-
S3v3ru5
High
# Attacker can DoS the withdrawals by initializing the vault authority account after owner resets it
### Summary
The `solana_vault::reset_vault` function works by completely closing…
-
### Problem
https://solana.com/docs/programs/deploying#how-object-object-works leads to `How solana program deploy works`, but the breadcrumb name doesn't match right
### Proposed Solution
Ma…
-
dod4ufn
High
# _quote_amount is always calculated with outdated price potentially leading to loss of funds
## Summary
Wooracle uses prices that were calculated using the previous call of Pyth’s or…
-
xKeywordx
High
# [H-1] - User can deposit unauthorized tokens, leading to incorrect crediting of USDC on the other chain.
### Summary
There are no checks to ensure that the `deposit_token` match…
-
When writing anchor or native solana programs we can use the `msg!()` macro to print a message to the log, is there a way to do this with typescript in poseidon currently ? because it seems like there…
-
0xeix
Medium
# Fees are inconsistently charged if the price direction quote -> base and base -> quote
## Summary
The protocol charges fees at the moment on every swap. The problem is that depend…
-
0xeix
High
# Fees are not transferred to the woopool_quote.token_vault after the swap
## Summary
Swap fees are only added to the unclaimed fees and not transferred to the associated `quote_token…
-
Currently the Go binding to interact with Solana programs are located in https://github.com/zeta-chain/node/tree/develop/pkg/contracts/solana
To keep strong coupling with the current implementation…
-
ZanyBonzy
Medium
# Constraints are not defined in set_only_owner_config.rs
## Summary
Constraints are not set in set_only_owner_config.rs so anyone can set wooracle admin authority and guard…
-
S3v3ru5
Medium
# Incorrect implementation of `query` function
### Summary
Because of an incorrect condition, the `query` function will succeed and the `swap` function would fail for same parameter…