issues
search
code-423n4
/
2024-01-opus-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
yang Pair ID Validation Flaw for Tokens with Zero Decimal Values
#192
c4-bot-5
closed
7 months ago
3
Analysis
#191
c4-bot-5
closed
7 months ago
2
No way to take out initial_yang_amts after closing shrine
#190
c4-bot-3
closed
7 months ago
3
Analysis
#189
c4-bot-8
closed
7 months ago
2
The remainder does not require further precision reduction
#188
c4-bot-6
closed
7 months ago
3
Analysis
#187
c4-bot-6
opened
8 months ago
4
QA Report
#186
c4-bot-2
closed
7 months ago
2
Some assets remains unclaimable in caretaker module
#185
c4-bot-10
closed
7 months ago
7
`shrine.withdraw_helper` updates trove's deposit incorrectly
#184
c4-bot-10
closed
7 months ago
4
`shrine.update_rates's check` is not sufficient
#183
c4-bot-10
closed
7 months ago
5
`purger.get_liquidation_penalty_internal` doesn't conform with the document
#182
c4-bot-7
closed
7 months ago
5
Broken logic if users interact with the project directly and not via a smart contract (or AA)
#181
c4-bot-2
closed
7 months ago
3
`absorber.set_reward` should calls `absorber.bestow`
#180
c4-bot-2
closed
7 months ago
6
ERC4626 inflat issue mitigation is not sufficient
#179
c4-bot-9
opened
8 months ago
6
Analysis
#178
c4-bot-2
opened
8 months ago
4
Potential DOS when the number of redistributions is excessively large
#177
c4-bot-9
closed
7 months ago
4
Lack of validation in allocator. set_allocation function will cause incosistent behaviour.
#176
c4-bot-7
closed
7 months ago
4
Malicious user can manipualte baseInterestRate
#175
c4-bot-8
closed
7 months ago
3
Analysis
#174
c4-bot-2
closed
7 months ago
2
No initial validation for seer update frequency
#173
c4-bot-10
closed
7 months ago
3
The melt() function in the Abbot contract allows anyone to repay a user's debt.
#172
c4-bot-8
closed
7 months ago
4
User can withdraw assets from a trove without fully repaying the debt when closing the trove.
#171
c4-bot-7
closed
7 months ago
4
Analysis
#170
c4-bot-6
closed
7 months ago
2
Analysis
#169
c4-bot-4
closed
7 months ago
2
Analysis
#168
c4-bot-1
opened
8 months ago
3
Flashloan with unsupported tokens doesn't revert
#167
c4-bot-8
closed
7 months ago
3
Analysis
#166
c4-bot-5
opened
8 months ago
2
Incorrect handling of inner loop could lead to DoS
#165
c4-bot-1
closed
7 months ago
4
Off By One Error could lead to out of bounds access
#164
c4-bot-1
closed
7 months ago
4
Insufficient Error Handling in enter function
#163
c4-bot-1
closed
7 months ago
3
Insufficient validation of call_data parameter
#162
c4-bot-1
closed
7 months ago
3
Insufficient validation in allocate function
#161
c4-bot-4
closed
7 months ago
4
Insufficient validation in release function
#160
c4-bot-7
closed
7 months ago
5
Insufficient validation in normalize function
#159
c4-bot-1
closed
7 months ago
3
Insufficient validation in constructor
#158
c4-bot-4
closed
7 months ago
3
Insufficient validation in set_allocation_helper function
#157
c4-bot-5
closed
7 months ago
3
If just one of the tokens accepted as yang underlying tokens becomes non-transferable, recovery of all assets on system shutdown is going to fail
#156
c4-bot-7
closed
7 months ago
4
Incorrect Liquidation Thresholds Triggering False Positives
#155
c4-bot-8
closed
7 months ago
7
Insufficient validation in timelock calculations
#154
c4-bot-4
closed
7 months ago
3
QA Report
#153
c4-bot-8
closed
7 months ago
2
Incorrect Liquidation Thresholds Triggering False Positives
#152
c4-bot-5
closed
7 months ago
4
If the sequencer gets paused, asset price changes during the inactivity period may lead to mass liquidations once the sequencer is unpaused
#151
c4-bot-8
closed
7 months ago
3
Overly Strict Liquidation Conditions in Purger Causing False Positives
#150
c4-bot-8
closed
7 months ago
5
Overly Strict Liquidation Conditions in Purger Causing False Positives
#149
c4-bot-8
closed
7 months ago
3
Griefing: if pending forge transaction can be observed and frontrun, DoS can be created by a whale attacker who forges all available yin
#148
c4-bot-3
closed
7 months ago
3
Anyone can forge and use yin in interest-free way as long as they repay all debt in the same interval
#147
c4-bot-2
closed
7 months ago
3
Overly Strict Validation in Purger Leading to False Positives
#146
c4-bot-5
closed
7 months ago
3
By forcing the system to enter recovery mode, attacker can profit from liquidation previously healthy troves
#145
c4-bot-3
closed
7 months ago
6
Redistribution can be used to force invalid oracle price updates to enter the system
#144
c4-bot-3
closed
7 months ago
5
A user can steal from the shrine by forcing redistribution of their trove; due to incorrect logic trove debt will be reset but yangs kept
#143
c4-bot-7
opened
8 months ago
6
Previous
Next