issues
search
code-423n4
/
2023-07-pooltogether-findings
12
stars
7
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Integer Overflow Vulnerability in `canaryPrizeCount` Function and Insecure Pseudo-Random Number Generation in `calculatePseudoRandomNumber` Function.
#279
code423n4
closed
1 year ago
1
Vaults are vulnerable to inflation attacks
#278
code423n4
closed
1 year ago
8
Potential Integer Overflow in `canaryPrizeCount` function could result in incorrect calculation results.
#277
code423n4
closed
1 year ago
1
Inaccurate Estimation of Prize Frequency.
#276
code423n4
closed
1 year ago
1
Incorrect Calculation of Tier Odds in `getTierOdds` Function.
#275
code423n4
closed
1 year ago
1
Gas Optimizations
#274
code423n4
closed
1 year ago
1
Invalid Draw Range Vulnerability in getDisbursedBetween, the subsequent check for `_endDrawId < drawIds.first`.
#273
code423n4
closed
1 year ago
2
Missing check for zero shares minted when users deposit into a vault
#272
code423n4
opened
1 year ago
3
When expanding the number of tiers during a new draw, the prizeTokenPerShare of the new Tiers is not the right one
#271
code423n4
closed
1 year ago
3
Anyone can steal assets from a vault by abusing the deposit logic
#270
code423n4
closed
1 year ago
3
QA Report
#269
code423n4
closed
1 year ago
1
Consider using OpenZeppelin’s SafeCast library to prevent unexpected overflows when casting from uint256
#268
code423n4
closed
1 year ago
2
`convertToShares` and `convertToAssets` in `Vault.sol` are not compliant with EIP4626 in the case of undercollateralization
#267
code423n4
closed
1 year ago
4
Gas Optimizations
#266
code423n4
closed
1 year ago
1
_mint Function Allows Zero Address as Receiver, Resulting in Token Loss
#265
code423n4
closed
1 year ago
1
Vault assets stealing due to not fully EIP-4626 compliantness
#264
code423n4
closed
1 year ago
11
Missing access control in Vault.sponsor allows anyone to revoke other user's chance to win
#263
code423n4
closed
1 year ago
2
_openDrawStartedAt() calculation is wrong
#262
code423n4
closed
1 year ago
4
First depositor can break share
#261
code423n4
closed
1 year ago
1
Vault.sol is not EIP-4626 compliant
#260
code423n4
closed
1 year ago
5
Tokens with Phantom permit functions breaks the purpose of permits and thereby breaking composability
#259
code423n4
closed
1 year ago
4
Revert on Loss until Loss is fully repaid for Yearn V3
#258
code423n4
opened
1 year ago
6
`ApproveMax` will not work for some tokens that don't support approve `type(uint256).max` amount.
#257
code423n4
closed
1 year ago
1
Exchange Rate Change in Case of Lossy Strategy will cause the Vault to Undercollateralized for generic ERC4626 Yield Vaults
#256
code423n4
opened
1 year ago
6
Order of Operations Allows Reentrancy Attack in `increaseReserve` Function
#255
code423n4
closed
1 year ago
2
Gas Optimizations
#254
code423n4
opened
1 year ago
2
Anyone can be drawManager and steal funds with withdrawReserve
#253
code423n4
closed
1 year ago
2
Exchange Rate Change in Case of Lossy Strategy will cause the Vault to Undercollateralized for generic ERC4626 Yield Vaults
#252
code423n4
closed
1 year ago
1
Some tokens may revert when zero value transfers are made (Addendum)
#251
code423n4
closed
1 year ago
4
In `Vault.sol`, Math rounding is not ERC4626-complicant: `_convertToAssets()` should round up and `_convertToShares` should round down. `maxWithdraw` and `maxRedeem` does not completely adhere to EIP-4626
#250
code423n4
closed
1 year ago
10
Tokens with Phantom permit functions breaks the purpose of permits and thereby breaking composability
#249
code423n4
closed
1 year ago
1
Front-Running Risk in setDrawManager Function
#248
code423n4
closed
1 year ago
2
Gas Optimizations
#247
code423n4
opened
1 year ago
2
prb-math library is not audited and needs to be carefully trusted
#246
code423n4
closed
1 year ago
11
Anyone can call mintYieldFee
#245
code423n4
closed
1 year ago
2
Unrestricted `DrawManager` Assignment
#244
code423n4
closed
1 year ago
2
Silent overflow could alter computation when calculating the vaultPortion in the PrizePool contract
#243
code423n4
opened
1 year ago
5
Vault funds can be stealable by sending more amounts than vault funds.
#242
code423n4
closed
1 year ago
1
Anybody can forcefully set the SPONSORSHIP_ADDRESS to be a delegate of anybody else, and all the delegateBalance will be transferred from the current delegate to the SPONSORSHIP_ADDRESS
#241
code423n4
closed
1 year ago
3
Missing deadline protection
#240
code423n4
closed
1 year ago
4
Vault's Owners can deploy fake PrizePools & TwabControllers contracts that can contain logic to cheat on users and alter the balances to get away with all the Prizes & potentially steal all the users underlying assets
#239
code423n4
closed
1 year ago
3
`VaultFactory` is suspicious of the reorg attack
#238
code423n4
closed
1 year ago
2
`liquidate` calls `_increaseYieldFeeBalance` with incorrect value
#237
code423n4
closed
1 year ago
5
`mintYieldFee` allows anyone to steal yield fees
#236
code423n4
closed
1 year ago
2
Vault owner can frontrun `liquidate` to control value to `yieldFeeRecipient_`
#235
code423n4
opened
1 year ago
5
Vault owner can frontrun `liquidate` to control value to `yieldFeeRecipient_`
#234
code423n4
closed
1 year ago
2
Rug risk: Vault owner has full control over deposited assets
#233
code423n4
closed
1 year ago
2
Liquidator can liquidate the max amout of _liquidableYield for as low as 1 wei of PrizeTokens
#232
code423n4
closed
1 year ago
8
Vault.sol is not fully up to EIP-4626's specification
#231
code423n4
closed
1 year ago
2
Contracts are vulnerable to fee-on-transfer-token-related accounting issue (Addendum)
#230
code423n4
closed
1 year ago
4
Previous
Next