-
Notifications
You must be signed in to change notification settings - Fork 9
Issues: code-423n4/2023-01-biconomy-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
QA Report
bug
Something isn't working
grade-b
Q-01
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#533
opened Jan 9, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-01
grade-b
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#529
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
grade-b
Q-02
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#527
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
grade-a
Q-03
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#515
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
grade-b
Q-04
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#507
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
grade-b
Q-05
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#505
opened Jan 9, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-02
grade-b
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#503
opened Jan 9, 2023 by
code423n4
Griefing attacks on Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-01
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
handleOps
and multiSend
logic
2 (Med Risk)
#499
opened Jan 9, 2023 by
code423n4
[Medium-3] Non-compliance with EIP-4337
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#498
opened Jan 9, 2023 by
code423n4
Destruction of the Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-01
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
SmartAccount
implementation
3 (High Risk)
#496
opened Jan 9, 2023 by
code423n4
Theft of funds under relaying the transaction
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#489
opened Jan 9, 2023 by
code423n4
Signature Replay attack on re-created smart accounts
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-127
grade-b
Q-06
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#472
opened Jan 9, 2023 by
code423n4
Cross-Chain Signature Replay Attack
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
M-03
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#466
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
grade-a
Q-07
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#465
opened Jan 9, 2023 by
code423n4
Attacker can gain control of counterfactual wallet
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-03
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#460
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
grade-b
Q-09
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#450
opened Jan 9, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
edited-by-warden
G (Gas Optimization)
G-03
grade-b
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#448
opened Jan 9, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-04
grade-b
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#446
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
edited-by-warden
grade-b
Q-10
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#438
opened Jan 9, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-05
grade-b
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#436
opened Jan 9, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-06
grade-b
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#435
opened Jan 9, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-07
grade-a
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#434
opened Jan 9, 2023 by
code423n4
Hardcoding gas costs should be avoided
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
primary issue
Highest quality submission among a set of duplicates
Q-11
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#428
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
edited-by-warden
grade-b
Q-08
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#423
opened Jan 9, 2023 by
code423n4
QA Report
bug
Something isn't working
grade-b
Q-12
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#417
opened Jan 9, 2023 by
code423n4
Previous Next
ProTip!
What’s not been updated in a month: updated:<2024-08-14.