CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
      • Best practice
      • Performance
      • Security
    • Swift
    • Terraform
    • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
Solidity

Security

erc20-public-transfer

Custom ERC20 implementation exposes _transfer() as public
Likelihood: HIGH
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

compound-sweeptoken-not-restricted

Function sweepToken is allowed to be called by anyone
Likelihood: LOW
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

arbitrary-send-erc20

msg.sender is not being used when calling erc20.transferFrom. Example - Alice approves this contract to spend her ERC20 tokens. Bob can call function ‘a’ and specify Alice’s address as the from parameter in transferFrom, allowing him to transfer Alice’s tokens to himself.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-285: Improper Authorization
OWASP:
- A01:2021 - Broken Access Control

no-bidi-characters

The code must not contain any of Unicode Direction Control Characters
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 3
- 7
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- a
-

- S
- i
- n
- g
- l
- e
- ,
-

- U
- n
- i
- q
- u
- e
-

- A
- c
- t
- i
- o
- n

erc721-reentrancy

ERC721 onERC721Received() reentrancy
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 4
- 1
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-

- W
- o
- r
- k
- f
- l
- o
- w

erc20-public-burn

Anyone can burn tokens of other accounts
Likelihood: HIGH
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

sense-missing-oracle-access-control

Oracle update is not restricted in $F()
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

erc777-reentrancy

ERC777 tokensReceived() reentrancy
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 4
- 1
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-

- W
- o
- r
- k
- f
- l
- o
- w

unrestricted-transferownership

Unrestricted transferOwnership
Likelihood: HIGH
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

curve-readonly-reentrancy

$POOL.get_virtual_price() call on a Curve pool is not protected from the read-only reentrancy.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 4
- 1
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-

- W
- o
- r
- k
- f
- l
- o
- w

redacted-cartel-custom-approval-bug

transferFrom() can steal allowance of other accounts
Likelihood: HIGH
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 6
- 8
- 8
- :
-

- F
- u
- n
- c
- t
- i
- o
- n
-

- C
- a
- l
- l
-

- W
- i
- t
- h
-

- I
- n
- c
- o
- r
- r
- e
- c
- t
-

- V
- a
- r
- i
- a
- b
- l
- e
-

- o
- r
-

- R
- e
- f
- e
- r
- e
- n
- c
- e
-

- a
- s
-

- A
- r
- g
- u
- m
- e
- n
- t

proxy-storage-collision

Proxy declares a state var that may override a storage slot of the implementation
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 7
- 8
- 7
- :
-

- O
- u
- t
- -
- o
- f
- -
- b
- o
- u
- n
- d
- s
-

- W
- r
- i
- t
- e

incorrect-use-of-blockhash

blockhash(block.number) and blockhash(block.number + N) always returns 0.
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 3
- 4
- 1
- :
-

- P
- r
- e
- d
- i
- c
- t
- a
- b
- l
- e
-

- f
- r
- o
- m
-

- O
- b
- s
- e
- r
- v
- a
- b
- l
- e
-

- S
- t
- a
- t
- e

erc721-arbitrary-transferfrom

Custom ERC721 implementation lacks access control checks in _transfer()
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

compound-borrowfresh-reentrancy

Function borrowFresh() in Compound performs state update after doTransferOut()
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 4
- 1
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-

- W
- o
- r
- k
- f
- l
- o
- w

no-slippage-check

No slippage check in a Uniswap v2/v3 trade
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 6
- 8
- 2
- :
-

- I
- n
- c
- o
- r
- r
- e
- c
- t
-

- C
- a
- l
- c
- u
- l
- a
- t
- i
- o
- n

rigoblock-missing-access-control

setMultipleAllowances() is missing onlyOwner modifier
Likelihood: HIGH
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

accessible-selfdestruct

Contract can be destructed by anyone in $FUNC
Likelihood: HIGH
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

gearbox-tokens-path-confusion

UniswapV3 adapter implemented incorrect extraction of path parameters
Likelihood: LOW
Confidence: LOW
CWE:
- C
- W
- E
- -
- 1
- 2
- 8
- 5
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n
-

- o
- f
-

- S
- p
- e
- c
- i
- f
- i
- e
- d
-

- I
- n
- d
- e
- x
- ,
-

- P
- o
- s
- i
- t
- i
- o
- n
- ,
-

- o
- r
-

- O
- f
- f
- s
- e
- t
-

- i
- n
-

- I
- n
- p
- u
- t

basic-oracle-manipulation

Price oracle can be manipulated via flashloan
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 6
- 8
- 2
- :
-

- I
- n
- c
- o
- r
- r
- e
- c
- t
-

- C
- a
- l
- c
- u
- l
- a
- t
- i
- o
- n

basic-arithmetic-underflow

Possible arithmetic underflow
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 1
- 9
- 1
- :
-

- I
- n
- t
- e
- g
- e
- r
-

- U
- n
- d
- e
- r
- f
- l
- o
- w
-

- (
- W
- r
- a
- p
-

- o
- r
-

- W
- r
- a
- p
- a
- r
- o
- u
- n
- d
- )

delegatecall-to-arbitrary-address

An attacker may perform delegatecall() to an arbitrary address.
Likelihood: HIGH
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 0
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- I
- n
- p
- u
- t
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n

keeper-network-oracle-manipulation

Keep3rV2.current() call has high data freshness, but it has low security, an exploiter simply needs to manipulate 2 data points to be able to impact the feed.
Likelihood: LOW
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 6
- 8
- 2
- :
-

- I
- n
- c
- o
- r
- r
- e
- c
- t
-

- C
- a
- l
- c
- u
- l
- a
- t
- i
- o
- n

arbitrary-low-level-call

An attacker may perform call() to an arbitrary address with controlled calldata
Likelihood: HIGH
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 0
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- I
- n
- p
- u
- t
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n

balancer-readonly-reentrancy-getpooltokens

$VAULT.getPoolTokens() call on a Balancer pool is not protected from the read-only reentrancy.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 4
- 1
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-

- W
- o
- r
- k
- f
- l
- o
- w

tecra-coin-burnfrom-bug

Parameter “from” is checked at incorrect position in “_allowances” mapping
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- C
- W
- E
- -
- 6
- 8
- 8
- :
-

- F
- u
- n
- c
- t
- i
- o
- n
-

- C
- a
- l
- l
-

- W
- i
- t
- h
-

- I
- n
- c
- o
- r
- r
- e
- c
- t
-

- V
- a
- r
- i
- a
- b
- l
- e
-

- o
- r
-

- R
- e
- f
- e
- r
- e
- n
- c
- e
-

- a
- s
-

- A
- r
- g
- u
- m
- e
- n
- t

openzeppelin-ecdsa-recover-malleable

Potential signature malleability in $F
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 3
- 4
- 7
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- V
- e
- r
- i
- f
- i
- c
- a
- t
- i
- o
- n
-

- o
- f
-

- C
- r
- y
- p
- t
- o
- g
- r
- a
- p
- h
- i
- c
-

- S
- i
- g
- n
- a
- t
- u
- r
- e

balancer-readonly-reentrancy-getrate

$VAR.getRate() call on a Balancer pool is not protected from the read-only reentrancy.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 4
- 1
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-

- W
- o
- r
- k
- f
- l
- o
- w

uniswap-callback-not-protected

Uniswap callback is not protected
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l

erc677-reentrancy

ERC677 callAfterTransfer() reentrancy
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 8
- 4
- 1
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- B
- e
- h
- a
- v
- i
- o
- r
- a
- l
-

- W
- o
- r
- k
- f
- l
- o
- w

msg-value-multicall

$F with constant msg.value can be called multiple times
Likelihood: MEDIUM
Confidence: LOW
CWE:
- C
- W
- E
- -
- 8
- 3
- 7
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- E
- n
- f
- o
- r
- c
- e
- m
- e
- n
- t
-

- o
- f
-

- a
-

- S
- i
- n
- g
- l
- e
- ,
-

- U
- n
- i
- q
- u
- e
-

- A
- c
- t
- i
- o
- n

encode-packed-collision

abi.encodePacked hash collision with variable length arguments in $F()
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 0
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- I
- n
- p
- u
- t
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n

superfluid-ctx-injection

A specially crafted calldata may be used to impersonate other accounts
Likelihood: HIGH
Confidence: HIGH
CWE:
- C
- W
- E
- -
- 2
- 0
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- I
- n
- p
- u
- t
-

- V
- a
- l
- i
- d
- a
- t
- i
- o
- n

oracle-price-update-not-restricted

Oracle price data can be submitted by anyone
Likelihood: HIGH
Confidence: LOW
CWE:
- C
- W
- E
- -
- 2
- 8
- 4
- :
-

- I
- m
- p
- r
- o
- p
- e
- r
-

- A
- c
- c
- e
- s
- s
-

- C
- o
- n
- t
- r
- o
- l
PerformanceKeychain acl allows biometry changes
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.