issues
search
code-423n4
/
2023-12-ethereumcreditguild-findings
9
stars
5
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Analysis
#1239
c4-bot-4
opened
6 months ago
2
Constant `BLOCKS_PER_DAY` inaccurate for L2 chains
#1238
c4-bot-7
closed
5 months ago
9
Analysis
#1237
c4-bot-3
closed
5 months ago
2
Calling the loan in the first auction phase will fail if the user is blacklisted which will create bad debt
#1236
c4-bot-6
closed
5 months ago
6
LendingTerm#getLoanDept() More openingFee is charged to loans that are partially repayed
#1235
c4-bot-1
closed
6 months ago
5
Signatures can be replayed with castVoteWithReasonAndParamsBySig() to cast more votes than the user intended
#1234
c4-bot-7
closed
5 months ago
3
No slipage protection or expiry on Mint and redeem function in SimplePSM
#1233
c4-bot-7
closed
5 months ago
3
A large enough loss will brick the protocol
#1232
c4-bot-3
closed
6 months ago
6
The `term` can be `re-onboarded` using a not allowed implementation
#1231
c4-bot-3
opened
6 months ago
8
Loss of rebasing rewards
#1230
c4-bot-9
closed
5 months ago
5
QA Report
#1229
c4-bot-4
closed
4 months ago
5
A Malicious Guild holder can propose the deployment of a malicious LoanTerm
#1228
c4-bot-4
closed
5 months ago
3
users can front run the `notifyLoss` call to unstake their credit and avoid getting slashed
#1227
c4-bot-4
closed
6 months ago
6
Missing whenNotPaused modifier for redeem
#1226
c4-bot-4
closed
5 months ago
5
Ongoing to be slashed gaugeWeight voters can re-delegate their governance votes until applyGaugeLoss() is called
#1225
c4-bot-4
closed
5 months ago
3
Cannot Transfer GuildToken If Loss Unapplied Even Though There Are Enough To-Be-Free Tokens
#1224
c4-bot-3
closed
5 months ago
8
QA Report
#1223
c4-bot-3
closed
5 months ago
3
User can manipulate his own userGaugeWeight to steal others' rewards from ProfitManager
#1222
c4-bot-3
closed
5 months ago
5
`ERC20MultiVotes.sol` does not allow delegation to `multiple` addresses.
#1221
c4-bot-3
closed
5 months ago
5
Callers can prevent ``setAuctionHouse` happening
#1220
c4-bot-2
closed
5 months ago
8
Manipulable CREDIT `totalSupply` allows by flashloaning in SimplePSM
#1219
c4-bot-10
closed
5 months ago
3
Absence of Sequencer Uptime check risks Dutch Auctions executing at poor prices
#1218
c4-bot-10
closed
5 months ago
6
ERC20RebaseDistributor : `burn an be DOSed due to underflow issue.
#1217
c4-bot-5
closed
5 months ago
5
Users may avoid gauge loss penalty by frontrunning the LendingTerm notifying loss
#1216
c4-bot-5
closed
6 months ago
6
User may make their loss to be unburnable by anyone
#1215
c4-bot-7
opened
6 months ago
4
Offboarded terms can still update PnL and mint credit tokens
#1214
c4-bot-5
closed
5 months ago
5
Users loose all GUILD tokens voted for a gauge by forced loss
#1213
c4-bot-9
closed
5 months ago
5
QA Report
#1212
c4-bot-1
closed
4 months ago
5
New user is able to gain ALL rewards since protocol launch
#1211
c4-bot-1
closed
5 months ago
8
The bid function can DOS on the second phase of the auction because of an underflow
#1210
c4-bot-2
closed
5 months ago
4
Extending distribution period , delays distribution of unminted rebase rewards
#1209
c4-bot-2
closed
5 months ago
3
All rewards are lost with moderate amount of GUILD tokens voted for a gauge
#1208
c4-bot-6
closed
5 months ago
5
Stakers can prevent losses by frontrunning bad debts.
#1207
c4-bot-5
closed
6 months ago
6
Missing Input Validation:
#1206
c4-bot-5
closed
5 months ago
3
Analysis
#1205
c4-bot-1
closed
5 months ago
2
Credit Multiplier DoS
#1204
c4-bot-6
closed
5 months ago
3
There is a risk of DoS attacks due to rate limits imposed on minting tokens
#1203
c4-bot-6
closed
5 months ago
4
User can auction on his own loan, receive all the collateral & cause a total loss to the protocol by paying nothing
#1202
c4-bot-5
closed
5 months ago
3
An attacker can sandwich transactions where profit is notified to profit from gauge rewards
#1201
c4-bot-1
closed
5 months ago
3
Borrowers can lose their collateral if a proposal for offboarding is approved in a short time
#1200
c4-bot-7
closed
5 months ago
4
A special attack idea
#1199
c4-bot-5
closed
5 months ago
3
Repayment of loan for Blacklisted Users Using USDC Collateral will result in DoS.
#1198
c4-bot-2
closed
5 months ago
10
A malicious actor can easily front-run `proposeOnboard` and cancel an unfavorable term
#1197
c4-bot-2
closed
5 months ago
5
THE UNDERLYING TOKEN DUST AMOUNT IS STUCK IN THE `SimplePSM` CONTRACT WHILE EXECUTING THE `SimplePSM.redeem` TRANSACTION
#1196
c4-bot-5
closed
4 months ago
5
_delegate function doesn't check for whitelisted address which will cause the function to act unexpectedly for the delegator.
#1195
c4-bot-6
closed
5 months ago
8
The userGaugeProfitIndex is not set correctly, allowing an attacker to receive rewards without waiting
#1194
c4-bot-7
opened
6 months ago
4
Gas Optimizations
#1193
c4-bot-7
closed
5 months ago
3
Guild token can be transferred at any time as there is no logic stopping it
#1192
c4-bot-8
closed
5 months ago
3
ERC20MultiVotes : `average` function would still susceptible for overflow issue.
#1191
c4-bot-8
closed
4 months ago
6
Analysis
#1190
c4-bot-8
closed
5 months ago
2
Previous
Next