Platform: Code4rena
Start Date: 08/11/2022
Pot Size: $60,500 USDC
Total HM: 6
Participants: 72
Period: 5 days
Judge: Picodes
Total Solo HM: 2
Id: 178
League: ETH
Rank: 52/72
Findings: 1
Award: $36.34
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: RaymondFam
Also found by: 0x1f8b, 0x52, 0xSmartContract, 0xc0ffEE, 0xhacksmithh, 8olidity, Awesome, BClabs, Bnke0x0, Chom, Deivitto, Hashlock, IllIllI, Josiah, KingNFT, Nyx, R2, ReyAdmirado, Rolezn, SamGMK, Sathish9098, SinceJuly, V_B, Vadis, Waze, a12jmx, adriro, ajtra, aphak5010, bearonbike, bin, brgltd, carlitox477, carrotsmuggler, cccz, ch0bu, chaduke, datapunk, delfin454000, erictee, fatherOfBlocks, fs0c, horsefacts, jayphbee, ktg, ladboy233, pashov, perseverancesuccess, rbserver, ret2basic, tnevler, zaskoh
36.3434 USDC - $36.34
Add check for address(0x0)
SeaportProxy.sol#L47 LooksRareProxy.sol#L39
If the intention is for the Ether to be used, the function should call another function, otherwise it should revert (e.g. require(msg.sender == address(weth))). Having no access control on the function means that someone may send Ether to the contract, and have no way to get anything back out, which is a loss of funds
There are some contract with the pragma solidity directive ^0.8.14 or ^0.8.0. It is recommended to specify a fixed compiler version to ensure that the bytecode produced does not vary between builds. This is especially important if you rely on bytecode-level verification of the code.
Lock the pragma.
ReentrancyGuard.sol#L2 OwnableTwoSteps.sol#L2 SignatureChecker.sol#L2 LowLevelERC20Approve.sol#L2 LowLevelERC20Transfer.sol#L4 LowLevelERC721Transfer.sol#L2 LowLevelERC1155Transfer.sol#L2 LowLevelETH.sol#L2 IERC20.sol#L2 IERC721.sol#L2 IERC1155.sol#L2
Replace the magic numbers for a constant that describe the meaning of it.
#0 - c4-judge
2022-11-21T16:58:03Z
Picodes marked the issue as grade-b
#1 - c4-sponsor
2022-11-24T18:22:50Z
0xhiroshi requested judge review
#2 - 0xhiroshi
2022-11-24T18:22:54Z
addressed in other issues