Static Analyzer for Solidity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
slither/trophies.md

6.2 KiB

Slither Trophies

The following lists security vulnerabilities that were found by Slither. If you found a security vulnerability using Slither, please submit a PR with the relevant information.

Project Vulnerability Date
Parity Incorrect constructor name July 2018
Parity Deletion of a mapping with structure July 2018
Parity Uninitialized state variables July 2018
Basis Missing return value check Oct 2018
Origin protocol Reentrancy Nov 2018
Numerai Deletion of a mapping with structure Jul 2019
Numerai Missing return value Jul 2019
Flexa Reentrancy (events out of order) Sep 2019
0x Missing return value Oct 2019
Token mint Reentrancies Dec 2019
Airswap Missing return value check Feb 2020
Stake Technologies Lockdrop Dangerous strict equality Mar 2020
E&Y’s Nightfall Missing return value May 2020
E&Y’s Nightfall Empty return value May 2020
DefiStrategies Modifier can return the default value May 2020
DefiStrategies Dangerous strict equality allows the contract to be trapped May 2020
DOSnetwork Abi encodedPacked collision May 2020
EthKids msg.value is used two times to compute a price May 2020
HQ20 Reentrancy May 2020
Dloop Dangerous block.timestamp usage Jun 2020
Atomic Loans Uninitialized state variable Jul 2020
Atomic Loans State variable shadowing Jul 2020
Atomic Loans Reentrancy Jul 2020
Amp Duplicate contract name Aug 2020
PerlinXRewards Multiple reentrancies Aug 2020
Linkswap Lack of return value check Nov 2020
Linkswap Uninitialized state variable Nov 2020
Cryptex Lack of return value check Nov 2020
Hermez Reentrancy Nov 2020
Unoswap Contract locking ethers Nov 2020
Idle Dangerous divide before multiply operations Dec 2020
RariCapital Lack of return value check Dec 2020
RariCapital Uninitialized state variable Dec 2020
wfil-factory Reentrancy Dec 2020
Origin Dollar Reentrancy Jan 2021
Origin Dollar Variable shadowing Jan 2021
OriginTrait Reentrancy Jan 2021
AlphaHomoraV2 Dangerous divide before multiply operations Jan 2021
Mimo Defi Lack of return value check Jan 2021
OriginTrail Lack of return value check Feb 2021
charmfinance Lack of return value check Mar 2021
VoyagerToken Lack of return value check Apr 2021
holdmybeer Reentrancies Jun 2021

Slither Rekt

The following lists security incidents that could have been prevented using Slither.

Project Vulnerability Value loss Date
Dforce Reentrancy $25m (recovered) Apr 2020
Lendf.me Incorrect self-transfer (slither-prop) $8m Sep 2020
Akropolis Reentrancy $2m Nov 2020
OUSD Reentrancy $7m Nov 2020
Furucombo Arbitrary delegatecall $15m Mar 2021
ForceDAO Lack of return value check $10m ($9.6m recovered) Apr 2021