code-423n4 2022-03-sublime-findings issues

code-423n4 / 2022-03-sublime-findings

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Gas Optimizations

#83 code423n4 opened 2 years ago
1
Any User Can Register Them-self if `signerAddress` is Unset

#82 code423n4 closed 2 years ago
2
QA Report

#81 code423n4 closed 2 years ago
2
Gas Optimizations

#80 code423n4 opened 2 years ago
1
QA Report

#79 code423n4 opened 2 years ago
1
`_withdrawLiquidity()` is Not Consistent With `start()`

#78 code423n4 closed 2 years ago
4
`_withdrawLiquidity()` is Not Consistent With `start()`

#77 code423n4 closed 2 years ago
2
Gas Optimizations

#76 code423n4 opened 2 years ago
2
QA Report

#75 code423n4 opened 2 years ago
2
`approve` and `safeApprove` Should Approve the Zero Amount First

#74 code423n4 closed 2 years ago
1
Use safeTransfer

#73 code423n4 closed 2 years ago
1
Deposited collateral can't be withdrawn when PooledCreditLineStatus is Expired

#72 code423n4 closed 2 years ago
1
Denial of services in proxy context by setting immutable privileged addresses in constructor in upgradeable contracts

#71 code423n4 closed 2 years ago
1
Fee in start() can be avoided

#70 code423n4 closed 2 years ago
1
Gas Optimizations

#69 code423n4 opened 2 years ago
1
QA Report

#68 code423n4 opened 2 years ago
1
Gas Optimizations

#67 code423n4 opened 2 years ago
1
Gas Optimizations

#66 code423n4 opened 2 years ago
1
Loss of protocol startFee when `start` is front-run

#65 code423n4 closed 2 years ago
2
Potentially depositing at unfavorable rate since anyone can deposit the entire lenderPool to a known strategy at a pre-fixed time

#64 code423n4 opened 2 years ago
3
QA Report

#63 code423n4 opened 2 years ago
1
Gas Optimizations

#62 code423n4 opened 2 years ago
1
QA Report

#61 code423n4 opened 2 years ago
1
[WP-H11] `lender` may not be able to get back their funds, due to improper handling of potential loss of strategy

#60 code423n4 closed 2 years ago
1
[WP-M10] Lack of access control allow anyone to `withdrawInterest()` for any lender

#59 code423n4 opened 2 years ago
2
[WP-H9] `LenderPool.sol#start()` `startFeeFraction` can be used by a malicious/compromised owner to rug lenders

#58 code423n4 closed 2 years ago
2
[WP-H3] Proxy admin of the upgradeable proxy contracts can steal `_borrowAsset` and `collateralAsset` from the contracts and users' wallet

#57 code423n4 closed 2 years ago
2
[WP-M7] Wrong design/implementation of interest accrued to the borrowers can make the lenders to end up getting much fewer amount of interest than expected

#56 code423n4 closed 2 years ago
1
[WP-H1] `LenderPool.sol#terminate()` Wrong value is used for the `shares` argument of `SAVINGS_ACCOUNT.withdrawShares()` can cause fund loss to all users

#55 code423n4 closed 2 years ago
1
Result of transfer not checked

#54 code423n4 closed 2 years ago
1
Gas Optimizations

#53 code423n4 opened 2 years ago
1
QA Report

#52 code423n4 closed 2 years ago
1
QA Report

#51 code423n4 opened 2 years ago
1
Add a timelock to `PooledCreditLine.updateProtocolFeeFraction()`

#50 code423n4 closed 2 years ago
2
Gas Optimizations

#49 code423n4 closed 2 years ago
1
Consistently check account balance before and after transfers for Fee-On-Transfer discrepencies

#48 code423n4 closed 2 years ago
2
Gas Optimizations

#47 code423n4 opened 2 years ago
1
QA Report

#46 code423n4 opened 2 years ago
2
Incorrect value subtracted from `sharesHeld` for closed and liquidated pools in `LenderPool._withdrawLiquidity`

#45 code423n4 closed 2 years ago
2
`LenderPool.terminate` mix calculation between shares and tokens, resulting in incorrect amount of shares to be withdrawn from savings account

#44 code423n4 closed 2 years ago
1
Incorrect borrowLimit used in calculating principal to withdraw for non-activated pools that are terminated

#43 code423n4 closed 2 years ago
1
Drastic loss of precision due to arithmetic operation orders

#42 code423n4 closed 2 years ago
2
Usage of outdated solidity compiler version results in potential integer overflow risk in calculations

#41 code423n4 closed 2 years ago
2
Forcing `IERC20` when calling `transfer()` reverts when used with some ERC20 tokens

#40 code423n4 closed 2 years ago
1
Calling `approve()` without first calling `approve(0)` causes problems with non-standard tokens (e.g. USDT)

#39 code423n4 closed 2 years ago
1
Contracts don't work properly with fee-on-transfer/deflationary tokens

#38 code423n4 closed 2 years ago
2
QA Report

#37 code423n4 opened 2 years ago
2
Gas Optimizations

#36 code423n4 opened 2 years ago
1
Gas Optimizations

#35 code423n4 opened 2 years ago
1
QA Report

#34 code423n4 opened 2 years ago
1