code-423n4 2023-12-ethereumcreditguild-findings issues

code-423n4 / 2023-12-ethereumcreditguild-findings

9 stars 5 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Upgraded Q -> 2 from #556 [1706974007287]

#1290 c4-judge closed 4 months ago
2
Upgraded Q -> 2 from #1212 [1706668026325]

#1288 c4-judge closed 4 months ago
3
Upgraded Q -> 2 from #808 [1706659279669]

#1287 c4-judge closed 4 months ago
4
Upgraded Q -> 2 from #808 [1706659262817]

#1286 c4-judge closed 4 months ago
4
Upgraded Q -> 2 from #765 [1706657343488]

#1285 c4-judge closed 4 months ago
2
Upgraded Q -> 2 from #712 [1706656573259]

#1284 c4-judge closed 4 months ago
3
Upgraded Q -> 2 from #628 [1706653623677]

#1283 c4-judge closed 4 months ago
3
Upgraded Q -> 2 from #514 [1706650157519]

#1282 c4-judge closed 4 months ago
3
Upgraded Q -> 2 from #496 [1706648420225]

#1281 c4-judge closed 4 months ago
2
Upgraded Q -> 2 from #481 [1706648292480]

#1280 c4-judge closed 4 months ago
2
Upgraded Q -> 2 from #332 [1706646042460]

#1279 c4-judge closed 4 months ago
3
Upgraded Q -> 2 from #258 [1706642045293]

#1278 c4-judge closed 4 months ago
3
Upgraded Q -> 2 from #258 [1706641869227]

#1277 c4-judge closed 4 months ago
3
Upgraded Q -> 2 from #258 [1706641667381]

#1276 c4-judge closed 4 months ago
4
Upgraded Q -> 2 from #556 [1706627592320]

#1275 c4-judge closed 4 months ago
2
Upgraded Q -> 3 from #556 [1706627549544]

#1274 c4-judge closed 4 months ago
2
Quorum can be changed between proposal creation and execution

#1273 c4-bot-10 closed 5 months ago
4
Vulnerability to first depositor pool frontrunning attack in PSM deployment

#1272 c4-bot-3 closed 5 months ago
4
Analysis

#1271 c4-bot-3 closed 4 months ago
3
Users can miss out on rebasing credit token rewards

#1270 c4-bot-10 closed 4 months ago
10
Incorrect constant used in deployment script

#1269 c4-bot-3 closed 4 months ago
8
Unexpected quorum changes can affect ongoing votes in `GuildVetoGovernor.sol`

#1268 c4-bot-8 closed 5 months ago
4
Gas Optimizations

#1267 c4-bot-4 closed 5 months ago
3
Functions with `onlyCoreRole(CoreRoles.GUARDIAN)` modifier will be unavailable when sequencer is down

#1266 c4-bot-4 closed 4 months ago
7
Rewards to GUILD token holders are sandwichable

#1265 c4-bot-10 closed 5 months ago
6
Reward dilution in `ERC20RebaseDistributor` through minimal token distribution

#1264 c4-bot-4 closed 5 months ago
3
Users wouldn't be able to unstake in `SurplusGuildMinter.sol` due to the restricted access placed on `ProfitManager.withdrawFromTermSurplusBuffer()`

#1263 c4-bot-9 closed 5 months ago
4
the call function also should have the wennotpause modifier too exactly like the borrow function

#1262 c4-bot-3 closed 5 months ago
3
QA Report

#1261 c4-bot-10 closed 4 months ago
4
The Credit Multiplier can be set to zero because of a loss.

#1260 c4-bot-3 closed 5 months ago
5
Reorg & Frontrunning Attack Vulnerability in `createTerm()`

#1259 c4-bot-4 closed 5 months ago
7
QA Report

#1258 c4-bot-1 opened 6 months ago
4
Public state-modifying `cancel()` function may lead to future vulnerabilties

#1257 c4-bot-10 closed 4 months ago
8
`transferFrom` still uses allowance even if `spender == from`

#1256 c4-bot-7 closed 4 months ago
6
Potential inconsistent state in `LendingTermOffboarding` can lead to redemptions remaining paused forever

#1255 c4-bot-8 closed 5 months ago
5
SurplusGuildMinter's operations can be DOS'ed if there exist enough active gauges

#1254 c4-bot-8 closed 5 months ago
3
No check for sequencer uptime can lead to dutch auctions failing or executing at bad prices

#1253 c4-bot-3 opened 6 months ago
8
Collateral is not returned to the borrower when partially repayed

#1252 c4-bot-5 closed 5 months ago
3
Gas Optimizations

#1251 c4-bot-3 closed 5 months ago
3
A Borrower can Use Fluctuations in Collateral Price to Call his Loans and Pay less Credit than the Actual Debt.

#1250 c4-bot-2 closed 5 months ago
4
Inability to withdraw funds for certain users due to `whenNotPaused` modifier in `RateLimitedMinter`

#1249 c4-bot-1 opened 6 months ago
6
The hardcoded `POLL_DURATION_BLOCKS` is way off on the mainnet and would be completely wrongly implemented on other chains

#1248 c4-bot-1 closed 5 months ago
4
Inability to unstake if the credit minter buffer is low

#1247 c4-bot-3 closed 4 months ago
11
Position of `++i` is wrong in `ERC20Gauges.sol#_decrementWeightUntilFree()` which would cause an infinite loop when the `if` condition is met

#1246 c4-bot-3 closed 5 months ago
4
Failed transfers in `LendingTerm.onBid()` will lead to protocol loss

#1245 c4-bot-10 closed 4 months ago
13
block.number means different things on different L2s

#1244 c4-bot-2 closed 4 months ago
11
DoS in `LendingTermOnboarding` via proposal creation and cancellation

#1243 c4-bot-10 closed 5 months ago
4
Accounting flaw in regards to `donateToSurplusBuffer()` when coupled with some credit tokens

#1242 c4-bot-4 closed 4 months ago
6
Underflow causes DOS of borrow function across all terms in a market

#1241 c4-bot-5 closed 5 months ago
3
`clock()` will not work properly for Arbitrum due to usage of `block.number`

#1240 c4-bot-7 closed 5 months ago
6