issues
search
code-423n4
/
2023-01-reserve-findings
4
stars
2
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
[NAZ-M1] Unbounded Loops That May Address DoS
#444
code423n4
closed
1 year ago
2
QA Report
#443
code423n4
opened
1 year ago
1
stRSR.seizeRSR() should check whether the basket of collateral is defaulted
#442
code423n4
closed
1 year ago
2
High Severity Reentrancy Vulnerability in `stateTransition` Modifier
#441
code423n4
closed
1 year ago
1
A staker might drain the stRST contract slowly
#440
code423n4
closed
1 year ago
1
attacker can make stakeRate to be 1 in the StRSR contract and users depositing tokens can lose funds because of the big rounding error
#439
code423n4
opened
1 year ago
3
Gas Optimizations
#438
code423n4
opened
1 year ago
1
QA Report
#437
code423n4
opened
1 year ago
1
Missing require statement for sellAmount in init() function leading to potential loss of funds.
#436
code423n4
closed
1 year ago
1
Gas Optimizations
#435
code423n4
closed
1 year ago
8
Gas Optimizations
#434
code423n4
opened
1 year ago
1
Gas Optimizations
#433
code423n4
opened
1 year ago
1
Chainlink price handling on L2 chains does not consider sequencer downtime
#432
code423n4
closed
1 year ago
7
Gas Optimizations
#431
code423n4
opened
1 year ago
1
functions stake() and unstake() won't revert when calculated mint amount is 0 or withdraw amount is 0 which would cause users to slowly lose dust funds while sums of those dust can be big amount
#430
code423n4
closed
1 year ago
6
QA Report
#429
code423n4
opened
1 year ago
1
QA Report
#428
code423n4
closed
1 year ago
1
Fee on transfer based collateral is not considered.
#427
code423n4
closed
1 year ago
10
Missing Function Definition in tryPrice() leading to contract failure.
#426
code423n4
closed
1 year ago
1
## Significant roundoff error in melt() function
#425
code423n4
closed
1 year ago
1
redeem() should be possible when protocol is Paused but to be able to redeem function grantRTokenAllowance() should be called for any basket tokens and it can only be called when protocol is not paused
#424
code423n4
closed
1 year ago
2
Gas Optimizations
#423
code423n4
opened
1 year ago
1
Gas Optimizations
#422
code423n4
closed
1 year ago
1
QA Report
#421
code423n4
closed
1 year ago
1
QA Report
#420
code423n4
opened
1 year ago
4
function withdraw() in StRSR won't update contract state (totalDrafts) in all cases which can cause wrong fund distribution and fund stucking in the contract
#419
code423n4
closed
1 year ago
2
Malicious asset can destroy the protocol with DelegateCall
#418
code423n4
closed
1 year ago
3
QA Report
#417
code423n4
opened
1 year ago
1
Baited by redemption during undercollateralization (no issuance, just transfer)
#416
code423n4
opened
1 year ago
7
QA Report
#415
code423n4
closed
1 year ago
1
RToken issuers are not protected from slippage
#414
code423n4
closed
1 year ago
4
User funds can be locked in RToken contract for a long time
#413
code423n4
closed
1 year ago
2
user funds loss in withdraw() of StRSR because code don't revert when calculated rsrAmount is zero
#412
code423n4
closed
1 year ago
2
Small amounts of funds can be stolen during recollateralization
#411
code423n4
closed
1 year ago
4
Gas Optimizations
#410
code423n4
opened
1 year ago
1
Distributor#distribute() can be used to steal funds from users' wallets
#409
code423n4
closed
1 year ago
2
Gas Optimizations
#408
code423n4
closed
1 year ago
1
QA Report
#407
code423n4
closed
1 year ago
1
Wrong check isContract for Permit
#406
code423n4
closed
1 year ago
2
Distributor.distrube function is possible to transfer wrong value
#405
code423n4
closed
1 year ago
1
Deletion on mapping containing a structure
#404
code423n4
closed
1 year ago
2
Unchecked return price > 0 oracle
#403
code423n4
closed
1 year ago
3
QA Report
#402
code423n4
closed
1 year ago
1
function disableBasket() emits event with wrong parameters and it can cause other off-chain tools to not be able to work properly with protocol
#401
code423n4
closed
1 year ago
1
QA Report
#400
code423n4
opened
1 year ago
1
Redemptions during undercollateralization can be hot-swapped to steal all funds
#399
code423n4
opened
1 year ago
8
QA Report
#398
code423n4
closed
1 year ago
1
Unchecked erecover address is not 0
#397
code423n4
closed
1 year ago
7
Real Furnace and StRSR addresses can be added to the Distributor
#396
code423n4
closed
1 year ago
3
Gnosis trades may become stuck without external intervention
#395
code423n4
closed
1 year ago
5
Previous
Next