Slither Trophies
February 20, 2024 · View on GitHub
The following lists security vulnerabilities that were found by Slither. If you found a security vulnerability using Slither, please submit a PR with the relevant information.
| Project | Vulnerability | Date |
|---|---|---|
| Parity | Incorrect constructor name | July 2018 |
| Parity | Deletion of a mapping with structure | July 2018 |
| Parity | Uninitialized state variables | July 2018 |
| Basis | Missing return value check | Oct 2018 |
| Origin protocol | Reentrancy | Nov 2018 |
| Numerai | Deletion of a mapping with structure | Jul 2019 |
| Numerai | Missing return value | Jul 2019 |
| Flexa | Reentrancy (events out of order) | Sep 2019 |
| 0x | Missing return value | Oct 2019 |
| Token mint | Reentrancies | Dec 2019 |
| Airswap | Missing return value check | Feb 2020 |
| Stake Technologies Lockdrop | Dangerous strict equality | Mar 2020 |
| E&Y’s Nightfall | Missing return value | May 2020 |
| E&Y’s Nightfall | Empty return value | May 2020 |
| DefiStrategies | Modifier can return the default value | May 2020 |
| DefiStrategies | Dangerous strict equality allows the contract to be trapped | May 2020 |
| DOSnetwork | Abi encodedPacked collision | May 2020 |
| EthKids | msg.value is used two times to compute a price | May 2020 |
| HQ20 | Reentrancy | May 2020 |
| Dloop | Dangerous block.timestamp usage | Jun 2020 |
| Atomic Loans | Uninitialized state variable | Jul 2020 |
| Atomic Loans | State variable shadowing | Jul 2020 |
| Atomic Loans | Reentrancy | Jul 2020 |
| Amp | Duplicate contract name | Aug 2020 |
| PerlinXRewards | Multiple reentrancies | Aug 2020 |
| Linkswap | Lack of return value check | Nov 2020 |
| Linkswap | Uninitialized state variable | Nov 2020 |
| Cryptex | Lack of return value check | Nov 2020 |
| Hermez | Reentrancy | Nov 2020 |
| Unoswap | Contract locking ethers | Nov 2020 |
| Idle | Dangerous divide before multiply operations | Dec 2020 |
| RariCapital | Lack of return value check | Dec 2020 |
| RariCapital | Uninitialized state variable | Dec 2020 |
| wfil-factory | Reentrancy | Dec 2020 |
| Origin Dollar | Reentrancy | Jan 2021 |
| Origin Dollar | Variable shadowing | Jan 2021 |
| OriginTrait | Reentrancy | Jan 2021 |
| AlphaHomoraV2 | Dangerous divide before multiply operations | Jan 2021 |
| Mimo Defi | Lack of return value check | Jan 2021 |
| OriginTrail | Lack of return value check | Feb 2021 |
| charmfinance | Lack of return value check | Mar 2021 |
| VoyagerToken | Lack of return value check | Apr 2021 |
| holdmybeer | Reentrancies | Jun 2021 |
Slither Rekt
The following lists security incidents that could have been prevented using Slither.
| Project | Vulnerability | Value loss | Date |
|---|---|---|---|
| Dforce | Reentrancy | $25m (recovered) | Apr 2020 |
| Lendf.me | Incorrect self-transfer (slither-prop) | $8m | Sep 2020 |
| Akropolis | Reentrancy | $2m | Nov 2020 |
| OUSD | Reentrancy | $7m | Nov 2020 |
| Furucombo | Arbitrary delegatecall | $15m | Mar 2021 |
| ForceDAO | Lack of return value check | $10m ($9.6m recovered) | Apr 2021 |