issues
search
code-423n4
/
2024-01-salty-findings
4
stars
3
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Funds could stuck in `Pools.sol` contract
#966
c4-bot-2
closed
5 months ago
4
THE `Pools.swap` FUNCTION DOES NOT CHECK WHETHER THE POOL IS WHITELISTED AS STATED IN THE DOCUMENTATION
#965
c4-bot-2
closed
4 months ago
4
transferStakedSaltFromAirdropToUser will potentially grant users with no exchange access staked salt
#964
c4-bot-2
opened
5 months ago
4
USDS borrower cannot add collateral during cooldown even to avoid liquidation
#963
c4-bot-9
closed
4 months ago
6
finalizeBallot() Function Renders Contract Unusable on Certain Conditions
#962
c4-bot-9
closed
5 months ago
2
Analysis
#961
c4-bot-4
opened
5 months ago
2
THE `CollateralAndLiquidity.findLiquidatableUsers` FUNCTION DOES NOT CORRECTLY SELECT THE LIQUIDATABLE WALLETS DUE TO THE ROUNDING DOWN OF THE `minCollateralValue` AND `minCollateral` VALUES DURING CALCULATIONS
#960
c4-bot-5
closed
4 months ago
5
Analysis
#959
c4-bot-4
opened
5 months ago
1
The liquidity provider can fail to withdraw his liquidity if he gets blacklisted
#958
c4-bot-9
closed
5 months ago
1
Wrong calculation of virtual rewards can cause unfair reward distribution
#957
c4-bot-9
closed
4 months ago
9
Creation of a confirmation proposal can be blocked
#956
c4-bot-10
closed
4 months ago
9
BootstrapBallot can be DOS preventing the exchange from initializing at launch
#955
c4-bot-4
closed
4 months ago
6
Analysis
#954
c4-bot-8
opened
5 months ago
1
QA Report
#953
c4-bot-10
closed
5 months ago
1
If zapping fails or loses precision, some arbitrage profits will be stuck in DAO.sol
#952
c4-bot-7
closed
5 months ago
2
Rounding issue in adding/remove liquidity
#951
c4-bot-6
closed
5 months ago
2
Unsafe cast of virtualRewardsToAdd allows the attacker to steal rewards from other users.
#950
c4-bot-6
closed
5 months ago
1
Analysis
#949
c4-bot-1
opened
5 months ago
1
The first staker can get all of the staking rewards
#948
c4-bot-1
closed
5 months ago
3
QA Report
#947
c4-bot-1
opened
5 months ago
1
Analysis
#946
c4-bot-8
closed
5 months ago
1
An attacker is able to increase his collateral value by manipulating the reserves allowing him to mint more USDS
#945
c4-bot-8
closed
4 months ago
6
Analysis
#944
c4-bot-8
closed
5 months ago
1
Because CollateralAndLiquidity#liquidateUser will take into account the cooldown, any user can prevent themselves from being liquidated
#943
c4-bot-9
closed
5 months ago
2
Using BTC/USD and ETH/USD price feeds with Chainlink oracle will prevent PriceAggregator from working if there is a depeg
#942
c4-bot-3
closed
5 months ago
2
Pools with tokens with different decimals and low liquidity can be manipulated
#941
c4-bot-1
closed
5 months ago
17
approve() can cause permanent DoS during liquidity deposit for some tokens
#940
c4-bot-1
closed
4 months ago
6
tokenWhitelistingBallotWithTheMostVotes might return an incorrect value
#939
c4-bot-5
opened
5 months ago
3
Price aggregator will not show precise price feed
#938
c4-bot-1
closed
5 months ago
4
Front-running first deposit in a pool with an imbalanced deposit allow attacker to drain the pool value
#937
c4-bot-8
closed
4 months ago
14
Wrong comparison to give added liquidity always uses based on WETH reserves and never WBTC
#936
c4-bot-10
closed
5 months ago
1
Users may not be able to complete swaps, because arbitrage fails.
#935
c4-bot-9
closed
5 months ago
3
QA Report
#934
c4-bot-10
opened
5 months ago
1
Analysis
#933
c4-bot-2
closed
5 months ago
1
Gas Optimizations
#932
c4-bot-5
closed
5 months ago
1
QA Report
#931
c4-bot-5
closed
4 months ago
6
In depegging event of WBTC & WETH , there will be potential DOS
#930
c4-bot-6
closed
5 months ago
2
malicious users can front-run to cause a denial of service(DoS) for create proposals due to ballot name checks.
#929
c4-bot-1
closed
4 months ago
7
Gas Optimizations
#928
c4-bot-6
closed
5 months ago
1
Potential Overflow Issue in Reserves Update due to Unsafe Casting
#927
c4-bot-4
closed
4 months ago
8
Residual approvals will cause `_depositLiquidityAndIncreaseShare` to revert for some tokens (e.g USDT)
#926
c4-bot-3
closed
5 months ago
2
Integer Overflow in virtualRewardsToAdd Calculation
#925
c4-bot-3
closed
5 months ago
1
Attacker can liquidated users by manipulationg WETH/WBTC pool reserves
#924
c4-bot-3
closed
4 months ago
9
Frontrunning of Rewards in Newly Populated Pools
#923
c4-bot-9
closed
5 months ago
3
DoS: Liquidation of an Undercollateralized position might fail due to Cooldown period of Wallet
#922
c4-bot-9
closed
5 months ago
2
A user can prevent being liquidated by adding few wei of collateral just before liquidator call
#921
c4-bot-6
closed
5 months ago
2
lack of scaling decimal places of erc20 leads to break the protocol invariant
#920
c4-bot-5
closed
5 months ago
2
A user can vote for proposals and unstake right after to reduce the required quorum while maintaining its votes
#919
c4-bot-5
closed
5 months ago
3
QA Report
#918
c4-bot-7
opened
5 months ago
4
QA Report
#917
c4-bot-5
opened
5 months ago
1
Previous
Next