issues
search
code-423n4
/
2022-10-inverse-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimizations
#604
code423n4
opened
1 year ago
1
## `gov` role can affect the whole functioning of the `Market`
#603
code423n4
closed
1 year ago
2
Gas Optimizations
#602
code423n4
closed
1 year ago
1
Oracle.sol uses deprecated Chainlink API `latestAnswer()`
#601
code423n4
closed
1 year ago
4
`operator` role it's handled in a way that can damage the protocol
#600
code423n4
closed
1 year ago
2
QA Report
#599
code423n4
closed
1 year ago
1
Divide before multiply
#598
code423n4
closed
1 year ago
3
QA Report
#597
code423n4
closed
1 year ago
1
QA Report
#596
code423n4
closed
1 year ago
1
Gas Optimizations
#595
code423n4
opened
1 year ago
1
QA Report
#594
code423n4
opened
1 year ago
1
QA Report
#593
code423n4
opened
1 year ago
1
Gas Optimizations
#592
code423n4
opened
1 year ago
1
QA Report
#591
code423n4
closed
1 year ago
1
QA Report
#590
code423n4
opened
1 year ago
1
Gas Optimizations
#589
code423n4
closed
1 year ago
1
QA Report
#588
code423n4
opened
1 year ago
1
Timelock Contract should be used to avoid malicious governance
#587
code423n4
closed
1 year ago
2
Protocol's usability becomes very limited when access to Chainlink oracle data feed is blocked
#586
code423n4
opened
1 year ago
7
Decimals are computed in the wrong way if the collateral token doesn't have 18 decimals
#585
code423n4
closed
1 year ago
3
Chainlink oracle data feed is not sufficiently validated and can return stale `price`
#584
code423n4
opened
1 year ago
7
Calling `repay` function sends less DOLA to `Market` contract when `forceReplenish` function is not called while it could be called
#583
code423n4
opened
1 year ago
7
Gas Optimizations
#582
code423n4
closed
1 year ago
1
Approve front-running attack in DBR.sol
#581
code423n4
closed
1 year ago
1
QA Report
#580
code423n4
closed
1 year ago
1
If transferring DBR after borrowing DOLA in same transaction, DBR amount that is used already for borrowing DOLA can still be shared to allow users who do not own DBR to borrow DOLA
#579
code423n4
closed
1 year ago
7
DOLA can be borrowed without owning any DBR
#578
code423n4
closed
1 year ago
6
Can steal `Fed` contract's DOLA balance
#577
code423n4
closed
1 year ago
2
Rug Vector draining DOLA token
#576
code423n4
closed
1 year ago
3
Gas Optimizations
#575
code423n4
closed
1 year ago
1
Gas Optimizations
#574
code423n4
closed
1 year ago
1
Chainlink `latestAnswer` is deprecated
#573
code423n4
closed
1 year ago
4
Gas Optimizations
#572
code423n4
closed
1 year ago
1
Gas Optimizations
#571
code423n4
closed
1 year ago
1
`replenishmentPriceBps` can be set arbitrarily high by the operator
#570
code423n4
closed
1 year ago
3
QA Report
#569
code423n4
opened
1 year ago
1
Gas Optimizations
#568
code423n4
closed
1 year ago
1
QA Report
#567
code423n4
opened
1 year ago
1
Gas Optimizations
#566
code423n4
closed
1 year ago
1
`Oracle.sol` uses deprecated Chainlink method `latestAnswer()`
#565
code423n4
closed
1 year ago
4
Non-cleaned up variable in a inline assembly
#564
code423n4
closed
1 year ago
3
Admin can set very low or very high value for setting fees & collateral factor in `Market.sol` resulting in value loss and/or DoS
#563
code423n4
closed
1 year ago
3
If a market with a collateral that has `feedDecimals + tokenDecimals > 36` is added it won’t be functional
#562
code423n4
closed
1 year ago
7
Using a non-18 decimals token as collateral (for ex. USDT) in a `Market` will result in multiple value losing situations
#561
code423n4
closed
1 year ago
5
QA Report
#560
code423n4
closed
1 year ago
1
Gas Optimizations
#559
code423n4
opened
1 year ago
1
Misleading code in BorrowController including no validation of the amounts to be borrowed.
#558
code423n4
closed
1 year ago
1
Front-running approve function
#557
code423n4
closed
1 year ago
1
SimpleERC20Escrow's initialize() can be frontrun
#556
code423n4
closed
1 year ago
1
Wrong logic at Fed.resign()
#555
code423n4
closed
1 year ago
1
Next