Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All First Flights
OrderBook
Submissions
First Flights
OrderBook
First Flight #43
Beginner Friendly
Solidity
100
EXP
First Flights
100
EXP
Jul 3rd, 2025 → Jul 10th, 2025
View repo
466 / 466
Submissions
Severity
Tags
#1
the allowed tokens like weth, wbtc,wsol are stored like individual variables in the ```constructor``` which is not scalable and Repetitive boilerplate logic, Can’t loop through them efficiently
Low
#2
Expired Orders Not Cancellable by Anyone (Design Flaw)
Medium
#3
Assumptions on ERC20 Token Behavior (Design Risk)
Medium
#4
Deviation from Checks-Effects-Interactions (CEI) Pattern
Low
#5
Allowed Token List Impact
Medium
#6
No Pausable Mechanism
Low
#7
Struct Packing (Gas Optimization)
Low
#8
No Fee-on-Transfer Token Support
Medium
#9
No ReentrancyGuard
Low
#10
Lack of explicit expired order cancellation
Medium
#11
Order Expiry Handling
Low
#12
Fee Calculation Precision
Low
#13
Fee Calculation Precision
Low
#14
Missing nonReentrant modifier on buyOrder, Lack of explicit reentrancy protection on buyOrder
Medium
#15
String-based revert used instead of custom error in emergencyWithdrawERC20
Low
#16
Missing Reentrancy Protection on buyOrder Function
Medium
#17
Buying your own order (Self-buy)
Medium
#18
DDOS attack base on _nextOrderId value can be set MAX by attacker lead to other customers can't create a new sell_order
High
#19
Orders get stuck after the deadline
Medium
#20
Malicious buyers can cause orders to fail abnormally
High
#21
Malicious buyers can cause orders to fail abnormally
High
#22
Reentrancy Vulnerability in Order Amendment
Medium
#23
Reentrancy Attack in buyOrder Function Allows Malicious Sellers to Prevent Order Execution
High
#24
Potential State Inconsistency in Order Execution
High
#25
Potential State Inconsistency in Order Execution
High
#26
Potential State Inconsistency in Order Execution
High
#27
Potential State Inconsistency in Order Execution
High
#28
Potential State Inconsistency in Order Execution
High
#29
State Inconsistency in Order Execution + Funds Permanently Locked
High
#30
Inconsistent Expired Order Handling + Market Manipulation
High
Previous
1
2
3
...
More pages
16
Next
Support
FAQs
Can't find an answer? Chat with us on Discord, Twitter or Linkedin.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!