issues
search
code-423n4
/
2023-01-ondo-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimizations
#269
code423n4
closed
1 year ago
1
Reuse of signature to get KYCd after it has been removed
#268
code423n4
closed
1 year ago
3
fToken and cToken can be associated with the same address in Ondo Oracle
#267
code423n4
closed
1 year ago
2
QA Report
#266
code423n4
closed
1 year ago
1
Admin should be able to refund or redeem the sanctioned users
#265
code423n4
opened
1 year ago
10
Collaterals with decimals over than 18 can not be used
#264
code423n4
opened
1 year ago
2
QA Report
#263
code423n4
closed
1 year ago
1
Gas Optimizations
#262
code423n4
closed
1 year ago
1
Future Epoch Pending Redemption Balance Set Vulnerability
#261
code423n4
closed
1 year ago
1
`MintFees` can change by admin any time, lead to user may spend more fee than expected
#260
code423n4
opened
1 year ago
2
Gas Optimizations
#259
code423n4
closed
1 year ago
1
Gas Optimizations
#258
code423n4
closed
1 year ago
1
QA Report
#257
code423n4
opened
1 year ago
1
Gas Optimizations
#256
code423n4
closed
1 year ago
1
User can request mint of all mintable tokens without owning collateral
#255
code423n4
closed
1 year ago
1
Gas Optimizations
#254
code423n4
closed
1 year ago
2
Unrestricted `ComptrollerInterface` and `InterestRateModel` Contract Changes by Admin and "PendingAdmin" leading to Loss of Funds for Users
#253
code423n4
closed
1 year ago
1
QA Report
#252
code423n4
closed
1 year ago
2
`OndoPriceOracleV2` uses hardcoded `scaleFactor`
#251
code423n4
closed
1 year ago
2
QA Report
#250
code423n4
closed
1 year ago
3
OracleV2 will not work for tokens with over 18 decimals
#249
code423n4
closed
1 year ago
3
`sanctionsList` is immutable and can never be changed
#248
code423n4
closed
1 year ago
2
Placeholder
#247
code423n4
opened
1 year ago
11
CASH token cannot be transferred among users and accounts
#246
code423n4
closed
1 year ago
1
Unrestricted ComptrollerInterface and InterestRateModel Contract Changes by Admin and PendingAdmin leading to Loss of Funds for Users
#245
code423n4
closed
1 year ago
1
QA Report
#244
code423n4
closed
1 year ago
1
Mint claim gets saved in under the wrong epoch when setEpochDuration is called
#243
code423n4
closed
1 year ago
1
Redemption and deposit minimums can change mid epoch
#242
code423n4
closed
1 year ago
1
Gas Optimizations
#241
code423n4
closed
1 year ago
1
Anyone can be refunded; no input validation
#240
code423n4
closed
1 year ago
1
No integrity between `completeRedemptions` calls for the same epoch
#239
code423n4
closed
1 year ago
1
QA Report
#238
code423n4
opened
1 year ago
1
The function `multiexcall` lacks aggregated value validation
#237
code423n4
closed
1 year ago
1
Improper Input Validation in `setRedeemLimit()` Function
#236
code423n4
closed
1 year ago
3
MANAGER_ADMIN has the right to give or take any amount of user's tokens using setPendingMintBalance.
#235
code423n4
closed
1 year ago
1
Values in redemptions do not match, and fees are being overcharged
#234
code423n4
closed
1 year ago
1
_processRefund() fails to update currentRedeemAmount when epochToService == currentEpoch
#233
code423n4
closed
1 year ago
1
Gas Optimizations
#232
code423n4
closed
1 year ago
1
Rounding error "confiscastes" some collateral
#231
code423n4
closed
1 year ago
1
Maximum fee cannot be set to 100%
#230
code423n4
closed
1 year ago
1
QA Report
#229
code423n4
closed
1 year ago
1
`CTokenDelegate` inherits non-upgradeable contracts
#228
code423n4
closed
1 year ago
1
If collateral have over 18 decimals, the protocol will break
#227
code423n4
closed
1 year ago
2
Gas Optimizations
#226
code423n4
opened
1 year ago
1
CashManager requires that collateral only has a fixed supply
#225
code423n4
closed
1 year ago
3
setRedeemLimit() failes to compare __redeemLimit with currentRedeemAmount
#224
code423n4
closed
1 year ago
3
`CashKycSender` inherits non-upgradeable contracts (missing `gap`)
#223
code423n4
closed
1 year ago
1
overrideExchangeRate may result in an unfair exchange
#222
code423n4
closed
1 year ago
6
Gas Optimizations
#221
code423n4
opened
1 year ago
1
setMintLimit() fails to compare _mintLimit with currentMintAmount
#220
code423n4
closed
1 year ago
1
Previous
Next