issues
search
code-423n4
/
2024-03-dittoeth-findings
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Lower redemption fees paid due to manipulated debt redemption values.
#205
c4-bot-2
closed
4 months ago
6
Impact: Out-of-bounds access may lead to failed disputes or incorrect resolutions.
#204
c4-bot-4
closed
5 months ago
5
QA Report
#203
c4-bot-10
closed
5 months ago
3
Error in the assembly code for LibBytes::readProposalData leads to downstream effects
#202
c4-bot-9
closed
5 months ago
7
QA Report
#201
c4-bot-2
opened
5 months ago
4
Analysis
#200
c4-bot-2
closed
4 months ago
2
Delayed redemptions, increased gas costs, and system congestion from spamming.
#199
c4-bot-2
closed
4 months ago
8
Increased gas costs and system slowdowns from orderbook congestion and inefficient matching.
#198
c4-bot-2
closed
4 months ago
4
Insufficient TAPP funding risks system stability, user fund loss, and trust erosion.
#197
c4-bot-8
closed
5 months ago
4
Users risk financial losses or discrepancies due to flawed deposit processes.
#196
c4-bot-2
closed
4 months ago
4
Financial losses for users possible due to inaccurate liquidations or redemptions.
#195
c4-bot-9
closed
4 months ago
4
Gas Optimizations
#194
c4-bot-9
closed
5 months ago
3
Risk of Financial Loss Due to Chainlink Price Feed Fallback Vulnerability
#193
c4-bot-4
closed
4 months ago
9
malicious shorter can escape liquidation of their unhealthy positions
#192
c4-bot-3
closed
4 months ago
4
Failure to update Oracle due to rounding issue leading incorrectness of the orderbook
#191
c4-bot-7
closed
4 months ago
4
Bad debt socialisation can lead to premature liquidation of healthy positions that exit partially.
#190
c4-bot-5
closed
4 months ago
9
Incorrect Price Conversion Due to Decimal Precision Discrepancy
#189
c4-bot-5
closed
5 months ago
4
increaseCollateral() function makes shorter lose yield
#188
c4-bot-1
closed
4 months ago
6
QA Report
#187
c4-bot-9
closed
5 months ago
3
Shorters could never get yield
#186
c4-bot-3
closed
4 months ago
4
Potential loss of collateral due to short order matching in exit process
#185
c4-bot-7
closed
5 months ago
4
Withdraw deth from other vault gone wrong
#184
c4-bot-7
closed
5 months ago
5
Bridge Update not done Deposit Function
#183
c4-bot-3
closed
5 months ago
4
QA Report
#182
c4-bot-10
opened
5 months ago
6
QA Report
#181
c4-bot-4
closed
5 months ago
3
Possible Denial of Service in Redemption Proposal Processing Due to Underflow in Debt Rate Calculation
#180
c4-bot-10
closed
4 months ago
6
Division before multiplication leads to lower `dittoMatchedShares` due to precision loss
#179
c4-bot-9
closed
4 months ago
4
An attacker can cancel other people's short orders
#178
c4-bot-1
opened
5 months ago
6
Reverting on Liquidation Error can cause a the system to underflow
#177
c4-bot-7
closed
4 months ago
3
External Oracle Manipulation can influence the oracle price to create favorable conditions
#176
c4-bot-10
closed
4 months ago
4
Dispute Period Manipulation to Prevent Disputes from being Submitted in Time
#175
c4-bot-6
closed
4 months ago
6
transferShortRecord: Can transfer a newly created ShortRecord using a previously minted NFT
#174
c4-bot-5
opened
5 months ago
12
Possible DOS on deposit(), withdraw() and unstake() for BridgeReth, leading to user loss of funds
#173
c4-bot-8
closed
4 months ago
4
QA Report
#172
c4-bot-4
closed
5 months ago
3
Fluctuating collateral value during redemption proposal dispute period exposes the redeemer or protocol to potential gains or losses depending on the asset price movement
#171
c4-bot-10
closed
4 months ago
9
`Malicious user` can get `dittoMatchedShares` at will from a non-empty order book
#170
c4-bot-7
closed
4 months ago
12
Users receiving extra `ETH`, whether as `Liquidator` or `Redeemer`, will incur fees when withdrawing
#169
c4-bot-5
closed
4 months ago
8
Liquidation or Redemption of `ShortRecords` in `PartialFill` status without associated `Short` will be reverted
#168
c4-bot-7
closed
5 months ago
4
`Malicious Shorter` can combine their `shortRecords` to avoid Liquidation
#167
c4-bot-5
closed
4 months ago
9
`VaultUser.bridgeCredit` does not decrease when `ETH` is lost due to `Liquidation` or `Redemption`, causing incorrect tally in `BridgeRouter`
#166
c4-bot-4
closed
4 months ago
6
`MaliciousShorter` can evade being redeemed or liquidated, leaving the `ShortRecord` exposed in the `OrderBook`
#165
c4-bot-8
closed
5 months ago
4
oracleCircuitBreaker: Not checking if price information of asset is stale
#164
c4-bot-9
opened
5 months ago
11
The `short` debt is not updated when disputing in `RedemptionFacet::disputeRedemption`
#163
c4-bot-3
closed
5 months ago
4
Gas Optimizations
#162
c4-bot-1
closed
5 months ago
3
Frontrunning withdrawal transactions and depositing token on the bridge can DoS a user's withdrawal
#161
c4-bot-1
closed
4 months ago
4
Not updating the Shorter collateral ratio while exitShort, result into less share rewards for shorter.
#160
c4-bot-9
closed
5 months ago
6
`Shorter` can evade dispute by chance or intentionally by increasing collateral before the `Disputer` transaction
#159
c4-bot-8
closed
4 months ago
8
A `short` order can be registered with an `ETH` value lower than `minAskEth` making the `short order` unattractive to liquidators
#158
c4-bot-1
closed
5 months ago
4
Bad actor can strategically create redemption proposals to eliminate competing proposals
#157
c4-bot-7
closed
4 months ago
6
`MaliciousShorter` can increase his collateral before the redeemer proposal causing the redeemer to be disputable and the `maliciousShorter` to obtain at will the penalty amount
#156
c4-bot-8
closed
4 months ago
8
Previous
Next