-
Most SOLANA tokens are feeded price by pyth, so if we are going to support SOLANA client chain, we would introduce pyth to feed the token price.
-
Uneven Gingham Locust
Medium
# Attacker can DoS WooFi deployment
### Summary
Anyone can create the WooConfig account by calling the `create_config` function immediately after deployment. Any giv…
-
Uneven Gingham Locust
Medium
# Gamma is rounded down, against the protocol, in calc_quote_amount_sell_base
### Summary
The amount of quote tokens for a given amount of base tokens is calculated …
-
Creamy Carrot Yeti
Medium
# Fees are inconsistently charged if the price direction quote -> base and base -> quote
## Summary
The protocol charges fees at the moment on every swap. The problem i…
-
Creamy Carrot Yeti
High
# create_rebate_manager has no access control
## Summary
There is currently no check that only trusted authority is able to create a new `rebate_manager`.
## Vulnerabi…
-
Creamy Carrot Yeti
Medium
# Swap fees are not correctly handled as they are substracted from the woopool_quote reserves
## Summary
The `handler()` function inside of `swap.rs` instruction makes …
-
Creamy Carrot Yeti
Medium
# swap_fee is incorrectly calculated for the quote_amount
## Summary
`swap_fee` parameter is calculated using `quote_amount`, `fee_rate`. However, due to incorrect div…
-
Strong Alabaster Leopard
High
# get_price function returns stale price
### Summary
every pool has a oracle and oracle's price will be updated through off-chain mechanism but this can cause stale…
-
# 构建Solana事务的技术理解 - GeekBTC
本文深入探讨Solana事务的构建过程,涵盖基本概念、关键组件以及实际应用,帮助开发者更好地理解和利用Solana的高性能特性。
[https://geekbtc.xyz/understanding_solana_transaction_building/](https://geekbtc.xyz/understanding_solana…
-
Uneven Gingham Locust
Medium
# Swap function does not check `woopool_quote` is indeed a quote pool
### Summary
WooFi defines a quote pool has the pool which has `pool.token_mint == pool.quote_toke…