Open c4-bot-5 opened 3 months ago
0xRobocop marked the issue as sufficient quality report
0xRobocop marked the issue as high quality report
[L-01] TransparentUpgradeableProxy clashing selector calls may not be delegated This isn't a problem because there are no clashing selector calls right? I think this would be valid only if there was an existing problem. [L-02] Potential DoS in redeem functionality in case USDC enables Fees on transfer It is not realistic to assume this contract will work perfectly should the USDC or BUIDL token change in such a drastic manner [L-03] Lack of Enforced Timelock on Fee Updates This seems like a feature suggestion rather than a vulnerability. I believe the code is working as intended here [L-04] Risk of Funds Getting Stuck due to Minimum Redemption Amount Update See other response related to this issue (it is not fair to assume that this is the only way users can perform redemptions) [L-05] Precision loss from minting and redeeming rOUSG can be reduced Interesting, please provide a concrete example [L-06] Some functions can be vulnerable to Slippage See other response regarding slippage
cameronclifton marked the issue as disagree with severity
cameronclifton (sponsor) acknowledged
3docSec marked the issue as grade-a
Hi @3docSec,
L-04 is a dup of #44 and falls under #142 umbrella.
L-04 is a dup of https://github.com/code-423n4/2024-03-ondo-finance-findings/issues/44 and falls under https://github.com/code-423n4/2024-03-ondo-finance-findings/issues/142 umbrella.
Thanks for flagging ✅
See the markdown file with the details of this report here.