code-423n4 2021-09-wildcredit-findings issues

code-423n4 / 2021-09-wildcredit-findings

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Use of tokenB’s price instead of tokenA in determining account health will lead to protocol mis-accounting and insolvency

#70 code423n4 opened 3 years ago
0
Atypical use of maxAmount may cause repayment failure

#69 code423n4 closed 3 years ago
2
Using a zero-address check as a proxy for enforcing one-time initialization is risky

#68 code423n4 opened 3 years ago
2
receive() may lead to locked Ether

#67 code423n4 closed 3 years ago
2
UniV3Helper: Function visibilities can be restricted to pure

#66 code423n4 opened 3 years ago
1
Remove pair-specific parameters until they are actually used/enforced

#65 code423n4 opened 3 years ago
2
UniswapV3Helper: Redundant pool initialization

#64 code423n4 opened 3 years ago
0
Missing threshold check for highRate

#63 code423n4 opened 3 years ago
2
UniswapV3Helper: Misleading param names for getSqrtPriceX96()

#62 code423n4 opened 3 years ago
2
Constraint of minRate < lowRate can be broken

#61 code423n4 opened 3 years ago
2
UniswapV3Helper: getSqrtPriceX96() doesn't work for tokens with non-18 decimals

#60 code423n4 closed 3 years ago
2
Incorrect error message strings with require()s

#59 code423n4 opened 3 years ago
2
UniswapV3Helper: Avoid recomputation of sqrtRatio from pool tick

#58 code423n4 opened 3 years ago
0
Strict inequality should be relaxed to be closed ranges instead of open

#57 code423n4 opened 3 years ago
2
Lack of input validation

#56 code423n4 closed 3 years ago
2
Use of deprecated Chainlink API

#55 code423n4 opened 3 years ago
1
Missing zero-address checks

#54 code423n4 opened 3 years ago
2
Missing SafeMath

#53 code423n4 opened 3 years ago
0
Check if amount > 0 can save gas

#52 code423n4 closed 3 years ago
1
Consider adding `account` parameter to event WithdrawUniPosition

#51 code423n4 opened 3 years ago
0
Supply part of the accrued debt can be stolen

#50 code423n4 opened 3 years ago
2
Gas: Unnecessary `_maxAmount` parameter in `repayAllETH`

#49 code423n4 opened 3 years ago
0
`LendingPair.withdrawUniPosition` should accrue debt first

#48 code423n4 opened 3 years ago
0
`UniswapV3Helper.getUserTokenAmount` could be simplified

#47 code423n4 opened 3 years ago
2
Truncated math in `interestRatePerBlock`

#46 code423n4 opened 3 years ago
2
`setTargetUtilization`'s `require` statement does not match error

#45 code423n4 closed 3 years ago
2
Simple interest formula is used

#44 code423n4 opened 3 years ago
0
Uniswap oracle assumes PairToken <> WETH liquidity

#43 code423n4 opened 3 years ago
1
ChainLink price data could be stale

#42 code423n4 closed 3 years ago
1
Missing parameter validation

#41 code423n4 opened 3 years ago
2
The check if _checkBorrowEnabled and _checkBorrowLimits can be done earlier

#40 code423n4 opened 3 years ago
0
nonReentrant modifier for uniswap v3 functions

#39 code423n4 closed 3 years ago
1
Inaccurate require error messages.

#38 code423n4 closed 3 years ago
2
Improve readability of constants

#37 code423n4 opened 3 years ago
0
Reduce risk of rounding error in _timeRateToBlockRate

#36 code423n4 opened 3 years ago
0
transferLp() Misleading error message

#35 code423n4 opened 3 years ago
0
Miscalculation of `_supplyCreditUni` allows undercollateralized loan

#34 code423n4 closed 3 years ago
1
Check _returnToken and call _convertTokenValues() only when needed can save gas

#33 code423n4 closed 3 years ago
2
Change unnecessary _supplyBalanceConverted to _supplyOf can save gas

#32 code423n4 opened 3 years ago
0
Change unnecessary _borrowBalanceConverted to _debtOf can save gas

#31 code423n4 opened 3 years ago
0
Liquidation can be escaped by depositing a Uni v3 position with 0 liquidity

#30 code423n4 opened 3 years ago
2
move to solidity 8, get rid of sageMath.

#29 code423n4 closed 3 years ago
2
Reentrancy in withdraw. Reentrancy guard is missing,

#28 code423n4 closed 3 years ago
2
Wrong implementation of _sqrt function

#27 code423n4 closed 3 years ago
2
Multiple getters

#26 code423n4 closed 3 years ago
2
Whitelist is missing in PairFactory

#25 code423n4 closed 3 years ago
2
Initialize can be called multiple times!!!!

#24 code423n4 closed 3 years ago
2
Transfer method doesn't consider gained interest correctly,

#23 code423n4 closed 3 years ago
2
`UniswapV3Oracle.sol` Does Not Use `latestRoundData()` Instead of `latestAnswer()`

#22 code423n4 closed 3 years ago
1
`onlyOwner` Role Can Manipulate Price Oracle

#21 code423n4 closed 3 years ago
2

Previous Next