code-423n4 2024-05-bakerfi-findings issues

code-423n4 / 2024-05-bakerfi-findings

4 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

QA Report

#49 c4-bot-4 opened 5 months ago
4
_payDebt() Lack of slippage protection

#48 c4-bot-6 closed 5 months ago
3
ETHOracle.getLatestPrice need to convert to 18 decimals

#47 c4-bot-9 opened 5 months ago
3
First depositor can abuse exchange rate to steal funds from later depositors

#46 c4-bot-2 closed 5 months ago
2
QA Report

#45 c4-bot-9 opened 5 months ago
8
MEV bots can sandwich withdrawals from a Vault to extract funds from user's withdrawals

#44 c4-bot-6 closed 5 months ago
2
Attacker can DoS deposits to a new Vault

#43 c4-bot-3 closed 5 months ago
2
Incorrect integration with UniswapRouter causes all swaps to revert.

#42 c4-bot-5 closed 5 months ago
9
All supplied WETH to Aave as a deposit by a Strategy will be irrecoverable.

#41 c4-bot-1 opened 5 months ago
3
Incorrect formula to compute tokenPerETH rate renders unnusable the max deposit feature.

#40 c4-bot-4 closed 5 months ago
3
Vault is vulnerable to first depositor inflation attack.

#39 c4-bot-6 opened 5 months ago
3
When harvesting a strategy and adjusting the debt, all the leftover collateral that is not used to swap the withdrawn collateral from Aave for WETH to repay the flashloan will be locked and lost in the Strategy contract

#38 c4-bot-4 opened 5 months ago
9
Vault can be DoS

#37 c4-bot-10 opened 5 months ago
5
StrategyLeverage.harvest doesn't account flashloan fee

#36 c4-bot-3 opened 5 months ago
3
_repayAndWithdraw() _pendingAmount Incorrect calculation

#35 c4-bot-7 closed 5 months ago
4
_payDebt() quoteExactOutputSingle should use _swapFeeTier

#34 c4-bot-2 closed 5 months ago
6
_supplyAndBorrow() should not call setUserUseReserveAsCollateral(true) every time

#33 c4-bot-8 closed 5 months ago
4
Multiple swap lack slippage protection.

#32 c4-bot-7 opened 5 months ago
3
Using round down in flashFee() could potentially lead to flash loan failures.

#31 c4-bot-2 closed 5 months ago
3
deposit() incorrect use balanceOf(msg.sender)

#30 c4-bot-10 closed 5 months ago
3
deposit() afterDeposit calculation formula is incorrect.

#29 c4-bot-10 opened 5 months ago
3
wethLefts cannot be used

#28 c4-bot-8 closed 5 months ago
2
Anyone can trigger flashloan to a strategy

#27 c4-bot-9 closed 5 months ago
3
No slippage protection during the uniswap swap

#26 c4-bot-5 closed 5 months ago
2
StrategyAAVEv3WSTETH._convertToWETH won't work and user will not be able to withdraw

#25 c4-bot-2 closed 5 months ago
1
StrategyAAVEv3WstETH makes users to pay fee for unwrapping

#24 c4-bot-8 closed 5 months ago
3
Vault can be halted by malicious actor

#23 c4-bot-6 closed 5 months ago
2
Share price manipulation attack

#22 c4-bot-8 closed 5 months ago
2
Protocol receives less harvest fees

#21 c4-bot-7 opened 5 months ago
2
max deposit check works wrong

#20 c4-bot-6 closed 5 months ago
2
deposit/withdraw lack slippage protection

#19 c4-bot-3 closed 5 months ago
3
No check if sequencer is active

#18 c4-bot-4 closed 5 months ago
2
Missing slippage in the call to `exactInputSingle()` inside `UseSwapper::_swap()`

#17 c4-bot-9 closed 5 months ago
3
min and maxAnswer never checked for oracle price feed

#16 c4-bot-10 opened 5 months ago
6
Unhandled chainlink revert can lock price oracle access

#15 c4-bot-1 opened 5 months ago
10
Missing checks for whether the L2 Sequencer is active

#14 c4-bot-10 closed 5 months ago
7
Unused user funds not refunded after `exactInputSingle()` swap

#13 c4-bot-9 closed 5 months ago
7
Missing deadline in `UseSwapper::_swap()`

#12 c4-bot-10 closed 5 months ago
8
Rounding-down of `flashFee` can result in calls to flash loan to revert

#11 c4-bot-1 opened 5 months ago
3
`GovernableOwnable.sol` would have no `_governer` role after an individual upgrade

#10 c4-bot-2 closed 5 months ago
4
deposit can be DoS

#9 c4-bot-2 closed 5 months ago
1
deposit can be DoS

#8 c4-bot-4 closed 5 months ago
3
`deltaCollateralInETH` needs to be rounded up inside `calcDeltaPosition()`

#7 c4-bot-1 closed 5 months ago
4
An attacker can extract someone else's `ShareReward`

#6 c4-bot-6 closed 5 months ago
1
`rebalance()` calculates `sharesToMint` by rounding-down against the protocol's favour

#5 c4-bot-3 opened 5 months ago
6
User can withdraw in multiple calls with small amount to escape fee

#4 c4-bot-2 opened 5 months ago
7
Hardcoded uniswap fee tier may cause dos of harvest functionality

#3 c4-bot-8 closed 5 months ago
3
BalancerFlashLender#receiveFlashLoan does not validate the originalCallData

#2 c4-bot-7 opened 6 months ago
20
Agreements & Disclosures

#1 code4rena-id[bot] opened 6 months ago
0