All Vulnerability Patterns
Browse all 109 security patterns for smart contract analysis
keccak256 collisions
keccak256\(abi\.encodePacked\(
tx.origin
tx\.origin
Unsecure Proxy initialize
function initialize\(\)
Missconfigured Admin Methods
function.*(Ownership|swap|set|admin|owner|destruct|change).*public
Missconfigured Admin Methods (upgrades)
function.*(upgrade|update|delegate).*public
Missconfigured Admin Methods (migrate)
function.*migrate\(
Missconfigured methods
function.*(burn|mint|swap|withdraw|transfer|send).*public
constructor missconfigurations
constructor\(\) public
Missing access control
function.*(withdraw|transfer|mint|burn).*external[^{]*\{[^}]*(?!onlyOwner|require)
Unprotected selfdestruct
selfdestruct\([^)]*\)
Missing onlyOwner modifier
function.*(set|update|change|remove|add).*public(?!.*onlyOwner)
delegatecall
\.delegatecall\(
Unsecure raw call
\.call\.value\(.*\)\(\"\"\)
State change after external call
\.call\{.*\}.*;\s*\w+\s*=
Cross-function reentrancy
\.call\{.*\}\([^)]*\).*function
Read-only reentrancy
balanceOf\(.*\).*\.call\{
extcodesize
extcodesize\(
selfdestruct
selfdestruct\(
mstore | mload
(mstore|mload)
sstore
sstore\(
inline assembly
assembly\s*\{
staticcall
\.staticcall\(
returndatasize
returndatasize\(
codecopy
codecopy\(
create2
create2\(
hardcoded addresses
0x[0-9a-zA-Z]{40};
Old compiler versions
^pragma solidity(.*)0\.4
untrusted parameters (calldata)
function.*calldata.*public
untrusted parameters (memory)
function.*memory.*public
recover
recover\(
abi.decode
abi\.decode\(
function set address
function.*set.*address.*
unsafe transfer
erc20.*transfer\(
Unchecked math
unchecked\s*\{
Division before multiplication
\/.*\*
Magic numbers
==\s*\d{5,}|>\s*\d{5,}|<\s*\d{5,}
Hardcoded gas limits
\.call\{gas:\s*\d+\}
Advanced chainlink
chainlink
Stale price data
(latestRoundData|getRoundData)\(
TWAP manipulation
observe\(|consult\(
Price oracle
(getPrice|latestAnswer|getLatestPrice)\(
Missing oracle heartbeat check
latestRoundData.*(?!updatedAt)
Advanced Flash loans 1
flashLoan\(
Advanced Flash loans 2
onFlashLoan\(
Advanced Flash loans 3
ERC3156FlashBorrower.onFlashLoan
Advanced Standard ERC4626 token vaults
ERC4626
Advanced Hardened ERC4626 with OpenZeppelin
(previewWithdraw|previewDeposit)\(
Advanced comptroller
comptroller
Advanced interest rate models
interestrate
Slippage control
(slippage|minAmount|amountOutMin)
MEV sandwich attack vector
swap.*deadline|deadline.*swap
Liquidity pool manipulation
(addLiquidity|removeLiquidity)\(
Yield farming risk
(stake|unstake|harvest|compound)\(
Vault share inflation
totalSupply\(\)\s*==\s*0
ERC20 approve race
approve\([^,]+,\s*[^0]
Missing zero address check
require\([^)]*!=\s*address\(0\)
Unsafe ERC20 operations
\.transfer\(|\.transferFrom\(
Missing return value check
IERC20\([^)]+\)\.(transfer|transferFrom|approve)\(
Permit function
permit\(
ERC721 safe transfer
safeTransferFrom\(
ERC1155 batch operations
(safeBatchTransferFrom|balanceOfBatch)\(
Advanced multisig
multisig
Advanced signature
signature
Timelock bypass
timelock|TimeLock
Governance attack vector
(propose|vote|execute|queue)\(
Quorum manipulation
quorum|votingPower
Signature replay
(ecrecover|ECDSA\.recover)\(
Missing nonce
signature.*(?!nonce)
Weak randomness
(block\.timestamp|block\.number|blockhash).*random
Proxy collision
ERC1967|TransparentUpgradeableProxy|UUPSUpgradeable
Storage collision
StorageSlot|bytes32.*slot
Uninitialized proxy
initializer|reinitializer
Implementation self-destruct
selfdestruct.*implementation
Missing gap variable
__gap
Unbounded loop
for\s*\([^)]+\.length
External call in loop
for.*\{[^}]*\.call
Push to array
\.push\(
Delete array element
delete.*\[
Gas griefing
gasleft\(\)
assert
assert\(
require
require\(
revert
revert\(
Custom errors
error\s+\w+\(
Try catch
try.*catch
Block timestamp
block\.timestamp
Block number dependence
block\.number
Block hash
blockhash\(
Deadline checks
deadline|expiry|expires
Bridge vulnerability
(bridge|crossChain|layerZero|anyCall)\(
Message verification
(verifyMessage|checkMessage)\(
Chain ID check
block\.chainid|chainId
random
random
deposit
deposit
delete
delete
Advanced Uncallable pause function
_?pause\(\).*internal
Blacklist function
(blacklist|blocklist|denylist)\(
Fee on transfer
fee.*transfer|transfer.*fee
Rebasing token
rebase\(
Callback functions
(onERC721Received|onERC1155Received|tokensReceived)\(
GPT Reentrancy Vulnerability
(\.call\()|(\.delegatecall\()|(\.send\()|(\.transfer\()
GPT Unchecked External Calls
(\.call\()|(\.delegatecall\()|(\.send\()|(\.transfer\()|(\.rawCall\()|(\.callcode\()
GPT Integer Overflow/Underflow
(overflow|underflow)
GPT Unchecked Ownership
(owner|admin|controller|master)
GPT Denial of Service (DoS) Vulnerabilities
(owner|admin|controller|master)
GPT Unchecked Input Validation
(verify|validate|check|assert|calldata|memory)
GPT Front-running Risk
(commit|reveal|auction|bid)\(
GPT Centralization Risk
(onlyOwner|onlyAdmin|onlyRole|hasRole)\(
GPT Logic Errors
(if|else|while|for).*\{
GPT State Inconsistency
(balances|allowances|stakes)\[
Access Control
11 vulnerability patterns in this category
keccak256 collisions
keccak256\(abi\.encodePacked\(
tx.origin
tx\.origin
Unsecure Proxy initialize
function initialize\(\)
Missconfigured Admin Methods
function.*(Ownership|swap|set|admin|owner|destruct|change).*public
Missconfigured Admin Methods (upgrades)
function.*(upgrade|update|delegate).*public
Missconfigured Admin Methods (migrate)
function.*migrate\(
Missconfigured methods
function.*(burn|mint|swap|withdraw|transfer|send).*public
constructor missconfigurations
constructor\(\) public
Missing access control
function.*(withdraw|transfer|mint|burn).*external[^{]*\{[^}]*(?!onlyOwner|require)
Unprotected selfdestruct
selfdestruct\([^)]*\)
Missing onlyOwner modifier
function.*(set|update|change|remove|add).*public(?!.*onlyOwner)
Reentrancy
5 vulnerability patterns in this category
Low-Level Operations
9 vulnerability patterns in this category
Arithmetic & Data
12 vulnerability patterns in this category
hardcoded addresses
0x[0-9a-zA-Z]{40};
Old compiler versions
^pragma solidity(.*)0\.4
untrusted parameters (calldata)
function.*calldata.*public
untrusted parameters (memory)
function.*memory.*public
recover
recover\(
abi.decode
abi\.decode\(
function set address
function.*set.*address.*
unsafe transfer
erc20.*transfer\(
Unchecked math
unchecked\s*\{
Division before multiplication
\/.*\*
Magic numbers
==\s*\d{5,}|>\s*\d{5,}|<\s*\d{5,}
Hardcoded gas limits
\.call\{gas:\s*\d+\}
Oracles & Price Feeds
5 vulnerability patterns in this category
DeFi Specific
12 vulnerability patterns in this category
Advanced Flash loans 1
flashLoan\(
Advanced Flash loans 2
onFlashLoan\(
Advanced Flash loans 3
ERC3156FlashBorrower.onFlashLoan
Advanced Standard ERC4626 token vaults
ERC4626
Advanced Hardened ERC4626 with OpenZeppelin
(previewWithdraw|previewDeposit)\(
Advanced comptroller
comptroller
Advanced interest rate models
interestrate
Slippage control
(slippage|minAmount|amountOutMin)
MEV sandwich attack vector
swap.*deadline|deadline.*swap
Liquidity pool manipulation
(addLiquidity|removeLiquidity)\(
Yield farming risk
(stake|unstake|harvest|compound)\(
Vault share inflation
totalSupply\(\)\s*==\s*0
Token Standards
7 vulnerability patterns in this category
ERC20 approve race
approve\([^,]+,\s*[^0]
Missing zero address check
require\([^)]*!=\s*address\(0\)
Unsafe ERC20 operations
\.transfer\(|\.transferFrom\(
Missing return value check
IERC20\([^)]+\)\.(transfer|transferFrom|approve)\(
Permit function
permit\(
ERC721 safe transfer
safeTransferFrom\(
ERC1155 batch operations
(safeBatchTransferFrom|balanceOfBatch)\(
Governance & Multisig
8 vulnerability patterns in this category
Advanced multisig
multisig
Advanced signature
signature
Timelock bypass
timelock|TimeLock
Governance attack vector
(propose|vote|execute|queue)\(
Quorum manipulation
quorum|votingPower
Signature replay
(ecrecover|ECDSA\.recover)\(
Missing nonce
signature.*(?!nonce)
Weak randomness
(block\.timestamp|block\.number|blockhash).*random
Upgradability
5 vulnerability patterns in this category
Gas & DoS
5 vulnerability patterns in this category
Assertions & Validation
5 vulnerability patterns in this category
Time & Block Dependencies
4 vulnerability patterns in this category
Cross-Chain & Bridges
3 vulnerability patterns in this category
Miscellaneous
8 vulnerability patterns in this category
AI-Powered Analysis
10 vulnerability patterns in this category
GPT Reentrancy Vulnerability
(\.call\()|(\.delegatecall\()|(\.send\()|(\.transfer\()
GPT Unchecked External Calls
(\.call\()|(\.delegatecall\()|(\.send\()|(\.transfer\()|(\.rawCall\()|(\.callcode\()
GPT Integer Overflow/Underflow
(overflow|underflow)
GPT Unchecked Ownership
(owner|admin|controller|master)
GPT Denial of Service (DoS) Vulnerabilities
(owner|admin|controller|master)
GPT Unchecked Input Validation
(verify|validate|check|assert|calldata|memory)
GPT Front-running Risk
(commit|reveal|auction|bid)\(
GPT Centralization Risk
(onlyOwner|onlyAdmin|onlyRole|hasRole)\(
GPT Logic Errors
(if|else|while|for).*\{
GPT State Inconsistency
(balances|allowances|stakes)\[