├── .github ├── scripts │ └── validate-metadata.py └── workflows │ ├── lint-rules.yaml │ ├── test-rules.yml │ └── validate-r2c-registry-metadata.yml ├── .gitignore ├── LICENSE ├── Makefile ├── README.md ├── cairo ├── lack-of-error-message.cairo ├── lack-of-error-message.yaml ├── tx-origin-authentication.cairo ├── tx-origin-authentication.yaml ├── view-fn-mutable-state.cairo ├── view-fn-mutable-state.yaml ├── view-fn-writes.cairo ├── view-fn-writes.yaml ├── zero-division.cairo └── zero-division.yaml ├── metadata-schema.yaml.schm ├── rust ├── solana-arbitrary-program-call.rs ├── solana-arbitrary-program-call.yaml ├── solana-insecure-account-closing.rs └── solana-insecure-account-closing.yaml └── solidity ├── best-practice ├── use-abi-encodecall-instead-of-encodewithselector.sol ├── use-abi-encodecall-instead-of-encodewithselector.yaml ├── use-ownable2step.sol └── use-ownable2step.yaml ├── performance ├── array-length-outside-loop.sol ├── array-length-outside-loop.yaml ├── inefficient-state-variable-increment.sol ├── inefficient-state-variable-increment.yaml ├── init-variables-with-default-value.sol ├── init-variables-with-default-value.yaml ├── non-optimal-variables-swap.sol ├── non-optimal-variables-swap.yaml ├── non-payable-constructor.sol ├── non-payable-constructor.yaml ├── state-variable-read-in-a-loop.sol ├── state-variable-read-in-a-loop.yaml ├── unnecessary-checked-arithmetic-in-loop.sol ├── unnecessary-checked-arithmetic-in-loop.yaml ├── use-custom-error-not-require.sol ├── use-custom-error-not-require.yaml ├── use-multiple-require.sol ├── use-multiple-require.yaml ├── use-nested-if.sol ├── use-nested-if.yaml ├── use-prefix-decrement-not-postfix.sol ├── use-prefix-decrement-not-postfix.yaml ├── use-prefix-increment-not-postfix.sol ├── use-prefix-increment-not-postfix.yaml ├── use-short-revert-string.sol └── use-short-revert-string.yaml └── security ├── accessible-selfdestruct.sol ├── accessible-selfdestruct.yaml ├── arbitrary-low-level-call.sol ├── arbitrary-low-level-call.yaml ├── bad-transferfrom-access-control.sol ├── bad-transferfrom-access-control.yaml ├── balancer-readonly-reentrancy-getpooltokens.sol ├── balancer-readonly-reentrancy-getpooltokens.yaml ├── balancer-readonly-reentrancy-getrate.sol ├── balancer-readonly-reentrancy-getrate.yaml ├── basic-arithmetic-underflow.sol ├── basic-arithmetic-underflow.yaml ├── basic-oracle-manipulation.sol ├── basic-oracle-manipulation.yaml ├── compound-borrowfresh-reentrancy.sol ├── compound-borrowfresh-reentrancy.yaml ├── compound-precision-loss.sol ├── compound-precision-loss.yaml ├── compound-sweeptoken-not-restricted.sol ├── compound-sweeptoken-not-restricted.yaml ├── curve-readonly-reentrancy.sol ├── curve-readonly-reentrancy.yaml ├── delegatecall-to-arbitrary-address.sol ├── delegatecall-to-arbitrary-address.yaml ├── encode-packed-collision.sol ├── encode-packed-collision.yaml ├── erc20-public-burn.sol ├── erc20-public-burn.yaml ├── erc20-public-transfer.sol ├── erc20-public-transfer.yaml ├── erc677-reentrancy.sol ├── erc677-reentrancy.yaml ├── erc721-arbitrary-transferfrom.sol ├── erc721-arbitrary-transferfrom.yaml ├── erc721-reentrancy.sol ├── erc721-reentrancy.yaml ├── erc777-reentrancy.sol ├── erc777-reentrancy.yaml ├── exact-balance-check.sol ├── exact-balance-check.yaml ├── gearbox-tokens-path-confusion.sol ├── gearbox-tokens-path-confusion.yaml ├── incorrect-use-of-blockhash.sol ├── incorrect-use-of-blockhash.yaml ├── keeper-network-oracle-manipulation.sol ├── keeper-network-oracle-manipulation.yaml ├── missing-assignment.sol ├── missing-assignment.yaml ├── msg-value-multicall.sol ├── msg-value-multicall.yaml ├── no-bidi-characters.sol ├── no-bidi-characters.yaml ├── no-slippage-check.sol ├── no-slippage-check.yaml ├── olympus-dao-staking-incorrect-call-order.sol ├── olympus-dao-staking-incorrect-call-order.yaml ├── openzeppelin-ecdsa-recover-malleable.sol ├── openzeppelin-ecdsa-recover-malleable.yaml ├── oracle-price-update-not-restricted.sol ├── oracle-price-update-not-restricted.yaml ├── oracle-uses-curve-spot-price.sol ├── oracle-uses-curve-spot-price.yaml ├── proxy-storage-collision.sol ├── proxy-storage-collision.yaml ├── public-transfer-fees-supporting-tax-tokens.sol ├── public-transfer-fees-supporting-tax-tokens.yaml ├── redacted-cartel-custom-approval-bug.sol ├── redacted-cartel-custom-approval-bug.yaml ├── rigoblock-missing-access-control.sol ├── rigoblock-missing-access-control.yaml ├── sense-missing-oracle-access-control.sol ├── sense-missing-oracle-access-control.yaml ├── superfluid-ctx-injection.sol ├── superfluid-ctx-injection.yaml ├── tecra-coin-burnfrom-bug.sol ├── tecra-coin-burnfrom-bug.yaml ├── thirdweb-vulnerability.sol ├── thirdweb-vulnerability.yaml ├── uniswap-callback-not-protected.sol ├── uniswap-callback-not-protected.yaml ├── uniswap-v4-callback-not-protected.sol ├── uniswap-v4-callback-not-protected.yaml ├── unrestricted-transferownership.sol └── unrestricted-transferownership.yaml /.github/scripts/validate-metadata.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/.github/scripts/validate-metadata.py -------------------------------------------------------------------------------- /.github/workflows/lint-rules.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/.github/workflows/lint-rules.yaml -------------------------------------------------------------------------------- /.github/workflows/test-rules.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/.github/workflows/test-rules.yml -------------------------------------------------------------------------------- /.github/workflows/validate-r2c-registry-metadata.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/.github/workflows/validate-r2c-registry-metadata.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | .history/ 3 | .vscode/ 4 | *.swp 5 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/LICENSE -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/README.md -------------------------------------------------------------------------------- /cairo/lack-of-error-message.cairo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/lack-of-error-message.cairo -------------------------------------------------------------------------------- /cairo/lack-of-error-message.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/lack-of-error-message.yaml -------------------------------------------------------------------------------- /cairo/tx-origin-authentication.cairo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/tx-origin-authentication.cairo -------------------------------------------------------------------------------- /cairo/tx-origin-authentication.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/tx-origin-authentication.yaml -------------------------------------------------------------------------------- /cairo/view-fn-mutable-state.cairo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/view-fn-mutable-state.cairo -------------------------------------------------------------------------------- /cairo/view-fn-mutable-state.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/view-fn-mutable-state.yaml -------------------------------------------------------------------------------- /cairo/view-fn-writes.cairo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/view-fn-writes.cairo -------------------------------------------------------------------------------- /cairo/view-fn-writes.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/view-fn-writes.yaml -------------------------------------------------------------------------------- /cairo/zero-division.cairo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/zero-division.cairo -------------------------------------------------------------------------------- /cairo/zero-division.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/cairo/zero-division.yaml -------------------------------------------------------------------------------- /metadata-schema.yaml.schm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/metadata-schema.yaml.schm -------------------------------------------------------------------------------- /rust/solana-arbitrary-program-call.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/rust/solana-arbitrary-program-call.rs -------------------------------------------------------------------------------- /rust/solana-arbitrary-program-call.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/rust/solana-arbitrary-program-call.yaml -------------------------------------------------------------------------------- /rust/solana-insecure-account-closing.rs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/rust/solana-insecure-account-closing.rs -------------------------------------------------------------------------------- /rust/solana-insecure-account-closing.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/rust/solana-insecure-account-closing.yaml -------------------------------------------------------------------------------- /solidity/best-practice/use-abi-encodecall-instead-of-encodewithselector.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/best-practice/use-abi-encodecall-instead-of-encodewithselector.sol -------------------------------------------------------------------------------- /solidity/best-practice/use-abi-encodecall-instead-of-encodewithselector.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/best-practice/use-abi-encodecall-instead-of-encodewithselector.yaml -------------------------------------------------------------------------------- /solidity/best-practice/use-ownable2step.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/best-practice/use-ownable2step.sol -------------------------------------------------------------------------------- /solidity/best-practice/use-ownable2step.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/best-practice/use-ownable2step.yaml -------------------------------------------------------------------------------- /solidity/performance/array-length-outside-loop.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/array-length-outside-loop.sol -------------------------------------------------------------------------------- /solidity/performance/array-length-outside-loop.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/array-length-outside-loop.yaml -------------------------------------------------------------------------------- /solidity/performance/inefficient-state-variable-increment.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/inefficient-state-variable-increment.sol -------------------------------------------------------------------------------- /solidity/performance/inefficient-state-variable-increment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/inefficient-state-variable-increment.yaml -------------------------------------------------------------------------------- /solidity/performance/init-variables-with-default-value.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/init-variables-with-default-value.sol -------------------------------------------------------------------------------- /solidity/performance/init-variables-with-default-value.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/init-variables-with-default-value.yaml -------------------------------------------------------------------------------- /solidity/performance/non-optimal-variables-swap.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/non-optimal-variables-swap.sol -------------------------------------------------------------------------------- /solidity/performance/non-optimal-variables-swap.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/non-optimal-variables-swap.yaml -------------------------------------------------------------------------------- /solidity/performance/non-payable-constructor.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/non-payable-constructor.sol -------------------------------------------------------------------------------- /solidity/performance/non-payable-constructor.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/non-payable-constructor.yaml -------------------------------------------------------------------------------- /solidity/performance/state-variable-read-in-a-loop.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/state-variable-read-in-a-loop.sol -------------------------------------------------------------------------------- /solidity/performance/state-variable-read-in-a-loop.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/state-variable-read-in-a-loop.yaml -------------------------------------------------------------------------------- /solidity/performance/unnecessary-checked-arithmetic-in-loop.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/unnecessary-checked-arithmetic-in-loop.sol -------------------------------------------------------------------------------- /solidity/performance/unnecessary-checked-arithmetic-in-loop.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/unnecessary-checked-arithmetic-in-loop.yaml -------------------------------------------------------------------------------- /solidity/performance/use-custom-error-not-require.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-custom-error-not-require.sol -------------------------------------------------------------------------------- /solidity/performance/use-custom-error-not-require.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-custom-error-not-require.yaml -------------------------------------------------------------------------------- /solidity/performance/use-multiple-require.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-multiple-require.sol -------------------------------------------------------------------------------- /solidity/performance/use-multiple-require.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-multiple-require.yaml -------------------------------------------------------------------------------- /solidity/performance/use-nested-if.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-nested-if.sol -------------------------------------------------------------------------------- /solidity/performance/use-nested-if.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-nested-if.yaml -------------------------------------------------------------------------------- /solidity/performance/use-prefix-decrement-not-postfix.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-prefix-decrement-not-postfix.sol -------------------------------------------------------------------------------- /solidity/performance/use-prefix-decrement-not-postfix.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-prefix-decrement-not-postfix.yaml -------------------------------------------------------------------------------- /solidity/performance/use-prefix-increment-not-postfix.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-prefix-increment-not-postfix.sol -------------------------------------------------------------------------------- /solidity/performance/use-prefix-increment-not-postfix.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-prefix-increment-not-postfix.yaml -------------------------------------------------------------------------------- /solidity/performance/use-short-revert-string.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-short-revert-string.sol -------------------------------------------------------------------------------- /solidity/performance/use-short-revert-string.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/performance/use-short-revert-string.yaml -------------------------------------------------------------------------------- /solidity/security/accessible-selfdestruct.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/accessible-selfdestruct.sol -------------------------------------------------------------------------------- /solidity/security/accessible-selfdestruct.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/accessible-selfdestruct.yaml -------------------------------------------------------------------------------- /solidity/security/arbitrary-low-level-call.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/arbitrary-low-level-call.sol -------------------------------------------------------------------------------- /solidity/security/arbitrary-low-level-call.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/arbitrary-low-level-call.yaml -------------------------------------------------------------------------------- /solidity/security/bad-transferfrom-access-control.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/bad-transferfrom-access-control.sol -------------------------------------------------------------------------------- /solidity/security/bad-transferfrom-access-control.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/bad-transferfrom-access-control.yaml -------------------------------------------------------------------------------- /solidity/security/balancer-readonly-reentrancy-getpooltokens.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/balancer-readonly-reentrancy-getpooltokens.sol -------------------------------------------------------------------------------- /solidity/security/balancer-readonly-reentrancy-getpooltokens.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/balancer-readonly-reentrancy-getpooltokens.yaml -------------------------------------------------------------------------------- /solidity/security/balancer-readonly-reentrancy-getrate.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/balancer-readonly-reentrancy-getrate.sol -------------------------------------------------------------------------------- /solidity/security/balancer-readonly-reentrancy-getrate.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/balancer-readonly-reentrancy-getrate.yaml -------------------------------------------------------------------------------- /solidity/security/basic-arithmetic-underflow.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/basic-arithmetic-underflow.sol -------------------------------------------------------------------------------- /solidity/security/basic-arithmetic-underflow.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/basic-arithmetic-underflow.yaml -------------------------------------------------------------------------------- /solidity/security/basic-oracle-manipulation.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/basic-oracle-manipulation.sol -------------------------------------------------------------------------------- /solidity/security/basic-oracle-manipulation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/basic-oracle-manipulation.yaml -------------------------------------------------------------------------------- /solidity/security/compound-borrowfresh-reentrancy.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/compound-borrowfresh-reentrancy.sol -------------------------------------------------------------------------------- /solidity/security/compound-borrowfresh-reentrancy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/compound-borrowfresh-reentrancy.yaml -------------------------------------------------------------------------------- /solidity/security/compound-precision-loss.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/compound-precision-loss.sol -------------------------------------------------------------------------------- /solidity/security/compound-precision-loss.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/compound-precision-loss.yaml -------------------------------------------------------------------------------- /solidity/security/compound-sweeptoken-not-restricted.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/compound-sweeptoken-not-restricted.sol -------------------------------------------------------------------------------- /solidity/security/compound-sweeptoken-not-restricted.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/compound-sweeptoken-not-restricted.yaml -------------------------------------------------------------------------------- /solidity/security/curve-readonly-reentrancy.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/curve-readonly-reentrancy.sol -------------------------------------------------------------------------------- /solidity/security/curve-readonly-reentrancy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/curve-readonly-reentrancy.yaml -------------------------------------------------------------------------------- /solidity/security/delegatecall-to-arbitrary-address.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/delegatecall-to-arbitrary-address.sol -------------------------------------------------------------------------------- /solidity/security/delegatecall-to-arbitrary-address.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/delegatecall-to-arbitrary-address.yaml -------------------------------------------------------------------------------- /solidity/security/encode-packed-collision.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/encode-packed-collision.sol -------------------------------------------------------------------------------- /solidity/security/encode-packed-collision.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/encode-packed-collision.yaml -------------------------------------------------------------------------------- /solidity/security/erc20-public-burn.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc20-public-burn.sol -------------------------------------------------------------------------------- /solidity/security/erc20-public-burn.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc20-public-burn.yaml -------------------------------------------------------------------------------- /solidity/security/erc20-public-transfer.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc20-public-transfer.sol -------------------------------------------------------------------------------- /solidity/security/erc20-public-transfer.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc20-public-transfer.yaml -------------------------------------------------------------------------------- /solidity/security/erc677-reentrancy.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc677-reentrancy.sol -------------------------------------------------------------------------------- /solidity/security/erc677-reentrancy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc677-reentrancy.yaml -------------------------------------------------------------------------------- /solidity/security/erc721-arbitrary-transferfrom.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc721-arbitrary-transferfrom.sol -------------------------------------------------------------------------------- /solidity/security/erc721-arbitrary-transferfrom.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc721-arbitrary-transferfrom.yaml -------------------------------------------------------------------------------- /solidity/security/erc721-reentrancy.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc721-reentrancy.sol -------------------------------------------------------------------------------- /solidity/security/erc721-reentrancy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc721-reentrancy.yaml -------------------------------------------------------------------------------- /solidity/security/erc777-reentrancy.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc777-reentrancy.sol -------------------------------------------------------------------------------- /solidity/security/erc777-reentrancy.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/erc777-reentrancy.yaml -------------------------------------------------------------------------------- /solidity/security/exact-balance-check.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/exact-balance-check.sol -------------------------------------------------------------------------------- /solidity/security/exact-balance-check.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/exact-balance-check.yaml -------------------------------------------------------------------------------- /solidity/security/gearbox-tokens-path-confusion.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/gearbox-tokens-path-confusion.sol -------------------------------------------------------------------------------- /solidity/security/gearbox-tokens-path-confusion.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/gearbox-tokens-path-confusion.yaml -------------------------------------------------------------------------------- /solidity/security/incorrect-use-of-blockhash.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/incorrect-use-of-blockhash.sol -------------------------------------------------------------------------------- /solidity/security/incorrect-use-of-blockhash.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/incorrect-use-of-blockhash.yaml -------------------------------------------------------------------------------- /solidity/security/keeper-network-oracle-manipulation.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/keeper-network-oracle-manipulation.sol -------------------------------------------------------------------------------- /solidity/security/keeper-network-oracle-manipulation.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/keeper-network-oracle-manipulation.yaml -------------------------------------------------------------------------------- /solidity/security/missing-assignment.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/missing-assignment.sol -------------------------------------------------------------------------------- /solidity/security/missing-assignment.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/missing-assignment.yaml -------------------------------------------------------------------------------- /solidity/security/msg-value-multicall.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/msg-value-multicall.sol -------------------------------------------------------------------------------- /solidity/security/msg-value-multicall.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/msg-value-multicall.yaml -------------------------------------------------------------------------------- /solidity/security/no-bidi-characters.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/no-bidi-characters.sol -------------------------------------------------------------------------------- /solidity/security/no-bidi-characters.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/no-bidi-characters.yaml -------------------------------------------------------------------------------- /solidity/security/no-slippage-check.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/no-slippage-check.sol -------------------------------------------------------------------------------- /solidity/security/no-slippage-check.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/no-slippage-check.yaml -------------------------------------------------------------------------------- /solidity/security/olympus-dao-staking-incorrect-call-order.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/olympus-dao-staking-incorrect-call-order.sol -------------------------------------------------------------------------------- /solidity/security/olympus-dao-staking-incorrect-call-order.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/olympus-dao-staking-incorrect-call-order.yaml -------------------------------------------------------------------------------- /solidity/security/openzeppelin-ecdsa-recover-malleable.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/openzeppelin-ecdsa-recover-malleable.sol -------------------------------------------------------------------------------- /solidity/security/openzeppelin-ecdsa-recover-malleable.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/openzeppelin-ecdsa-recover-malleable.yaml -------------------------------------------------------------------------------- /solidity/security/oracle-price-update-not-restricted.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/oracle-price-update-not-restricted.sol -------------------------------------------------------------------------------- /solidity/security/oracle-price-update-not-restricted.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/oracle-price-update-not-restricted.yaml -------------------------------------------------------------------------------- /solidity/security/oracle-uses-curve-spot-price.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/oracle-uses-curve-spot-price.sol -------------------------------------------------------------------------------- /solidity/security/oracle-uses-curve-spot-price.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/oracle-uses-curve-spot-price.yaml -------------------------------------------------------------------------------- /solidity/security/proxy-storage-collision.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/proxy-storage-collision.sol -------------------------------------------------------------------------------- /solidity/security/proxy-storage-collision.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/proxy-storage-collision.yaml -------------------------------------------------------------------------------- /solidity/security/public-transfer-fees-supporting-tax-tokens.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/public-transfer-fees-supporting-tax-tokens.sol -------------------------------------------------------------------------------- /solidity/security/public-transfer-fees-supporting-tax-tokens.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/public-transfer-fees-supporting-tax-tokens.yaml -------------------------------------------------------------------------------- /solidity/security/redacted-cartel-custom-approval-bug.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/redacted-cartel-custom-approval-bug.sol -------------------------------------------------------------------------------- /solidity/security/redacted-cartel-custom-approval-bug.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/redacted-cartel-custom-approval-bug.yaml -------------------------------------------------------------------------------- /solidity/security/rigoblock-missing-access-control.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/rigoblock-missing-access-control.sol -------------------------------------------------------------------------------- /solidity/security/rigoblock-missing-access-control.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/rigoblock-missing-access-control.yaml -------------------------------------------------------------------------------- /solidity/security/sense-missing-oracle-access-control.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/sense-missing-oracle-access-control.sol -------------------------------------------------------------------------------- /solidity/security/sense-missing-oracle-access-control.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/sense-missing-oracle-access-control.yaml -------------------------------------------------------------------------------- /solidity/security/superfluid-ctx-injection.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/superfluid-ctx-injection.sol -------------------------------------------------------------------------------- /solidity/security/superfluid-ctx-injection.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/superfluid-ctx-injection.yaml -------------------------------------------------------------------------------- /solidity/security/tecra-coin-burnfrom-bug.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/tecra-coin-burnfrom-bug.sol -------------------------------------------------------------------------------- /solidity/security/tecra-coin-burnfrom-bug.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/tecra-coin-burnfrom-bug.yaml -------------------------------------------------------------------------------- /solidity/security/thirdweb-vulnerability.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/thirdweb-vulnerability.sol -------------------------------------------------------------------------------- /solidity/security/thirdweb-vulnerability.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/thirdweb-vulnerability.yaml -------------------------------------------------------------------------------- /solidity/security/uniswap-callback-not-protected.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/uniswap-callback-not-protected.sol -------------------------------------------------------------------------------- /solidity/security/uniswap-callback-not-protected.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/uniswap-callback-not-protected.yaml -------------------------------------------------------------------------------- /solidity/security/uniswap-v4-callback-not-protected.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/uniswap-v4-callback-not-protected.sol -------------------------------------------------------------------------------- /solidity/security/uniswap-v4-callback-not-protected.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/uniswap-v4-callback-not-protected.yaml -------------------------------------------------------------------------------- /solidity/security/unrestricted-transferownership.sol: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/unrestricted-transferownership.sol -------------------------------------------------------------------------------- /solidity/security/unrestricted-transferownership.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Decurity/semgrep-smart-contracts/HEAD/solidity/security/unrestricted-transferownership.yaml --------------------------------------------------------------------------------