Franklin Templeton

Findings · 15

1. 1 Canceling all transaction requests causes DoS on MMF system High
2. 2 Lack of validation in the IntentValidationModule contract can lead to inconsistent state High
3. 3 Pending transactions cannot be settled Medium
4. 4 Deauthorized accounts can keep shares of the MMF Medium
5. 5 Solidity compiler optimizations can be problematic Informational
6. 6 Project dependencies contain vulnerabilities Undetermined
7. 7 Unimplemented getVersion function returns default value of zero Informational
8. 8 The MultiSigGenVerifier threshold can be passed with a single signature High
9. 9 Shareholders can renounce their authorization role Low
10. 10 Risk of multiple dividend payouts in a day Medium
11. 11 Shareholders can stop admin from deauthorizing them High
12. 12 Total number of submitters in MultiSigGenVerifier contract can be more than allowed limit of MAX_SUBMITTERS Informational
13. 13 Lack of contract existence check on target address Low
14. 14 Pending transactions can trigger a DoS Informational
15. 15 Dividend distribution has an incorrect rounding direction for negative rates Low

Findings extracted from the published report PDF. See the full report below for details and remediation.