Issues
- 2
Unsanitized Input in mint() Allows JSON Injection, Compromising NFT Metadata Integrity
#634 opened by c4-bot-3 - 2
Insufficient Slippage Protection in Share Trading
#651 opened by c4-bot-7 - 0
- 0
- 0
Gas Optimizations
#656 opened by c4-bot-3 - 0
- 0
- 0
- 0
Unchecked ERC20 Return Values in Phi Protocol Contracts Risk Unauthorized State Changes and Financial Discrepancies
#623 opened by c4-bot-4 - 0
VerificationType is not enforced for claiming NFT directly with signatureClaim()
#625 opened by c4-bot-8 - 0
When calculating the price, the cred can return an incorrect price after a fee.
#626 opened by c4-bot-5 - 0
changes balance of all intended actors in RewardControl contract but the actual money not deposited to Rewardcontrol contract
#627 opened by c4-bot-8 - 0
Zero Address Issue in `claimFromFactory`
#628 opened by c4-bot-1 - 0
Insufficient Ownership Verification in signatureClaim Allows Unauthorized NFT Manipulation
#629 opened by c4-bot-8 - 0
- 0
excessive gas uses unnecessarily, lead to revert in trasaction due to high gas cost with large numRecipients
#631 opened by c4-bot-3 - 0
Potential Issue with Fee-on-Transfer and Blacklisted Tokens in `deposit` Function
#633 opened by c4-bot-3 - 0
- 0
Division by Zero Vulnerability in the `_curve` Function of the `BondingCurve` Contract
#638 opened by c4-bot-2 - 0
Buying price is greater than selling price, no one buys a depreciating asset and leads to dead protocol
#639 opened by c4-bot-10 - 0
`withdrawFor` can be used to lock some users asset
#642 opened by c4-bot-3 - 0
- 0
Lack of Access Control in RewardControl
#645 opened by c4-bot-5 - 0
Incomplete Reward Claims Due to Insufficient Balance and Misleading Event Emissions
#647 opened by c4-bot-9 - 0
Strict Check used with `msg.value`
#648 opened by c4-bot-9 - 0
Share Lock Period Bypass in Batch Operations
#650 opened by c4-bot-7 - 0
- 0
Reentrancy Vulnerability in Reward Distribution and NFT Management Allows Recursive Exploits and Unauthorized Transactions
#657 opened by c4-bot-3 - 0
- 0
- 0
Possible underflow could miscalculate fees and revert
#661 opened by c4-bot-3 - 0
Insufficient Validation in createArt Allows Manipulation of NFT Creation and Unauthorized Credential Issuance
#662 opened by c4-bot-3 - 0
Potential Array Length Mismatch in Batch Operations
#665 opened by c4-bot-6 - 0
- 0
- 0
Unrestricted usage of `soulBounded` parameter breaks `PhiNFT1155` compliance with ERC-1155, and allows to create honey pots
#621 opened by c4-bot-10 - 0
Using the `this` keyword to pass `mintFee` ETh value in the `claim(...)` function causes loss of excess ETH
#632 opened by c4-bot-4 - 0
No limit on `protocolFeePercent` in Cred Contract
#635 opened by c4-bot-8 - 0
- 0
- 0
`updateArtSettings` in `PhiFactory.sol` can still be called even if contract is paused
#641 opened by c4-bot-3 - 0
Signature Replay Vulnerability in Art Creation
#643 opened by c4-bot-1 - 0
Malicious user could bypass share lock period and receive maximum curator rewards without ever being a share holder
#646 opened by c4-bot-9 - 0
- 0
Function _removeCredIdPerAddress() is public leading to DOS attacks when users sell shares
#652 opened by c4-bot-5 - 0
Locked Funds Due to Missing Withdraw Function
#660 opened by c4-bot-6 - 0
Refunds are not correctly handled and would be locked in PhiNFT1155.sol contract instances and PhiFactory
#664 opened by c4-bot-6 - 0
- 0
- 1