7. Audit Findings 101.md

1. Unhandled return values of transfer and transferFrom
2. Random task execution
3. Tokens with more than 18 decimal points will cause issues
4. Error codes of Compound’s Comptroller.enterMarket, Comptroller.exitMarket are not checked
5. Reversed order of parameters in allowance function call
6. Token approvals can be stolen in DAOfiV1RouteraddLiquidity()
7. swapExactTokensForETH checks the wrong return value
8. DAOfiV1Pair.deposit() accepts deposits of zero, blocking the pool
9. GenesisGroup.commit overwrites previously-committed values
10. Purchasing and committing still possible after launch
11. UniswapIncentive overflow on pre-transfer hooks
12. BondingCurve allows users to acquire FEI before launch
13. Timed.isTimeEnded returns true if the timer has not been initialized
14. Overflow/underflow protection
15. Unchecked return value for IWETH.transfer call
16. GenesisGroup.emergencyExit remains functional after launch
17. ERC20 tokens with no return value will fail to transfer
18. Reentrancy vulnerability in MetaSwap.swap()
19. A new malicious adapter can access users’ tokens
20. Owner can front-run traders by updating adapters
21. Users can collect interest from SavingsContract by only staking mTokens momentarily
22. Oracle updates can be manipulated to perform atomic front-running attack
23. Certain functions lack input validation routines
24. Remove Loihi methods that can be used as backdoors by the administrator
25. A reverting fallback function will lock up all payouts
26. Saferagequit makes you lose funds
27. Creating proposal is not trustless
28. Emergency processing can be blocked
29. Token Overflow might result in system halt or loss of funds
30. Whitelisted tokens limit
31. Summoner can steal funds using bailout
32. Sponsorship front-running
33. Delegate assignment front-running
34. Queued transactions cannot be canceled
35. Proposal transactions can be executed separately and block Proposal.execute call
36. Proposals could allow Timelock.admin takeover
37. Reentrancy and untrusted contract call in mintMultiple
38. Lack of return value checks can lead to unexpected results
39. External calls in loop can lead to denial of service
40. OUSD allows users to transfer more tokens than expected
41. OUSD total supply can be arbitrary, even smaller than user balances
42. Flash minting can be used to redeem fyDAI
43. Lack of chainID validation allows signatures to be re-used across forks
44. Lack of a contract existence check allows token theft
45. No incentive for bidders to vote earlier
46. Lack of access control separation is risky
47. Lack of two-step procedure for critical operations leaves them error-prone
48. Initialization functions can be front-run
49. Missing validation of owner argument could indefinitely lock owner role
50. Incorrect comparison enables swapping and token draining at no cost
51. Unbound loop enables denial of service
52. Front-running pool’s initialization can lead to draining of liquidity provider’s initial deposits
53. Swapping on zero liquidity allows for control of the pool’s price
54. Failed transfer may be overlooked due to lack of contract existence check
55. Use of undefined behavior in equality check
56. Assimilators’ balance functions return raw values
57. System always assumes USDC is equivalent to USD
58. Assimilators use a deprecated Chainlink API
59. cancelOrdersUpTo can be used to permanently block future orders
60. Specification-Code mismatch for AssetProxyOwner timelock period
61. Unclear documentation on how order filling can fail
62. Market makers have a reduced cost for performing front-running attacks
63. setSignatureValidatorApproval race condition may be exploitable
64. Batch processing of transaction execution and order matching may lead to exchange griefing
65. Zero fee orders are possible if a user performs transactions with a zero gas price
66. Calls to setParams may set invalid values and produce unexpected behavior in the staking contracts
67. Improper Supply Cap Limitation Enforcement
68. Improper Storage Management of Open Loan Accounts
69. Contract Owner Can Arbitrarily Change Minting Fees and Interest Rates
70. Inadequate Proxy Implementation Preventing Contract Upgrades
71. Blacklisting Bypass via transferFrom() Function
72. Wrong Order of Operations Leads to Exponentiation of rewardPerTokenStored
73. Staking Before Initial notifyRewardAmount Can Lead to Disproportionate Rewards
74. External Call Reverts if Period Has Not Elapsed
75. Gap Between Periods Can Lead to Erroneous Rewards
76. Malicious Users Can DOS/Hijack Requests From Chainlinked Contracts
77. Lack of event emission after sensitive actions
78. Functions with unexpected side-effects
79. Mooniswap pairs cannot be unpaused
80. Attackers can prevent honest users from performing an instant withdraw from the Wallet contract
81. Not using upgrade safe contracts in FsToken inheritance
82. Unchecked output of the ECDSA recover function
83. Adding new variables to multi-level inherited upgradeable contracts may break storage layout
84. Unsafe division in rdivide and wdivide functions
85. Incorrect safeApprove usage
86. ETH could get trapped in the protocol
87. Use of transfer might render ETH impossible to withdraw
88. Not following the Checks-Effects-Interactions pattern
89. Updating the Governance registry and Guardian addresses emits no events
90. The quorum requirement can be trivially bypassed with sybil accounts
91. Inconsistently checking initialization
92. Voting period and quorum can be set to zero
93. Some state variables are not set during initialize
94. Expired and/or paused options can still be traded
95. ERC20 transfers can misbehave
96. Incorrect event emission
97. Anyone can liquidate on behalf of another account
98. Orders cannot be cancelled
99. Re-entrancy possibilities
100. Governance parameter changes should not be instant
101. Votes can be duplicated