issues
search
code-423n4
/
2024-02-hydradx-findings
1
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Analysis
#205
c4-bot-2
opened
4 months ago
3
Analysis
#204
c4-bot-4
closed
4 months ago
2
QA Report
#203
c4-bot-2
opened
4 months ago
4
Incorrect checking for minimum pool liquidity in `stableswap` pallet
#202
c4-bot-1
closed
4 months ago
5
QA Report
#201
c4-bot-1
closed
4 months ago
2
Analysis
#200
c4-bot-7
closed
4 months ago
4
Potential Reentrancy Vulnerability in EMA Oracle Pallet
#199
c4-bot-5
closed
4 months ago
5
stableswap: The last LP can't remove all the liquidity (or all the shares)
#198
c4-bot-10
closed
4 months ago
11
QA Report
#197
c4-bot-10
opened
4 months ago
2
QA Report
#196
c4-bot-8
opened
4 months ago
2
Adversary can block adding liquidity due to reserve check
#195
c4-bot-2
closed
4 months ago
6
Analysis
#194
c4-bot-7
closed
4 months ago
6
Analysis
#193
c4-bot-2
closed
4 months ago
2
Mismatch of math specification and implementation might cause too little LRNA compensation
#192
c4-bot-10
closed
4 months ago
7
Circuit breaker is vulnerable to `on_finalize()` miss or fail, at risk of outdated trading or liquidity limit leading to over-trading
#191
c4-bot-9
closed
4 months ago
5
Missing slippage protection in `omnipool::add_liquidity` and `omnipool::remove_liquidity`
#190
c4-bot-8
closed
4 months ago
3
stableswap: add_liquidity should support minimal received shares protection
#189
c4-bot-8
closed
4 months ago
2
Omnipool's asset_weight_cap can be bypassed, resulting in an unhealthy state of the pool
#188
c4-bot-3
closed
4 months ago
7
omnipool: MaxOutRatio protections in buy should consider asset fees -- use amount_without_fee instead of asset_state.reserve
#187
c4-bot-10
closed
4 months ago
9
Users will receive 0 tokens after swap in a pool with low liquidity for one Token
#186
c4-bot-4
closed
4 months ago
4
Ema-oracle will ignore accumulator spot prices in some cases, resulting in incorrect ema prices
#185
c4-bot-5
closed
4 months ago
2
Analysis
#184
c4-bot-9
closed
4 months ago
3
omipool: update_hdx_subpool_hub_asset should ensure the input LRNA not excess MaxInRatio and protected by circuit breaker
#183
c4-bot-1
closed
4 months ago
7
QA Report
#182
c4-bot-4
closed
4 months ago
2
QA Report
#181
c4-bot-2
opened
4 months ago
2
Malicious users can DoS remove_token on all assets
#180
c4-bot-7
closed
4 months ago
5
Protocol fee is rounded incorrectly, allowing users to circumvent it
#179
c4-bot-4
closed
4 months ago
5
Analysis
#178
c4-bot-5
closed
4 months ago
3
omnipool: withdraw_protocol_liquidity should ensure spot price and EMAprice diff is not big
#177
c4-bot-1
closed
4 months ago
5
Users can MAKE EMA-Oracle price outdated with direct transfers to StableSwap
#176
c4-bot-2
opened
4 months ago
13
Stableswap pool is incompatible with some common stable coin(e.g. USDT) with an optional fee feature, and will have erroneous reserve accounting
#175
c4-bot-7
closed
4 months ago
5
omnipool: set_asset_tradable_state should ensure slot price if not far from oracle price when set an asset to safe withdraw mode
#174
c4-bot-10
closed
4 months ago
5
Users can be forced to pay higher withdrawal fee when calling `remove_liquidity`
#173
c4-bot-10
closed
4 months ago
2
`calculate_ann` function not calculating `amplification * n^n`
#172
c4-bot-7
closed
4 months ago
2
omnipool: remove_liquidity weight should add T::ExternalPriceOracle::get_price_weight()
#171
c4-bot-7
closed
4 months ago
3
Users can't withdraw liquidity if token value falls quickly
#170
c4-bot-8
closed
4 months ago
5
Ema-oracle will show an arbitrary asset price, even though the asset was completely removed from the omnipool
#169
c4-bot-10
opened
4 months ago
5
Analysis
#168
c4-bot-9
opened
4 months ago
2
omnipool: pool's weight cap can be break by front-running add_token which lacks relative check
#167
c4-bot-9
closed
4 months ago
8
omnipool: LP can get zero asset when withdraw liquidity with one share
#166
c4-bot-5
closed
4 months ago
3
Stableswap will calculate pool share price incorrectly if an asset has greater than 18 decimals, impacting ema oracle entries
#165
c4-bot-10
opened
4 months ago
3
Analysis
#164
c4-bot-6
closed
4 months ago
3
PoolFee of StableSwap can be bypassed allowing for a DOS of all swaps
#163
c4-bot-10
opened
4 months ago
8
An asset in stablepool can be DoS
#162
c4-bot-6
closed
4 months ago
3
It is possible that the tokens in the omnipool cannot be removed
#161
c4-bot-9
opened
4 months ago
4
Several important vulnerabilities are found in Crates
#160
c4-bot-3
closed
4 months ago
5
In several places, errors are not handled
#159
c4-bot-5
closed
4 months ago
3
Some functions lack slippage protection
#158
c4-bot-9
closed
4 months ago
8
Low reserves can lead to a user receiving more shares than intended
#157
c4-bot-10
closed
4 months ago
6
Malicious Authority can break key functionalities
#156
c4-bot-9
closed
4 months ago
6
Next