset Loss)
High
Invalid
i_atiq
#16
SablierFlow::pause() Updates snapshotTime Which is not Supposed to Happen (Unintended State Modification + Gas Inefficiency)
Low
Invalid
i_atiq
#17
Adminable::transferAdmin() Lacks Zero Address Check (Improper Input Validation + Potential Privilege Loss)
Medium
Invalid
i_atiq
#18
"Improper Input Validation: Missing Zero Check for `totalAmount` in ProtocolFee and net WIthdraw amount Calculation
Medium
Invalid
eagles
#19
Reentrancy Vulnerability in Withdrawals
High
Invalid
0xserpent
#20
Insufficient Access Control
Medium
Invalid
0xserpent
#21
Arithmetic Overflow/Underflow Risks
Medium
Invalid
0xserpent
#22
Improper Error Handling for External Calls
High
Invalid
0xserpent
#23
Lack of Emergency Withdrawal Mechanism
Low
Invalid
0xserpent
#24
Potential Integer Division Issues
Medium
Invalid
0xserpent
#25
Timestamp Dependence
Low
Invalid
0xserpent
#26
Admin Control Vulnerability
Medium
Invalid
0xserpent
#27
Lack of Admin Address Validation
Low
Invalid
0xserpent
#28
Delegatecall Risks
Medium
Invalid
0xserpent
#29
Error Handling in Batch Calls
Low
Invalid
0xserpent
#30
Contract Size Limitation
Low
Invalid
0xserpent
Previous
1
2
3
...
More pages
17
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!