NuCypher

Findings · 7

1. 1 verifyState does not accurately check memory layout High
2. 2 Contract upgrades can catastrophically fail if the storage layout changes Low
3. 3 finishUpgrade lacks same checks as contract constructor Low
4. 4 Contract owner can arbitrarily replay finishUpgrade Medium
5. 5 Proxy has public methods that shadow implementation High
6. 6 Lack of events for critical operations Informational
7. 7 Dispatcher does not confirm contract’s existence prior to returning Medium

Findings extracted from the published report PDF. See the full report below for details and remediation.