issues
search
code-423n4
/
2023-07-moonwell-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
revert reason not propagated properly
#307
code423n4
opened
12 months ago
5
QA Report
#306
code423n4
closed
11 months ago
2
QA Report
#305
code423n4
closed
11 months ago
2
ChainlinkOracle assumes that the assets of all USD denominated pair has 18 decimal places
#304
code423n4
opened
12 months ago
6
Lack of Transfer Check in ERC20 Operations
#303
code423n4
closed
11 months ago
2
if _rescueFunds was called with the address of a mToken, the admin would currently be able to sweep those tokens,
#302
code423n4
closed
11 months ago
3
No sequencer uptime check before querying Chainlink data on Base chain (L2)
#301
code423n4
closed
11 months ago
3
Analysis
#300
code423n4
opened
12 months ago
1
_setCloseFactor has no boundaries
#299
code423n4
opened
12 months ago
3
Analysis
#298
code423n4
opened
12 months ago
1
Analysis
#297
code423n4
opened
12 months ago
1
[ M ] Denial of Service in mintAllowed
#296
code423n4
closed
11 months ago
4
[ M ] MErc20Delegator.sol Not compliant with EIP-2612
#295
code423n4
closed
11 months ago
4
TemporalGovernor can't execute a proposal that sends ether since it can't receive ether
#294
code423n4
closed
11 months ago
2
[M] Signature maleability in mintWithPermit due to lack of checks on v, r and s
#293
code423n4
closed
11 months ago
2
Stale price can be used in ChainlinkOracle and ChainlinkCompositeOracle
#292
code423n4
closed
11 months ago
3
QA Report
#291
code423n4
closed
11 months ago
2
Improper use of the approve function can lead to front running attacks.
#290
code423n4
closed
11 months ago
5
[ H ] Infinite loop in calculateNewIndex prevents tokens from being minted and rewards from being distributed
#289
code423n4
closed
11 months ago
3
QA Report
#288
code423n4
opened
12 months ago
2
No check if L2 sequencer is down in ChainlinkOracle and ChainlinkCompositeOracle
#287
code423n4
closed
11 months ago
3
the transferAllowed function doesnt update the UpdateCompSupplyIndex
#286
code423n4
closed
11 months ago
3
Single-step process for ownership transfer
#285
code423n4
closed
11 months ago
3
`TemporalGovernor.sol` doesn't have a `receive` function, nor any payable function, which would make `_executeProposal` with `values` impossible
#284
code423n4
closed
11 months ago
3
Deprecated value used in oracle price function could lead to unexpected outcomes
#283
code423n4
closed
11 months ago
3
Missing minAnswer/maxAnswer circuit breaker in Chainlink Oracle
#282
code423n4
closed
11 months ago
5
Missing check of how recent the price is can lead to stale price being used in the protocol
#281
code423n4
closed
11 months ago
3
`executeProposal` in `TemporalGovernor.sol` doesn't check if the VAA is intended for the contract called as it should
#280
code423n4
closed
11 months ago
4
Updating the end time for an emission campaign does not correspond with the available rewards and supply speed
#279
code423n4
closed
11 months ago
4
Attacker can Steal all eths of WETHRouter.sol through redeem function
#278
code423n4
closed
11 months ago
3
Race condition in approve function can lead to more funds than intended being transferred
#277
code423n4
closed
11 months ago
4
`fastTrackProposalExecution` should only be callable when `TemporalGovernor` is paused
#276
code423n4
opened
12 months ago
3
None of the functions calling `_executeProposal` function are payable
#275
code423n4
closed
11 months ago
3
The whole reward distribution logic can become blocked because of out-of-gas error
#274
code423n4
opened
12 months ago
2
QA Report
#273
code423n4
opened
12 months ago
4
Oracle can return stale prices
#272
code423n4
closed
11 months ago
3
Incorrect liquidity calculations if snapshot errors occur
#271
code423n4
closed
11 months ago
3
`getPrice` will revert for tokens with more than 18 decimals
#270
code423n4
opened
12 months ago
6
Guardian could enforce the execution of VAA that is not meant for the TemporalGovernor via `fastTrackProposalExecution`
#269
code423n4
closed
11 months ago
2
Proposals which intend to send native tokens to target addresses can't be executed
#268
code423n4
opened
12 months ago
6
Users positions can be directly liquidated when the admin changes the `collateralFactorMantissa` from a higher value to a lower value
#267
code423n4
closed
11 months ago
8
Any extra reward tokens that accumulate in the contract remain locked there permanently.
#266
code423n4
closed
11 months ago
4
`getUnderlyingPrice` used in `Comptroller.sol` expects to return 0 for stale data or errors which is not the case
#265
code423n4
opened
12 months ago
3
First Depositor Attack is possible by front-running mip00 script execution
#264
code423n4
closed
11 months ago
7
QA Report
#263
code423n4
closed
12 months ago
1
QA Report
#262
code423n4
closed
12 months ago
1
QA Report
#261
code423n4
closed
12 months ago
1
QA Report
#260
code423n4
closed
12 months ago
1
QA Report
#259
code423n4
closed
12 months ago
1
QA Report
#258
code423n4
opened
12 months ago
3
Previous
Next