code-423n4 2023-02-kuma-findings issues

code-423n4 / 2023-02-kuma-findings

2 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Upgraded Q -> 2 from #19 [1677669261110]

#38 c4-judge closed 1 year ago
3
Upgraded Q -> 2 from #19 [1677669238372]

#37 c4-judge closed 1 year ago
3
Upgraded Q -> 2 from #18 [1677668571999]

#36 c4-judge closed 1 year ago
2
Upgraded Q -> 2 from #7 [1677668529704]

#35 c4-judge closed 1 year ago
2
KUMAFeeCollector - duplicate payee can be added

#34 code423n4 closed 1 year ago
7
KUMASwap.buyBond :- Clone token + KUMABondToken transfer for a single KUMABondToken id.

#33 code423n4 closed 1 year ago
7
Multiple KBCTokens can be minted fir single KUMABondToken id.

#32 code423n4 closed 1 year ago
2
Bonds can be sold as soon as the contract is initialized hence bypassing the fees

#31 code423n4 closed 1 year ago
7
KIBToken: Unexpected reverts of `_calculateCumulativeYield` & `_calculatePreviousEpochCumulativeYield`

#30 code423n4 closed 1 year ago
8
KUMASwap.buyBond() is vulnerable to being used for reentry attacks

#29 code423n4 opened 1 year ago
4
KUMASwap.buyBond() is vulnerable to being used for reentry attacks

#28 code423n4 closed 1 year ago
2
KUMASwap.buyBond() is vulnerable to being used for reentry attacks

#27 code423n4 closed 1 year ago
2
KIBToken: `setEpochLength` & `refreshYield` will revert until first epoch

#26 code423n4 closed 1 year ago
7
Doubling of KIBToken balances

#25 code423n4 closed 1 year ago
6
Gas Optimizations

#24 code423n4 opened 1 year ago
3
KUMAFeeCollector may emit wrong FeeReleased event

#23 code423n4 opened 1 year ago
5
KUMABondToken.approve() should revert if the owner of the tokenId is blacklisted

#22 code423n4 opened 1 year ago
5
Gas Optimizations

#21 code423n4 opened 1 year ago
4
Improper Handling of Price Divergence

#20 code423n4 opened 1 year ago
8
QA Report

#19 code423n4 opened 1 year ago
5
QA Report

#18 code423n4 opened 1 year ago
3
Inexistent Slippage Protection

#17 code423n4 opened 1 year ago
14
Inexistent Slippage Protection

#16 code423n4 closed 1 year ago
1
Re-Entrant Bond Purchase Flow

#15 code423n4 opened 1 year ago
11
QA Report

#14 code423n4 opened 1 year ago
5
KUMAFeeCollector.changePayees() executes incorrectly when newPayees contains duplicate items

#13 code423n4 opened 1 year ago
6
Adversary can frontrun reference rate increases to dump low yield bonds on KUMASwap

#12 code423n4 closed 1 year ago
11
Price feed in MCAGRateFeed#getRate is not sufficiently validated and can return stale price

#11 code423n4 opened 1 year ago
8
KUMASwap incorrectly reverts when when _maxCoupons has been reached

#10 code423n4 opened 1 year ago
4
Centralization Risk for trusted owners

#9 code423n4 opened 1 year ago
6
KIBToken._transfer() did not correctly handle the case where from is the same as to

#8 code423n4 closed 1 year ago
3
QA Report

#7 code423n4 opened 1 year ago
3
Unnecessary precision loss in redeemKIBT()

#6 code423n4 closed 1 year ago
1
Unnecessary precision loss in redeemKIBT()

#5 code423n4 opened 1 year ago
7
TRANSFERING KIBToken TO YOURSELF INCREASES YOUR BALANCE

#4 code423n4 closed 1 year ago
1
TRANSFERING KIBToken TO YOURSELF INCREASES YOUR BALANCE

#3 code423n4 opened 1 year ago
7
Artificial Inflation of Interest-Bearing Balances

#2 code423n4 closed 1 year ago
4
Agreements & Disclosures

#1 code423n4 opened 1 year ago
0