issues
search
code-423n4
/
2023-10-ethena-findings
5
stars
5
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Upgraded Q -> 2 from #491 [1701115520323]
#738
c4-judge
closed
10 months ago
2
Upgraded Q -> 2 from #583 [1700600391503]
#737
c4-judge
closed
10 months ago
2
its possible to Grief user's cooldownEnd
#735
c4-submissions
opened
11 months ago
6
A fully blacklisted user can withdraw their funds
#734
c4-submissions
closed
11 months ago
5
QA Report
#733
c4-submissions
opened
11 months ago
2
Vesting amount is calculated incorrectly in StakedUSDe contract
#732
c4-submissions
closed
11 months ago
3
EthenaMinting.Order should be ordered by `nonce`.
#731
c4-submissions
opened
11 months ago
7
QA Report
#730
c4-submissions
closed
11 months ago
2
A caller with non-zero allowance from other users can DOS them
#729
c4-submissions
opened
11 months ago
6
QA Report
#728
c4-submissions
opened
11 months ago
2
QA Report
#727
c4-submissions
closed
11 months ago
2
Gas Optimizations
#726
c4-submissions
closed
11 months ago
2
Circumvention of soft staking restrictions in `StakedUSDeV2` through indirect ERC20 token transfers
#725
c4-submissions
closed
11 months ago
3
QA Report
#724
c4-submissions
opened
11 months ago
4
Analysis
#723
c4-submissions
opened
11 months ago
2
Gas Optimizations
#722
c4-submissions
opened
11 months ago
2
stakers can withraw reward without waiting the vesting period
#721
c4-submissions
closed
11 months ago
3
USER WILL SEND TRANSACTION GAS WHICH IS ONLY ENOUGH TO EXECUTE `StakedUSDeV2.unstake` FUNCTION SUCCESFULLY BUT NOT ENOUGH TO FULLY EXECUTE THE `silo.withdraw` THUS LOSING ALL USER FUNDS
#720
c4-submissions
closed
11 months ago
3
Tokens having `Fee-On-Transfer` are not considered which will make the protocol in retaining less value than expected.
#719
c4-submissions
closed
11 months ago
3
QA Report
#718
c4-submissions
opened
11 months ago
3
Gas Optimizations
#717
c4-submissions
closed
11 months ago
2
Users will retain possession of their USDe after redeeming collateral
#716
c4-submissions
closed
11 months ago
5
Gas Optimizations
#715
c4-submissions
opened
11 months ago
2
Unrestricted access to critical admin functions in `StakedUSDe` due to extremely flawed implementation in `SingleAdminAccessControl`
#714
c4-submissions
closed
11 months ago
6
In for a penny, in for ten quadrillion dollars
#713
c4-submissions
closed
11 months ago
3
Taking deposits hostage
#712
c4-submissions
closed
11 months ago
8
QA Report
#711
c4-submissions
opened
11 months ago
3
hardcoded route ratio might hcause verify route return false continously instead use >=
#710
c4-submissions
closed
11 months ago
4
`DEFAULT_ADMIN_ROLE` user has no access for the blacklist managing but should have
#709
c4-submissions
closed
11 months ago
4
Analysis
#708
c4-submissions
opened
11 months ago
3
Users with `FULL_RESTRICTED_STAKER_ROLE` can unstake assets due to lack of user role check at the unstaking functionality
#707
c4-submissions
closed
10 months ago
6
Staking functionality temporary blocking due to lack of address zero check
#706
c4-submissions
closed
11 months ago
3
Temporary DOS attack on all the users minting and redeeming.
#705
c4-submissions
closed
11 months ago
3
`StakedUSDe.totalSupply()` may decrease below `MIN_SHARES` by `StakedUSDe.redistributeLockedAmount`.
#704
c4-submissions
closed
11 months ago
9
DoS of the staking functionality due to the check of minimum total supply
#703
c4-submissions
closed
11 months ago
4
Wrong estimation of acceptable risk of the protocol losses
#702
c4-submissions
closed
11 months ago
3
Analysis
#701
c4-submissions
opened
11 months ago
2
Unchecked return value when calling ERC20's `transfer` function inside `withdraw` function of `USDeSilo.sol`. It is unsafe transfer of ERC20 tokens.
#700
c4-submissions
closed
11 months ago
3
There is no check for collateral token in mint matches same in withdraw
#699
c4-submissions
closed
11 months ago
3
User could not withdraw all his assets
#698
c4-submissions
opened
11 months ago
5
SOFT_RESTRICTED_STAKER_ROLE is able to withdraw stUSDe for USDe even if it shouldnt
#697
c4-submissions
closed
11 months ago
4
bad Actor can block the operation of mint by creating duplicate order by frunt runing original order
#696
c4-submissions
closed
11 months ago
3
Analysis
#695
c4-submissions
opened
11 months ago
2
Reentrancy opened for any contract that calls the withdraw function
#694
c4-submissions
closed
11 months ago
3
Gas Optimizations
#693
c4-submissions
opened
11 months ago
2
in the verify route the order type should not be ordertype.REDEEM and function should return false but returns true.
#692
c4-submissions
opened
11 months ago
5
Gas Optimizations
#691
c4-submissions
closed
11 months ago
2
Temporary DOS attack on users minting and redeeming big amount using `EthenaMinting.sol`
#690
c4-submissions
closed
11 months ago
3
Rewards transfer In fail
#689
c4-submissions
closed
11 months ago
4
QA Report
#688
c4-submissions
closed
11 months ago
3
Next