Issues: code-423n4/2021-07-connext-findings
Issues list
Cache storage variables to local variables to save gas
bug
Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#75
opened Jul 12, 2021 by
code423n4
Use the Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
unchecked keyword to save gas
bug
#74
opened Jul 12, 2021 by
code423n4
Deflationary and fee-on-transfer tokens are not correctly accounted
1 (Low Risk)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#68
opened Jul 12, 2021 by
code423n4
Missing @param in fulfill NatSpec
0 (Non-critical)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#64
opened Jul 11, 2021 by
code423n4
Revert strings
bug
Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#59
opened Jul 11, 2021 by
code423n4
Don't ask for the user's signature when msg.sender == txData.user
0 (Non-critical)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#57
opened Jul 11, 2021 by
code423n4
Refacotr: Reuse same code for hashVariantTransactionData with txData and when preparedBlockNumber is 0
0 (Non-critical)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#56
opened Jul 11, 2021 by
code423n4
An attacker can front-run a user’s prepare() tx on sending chain to cause DoS by griefing
1 (Low Risk)
bug
Something isn't working
sponsor acknowledged
Yes, technically the issue is correct, but we are not going to resolve it for xyz reasons.
#52
opened Jul 11, 2021 by
code423n4
Missing zero-address checks
1 (Low Risk)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#50
opened Jul 11, 2021 by
code423n4
Lack of guarded launch approach may be risky
1 (Low Risk)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#49
opened Jul 11, 2021 by
code423n4
Expired transfers will lock user funds on the sending chain
3 (High Risk)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#47
opened Jul 11, 2021 by
code423n4
Router liquidity on receiving chain can be double-dipped by the user
3 (High Risk)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#46
opened Jul 11, 2021 by
code423n4
Checking non-zero value can avoid an external call to save gas
bug
Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#45
opened Jul 11, 2021 by
code423n4
Evaluate security benefit vs gas usage trade-off for using nonreentrant modifier on different functions
bug
Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#43
opened Jul 11, 2021 by
code423n4
Consolidating library functions can save gas by preventing external calls
bug
Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#42
opened Jul 11, 2021 by
code423n4
Checking before external library call can save 2600 gas
bug
Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#41
opened Jul 11, 2021 by
code423n4
Using access lists can save gas due to EIP-2930 post-Berlin hard fork
bug
Something isn't working
G (Gas Optimization)
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#39
opened Jul 11, 2021 by
code423n4
MAX_TIMEOUT
1 (Low Risk)
bug
Something isn't working
sponsor confirmed
Yes, this is a problem and we intend to fix it.
#33
opened Jul 11, 2021 by
code423n4
ProTip!
Adding no:label will show everything without a label.