code-423n4 2022-12-prepo-findings issues

code-423n4 / 2022-12-prepo-findings

0 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

[NAZ-M2] Usage of `send()` Can Result In Revert

#290 code423n4 closed 1 year ago
2
[NAZ-M1] `SET_DEPOSIT_FEE_ROLE && SET_WITHDRAW_FEE_ROLE && Admin` Can Front-run Users With Fee Increases

#289 code423n4 closed 1 year ago
2
QA Report

#288 code423n4 opened 1 year ago
6
Gas Optimizations

#287 code423n4 closed 1 year ago
2
Access control for `hook` function in `RedeemHook` Contract is inconsistent with the implementation.

#286 code423n4 closed 1 year ago
2
function mint() in PrePOMarket shouldn't accept deposits after expiryTime of Market

#285 code423n4 closed 1 year ago
5
Gas Optimizations

#284 code423n4 opened 1 year ago
1
Unlimited Global & User Withdrawal right after previous period ends and new period begins

#283 code423n4 closed 1 year ago
3
Redeem should revert if the TokenSender.sol doesn’t have enough outputtoken to reimburse to users.

#282 code423n4 closed 1 year ago
4
QA Report

#281 code423n4 opened 1 year ago
1
Governance address should live in Factory, rather than each Market

#280 code423n4 closed 1 year ago
2
Gas Optimizations

#279 code423n4 closed 1 year ago
2
Manually input salts to create market can lead to collisions

#278 code423n4 closed 1 year ago
2
QA Report

#277 code423n4 opened 1 year ago
1
Gas Optimizations

#276 code423n4 opened 1 year ago
2
Business logic that may confuse users

#275 code423n4 closed 1 year ago
2
TokenSender fails silently if it doesn't have enough PPO balance to refund

#274 code423n4 closed 1 year ago
2
`Collateral.withdraw()` business logic may raise users' concerns of their assets

#273 code423n4 closed 1 year ago
4
`PrePOMarket.redeem()` business logic may raise users' concerns of their assets

#272 code423n4 closed 1 year ago
2
userToDeposits is always increasing, can eventually reach cap

#271 code423n4 closed 1 year ago
2
User fee refunds will silently fail if _priceMultiplier isn't set

#270 code423n4 closed 1 year ago
4
Gas Optimizations

#269 code423n4 closed 1 year ago
1
Irrelevant error message from `Collateral.withdraw()` worries users

#268 code423n4 closed 1 year ago
3
MintHook doesn't allow users with NFT score requirement to mint

#267 code423n4 closed 1 year ago
8
PrePOMarket.sol : a sender who is not included in the account list can front run and mint prior to setting the `_mintHook`

#266 code423n4 closed 1 year ago
2
Centralization Risks

#265 code423n4 opened 1 year ago
6
Irrelevant error message from `PrePOMarket.redeem()` worries users

#264 code423n4 closed 1 year ago
2
Irrelevant error message from `Collateral.deposit` worries users

#263 code423n4 closed 1 year ago
1
QA Report

#262 code423n4 closed 1 year ago
1
Possible Denial of Service when users try to withdraw collateral from vault

#261 code423n4 closed 1 year ago
2
Inconsistency in minimum amount to deposit/withdraw between different baseTokens

#260 code423n4 opened 1 year ago
9
Wrong variable is used for the first parameter of depositHook.hook()

#259 code423n4 closed 1 year ago
2
Hooks send funds to treasury without confirming that treasury is set

#258 code423n4 closed 1 year ago
2
Users do not receive owed tokens if `TokenSender` contract cannot cover their owed amount.

#257 code423n4 opened 1 year ago
7
managerWithdraw can be called when manager isn't set, wiping all user funds

#256 code423n4 opened 1 year ago
5
Manager withdraw creates severe rug pull vector

#255 code423n4 closed 1 year ago
3
Manager can get around min reserves check, draining all funds from Collateral.sol

#254 code423n4 opened 1 year ago
14
PrePOMarket.sol : Unsafe ERC20 methods

#253 code423n4 closed 1 year ago
2
Protocol is not able to account for baseTokens generating yield

#252 code423n4 closed 1 year ago
4
CWE-767 Access to Critical Private Variable via Public Method

#251 code423n4 closed 1 year ago
2
TokenSender may not have enough outputToken to transfer to the sender

#250 code423n4 closed 1 year ago
1
CWE-767 Access to Critical Private Variable via Public Method

#249 code423n4 closed 1 year ago
1
Collateral deposit function can break when fee is amount are too small

#248 code423n4 closed 1 year ago
2
PrePOMarketFactory.sol : createMarket is allowing to create market that is already created

#247 code423n4 closed 1 year ago
17
QA Report

#246 code423n4 closed 1 year ago
2
Gas Optimizations

#245 code423n4 closed 1 year ago
2
QA Report

#244 code423n4 closed 1 year ago
2
Anyone can set the accountList object

#243 code423n4 closed 1 year ago
3
Lack of access control in AllowedMsgSenders contract.

#242 code423n4 closed 1 year ago
2
possible MEV attack in ``depositAndTrade``

#241 code423n4 closed 1 year ago
3

Previous Next