-
0xeix
Medium
# Spread is not updated for base tokens when performing base to base swap
## Summary
Currently the function `handler()` is supposed to update the spread and the state afterwards of …
-
LZ_security
Medium
# WOOFi Swap on Solana does not support the native token SOL.
## Summary
WOOFi Swap on Solana does not support the native token SOL.
## Vulnerability Detail
```rust
pub fn …
-
0xeix
Medium
# swap_fee is incorrectly calculated for the quote_amount
## Summary
`swap_fee` parameter is calculated using `quote_amount`, `fee_rate`. However, due to incorrect divisor, incorre…
-
0xBoboShanti
Medium
# Vault can be temporarily bricked by using a frozen recipient ATA when ordered delivery is enabled
### Summary
_Please note - this requires that https://github.com/sherlock-…
-
0xeix
High
# create_rebate_manager has no access control
## Summary
There is currently no check that only trusted authority is able to create a new `rebate_manager`.
## Vulnerability Detail
…
-
0xeix
Medium
# Swap fees are not correctly handled as they are substracted from the woopool_quote reserves
## Summary
The `handler()` function inside of `swap.rs` instruction makes incorrect ass…
-
S3v3ru5
Medium
# Swap function does not check `woopool_quote` is indeed a quote pool
### Summary
WooFi defines a quote pool has the pool which has `pool.token_mint == pool.quote_token_mint` i.e po…
-
Polaris_tow
High
# The calculation of `quote_amount` may result in discrepancies
## Summary
Failure to account for the spread results in discrepancies in the `quote_amount` calculation.
## Vulner…
-
pashap9990
High
# get_price function returns stale price
### Summary
every pool has a oracle and oracle's price will be updated through off-chain mechanism but this can cause stale price
>We ha…
-
D1r3Wolf
Medium
# [med] Allowing admin_authority to create `RebateInfo` will create DoS for `ClaimRebateFee` instruction
### Summary
This issue is from `rebate_manager` program.
`CreateRebateIn…