issues
search
code-423n4
/
2024-05-predy-findings
9
stars
8
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Upgraded Q -> 2 from #259 [1719594465362]
#310
c4-judge
closed
2 months ago
2
Upgraded Q -> 2 from #254 [1719594414430]
#309
c4-judge
closed
2 months ago
2
Upgraded Q -> 2 from #254 [1719594348550]
#308
c4-judge
closed
2 months ago
2
Upgraded Q -> 2 from #252 [1719594295360]
#307
c4-judge
closed
2 months ago
2
Upgraded Q -> 2 from #253 [1719594215976]
#306
c4-judge
closed
2 months ago
2
Use of slot0 to get sqrtPriceX96 before performing swaps
#305
thebrittfactor
closed
2 months ago
4
Price calculation susceptible to flashloan attacks
#304
thebrittfactor
closed
2 months ago
5
Use of slot0 to get sqrtPriceLimitX96 can lead to price manipulation
#303
thebrittfactor
closed
2 months ago
4
No Protection of Uninitialized Implementation Contracts From Attacker
#302
howlbot-integration[bot]
closed
2 months ago
3
Use of `slot0()` to fetch prices can lead to price manipulation
#301
howlbot-integration[bot]
closed
2 months ago
4
No check for active L2 Sequencer
#300
howlbot-integration[bot]
closed
2 months ago
4
Missing check for the max/min price in `getSqrtPrice()`
#299
howlbot-integration[bot]
closed
2 months ago
1
Unset `deadline` allows for malicious swap executions.
#298
howlbot-integration[bot]
closed
2 months ago
1
Inadequate price validation in `getSqrtPrice()` results in usage of stale prices.
#297
howlbot-integration[bot]
closed
2 months ago
1
Unable to perform liquidation if vault `recipient` is blacklisted by `quotePool.token`
#296
howlbot-integration[bot]
closed
2 months ago
1
Incorrect Rounding in `calculateUsableTick` where negative tick values are rounded down instead of to the nearest multiple of `tickSpacing`.
#295
howlbot-integration[bot]
closed
2 months ago
5
Missing slippage control when adding/removing liquidity
#294
howlbot-integration[bot]
closed
2 months ago
3
Inflexible Twap `_ORACLE_PERIOD` leads to inadequate pricing of assets
#293
howlbot-integration[bot]
closed
2 months ago
1
Incorrect Limit Stop Order Validation.
#292
howlbot-integration[bot]
closed
2 months ago
1
Potential Use of Stale Prices in SqrtPrice Calculation in PriceFeed.sol
#291
howlbot-integration[bot]
closed
2 months ago
1
`Filler` is incorrectly tasked.
#290
howlbot-integration[bot]
closed
2 months ago
4
Incorrect `prices` would be returned for `negative ticks`
#289
howlbot-integration[bot]
closed
2 months ago
2
Liquidation may revert when the account is blacklisted
#288
howlbot-integration[bot]
closed
2 months ago
1
Chainlink stale price
#287
howlbot-integration[bot]
closed
2 months ago
1
Chainlink FlashCrash Price
#286
howlbot-integration[bot]
closed
2 months ago
1
Use of slot 0 is easy to manipulate
#285
howlbot-integration[bot]
closed
2 months ago
6
Hardcoded `VALID_TIME_PERIOD` is not suitable in all cases.
#284
howlbot-integration[bot]
closed
2 months ago
1
insufficient slippage specification in uniswap
#283
howlbot-integration[bot]
closed
2 months ago
1
UniV3 Oracle unsafe on L2s in event of Sequencer downtime
#282
howlbot-integration[bot]
closed
2 months ago
4
`updateFeeRatio()` does not collect previous fees before setting a new `feeRatio`
#281
howlbot-integration[bot]
closed
2 months ago
1
Missing deadline parameter in `swapExactIn` and `swapExactOut` functions in `UniswapSettlement.sol` allowing outdated slippage and allowing pending transactions to be executed unexpectedly
#280
howlbot-integration[bot]
closed
2 months ago
1
`callUniswapObserve` will show incorrect price for negative ticks because it does not round up for them
#279
howlbot-integration[bot]
closed
2 months ago
1
Use of slot0 can lead to price manipulations
#278
howlbot-integration[bot]
closed
2 months ago
1
Chainlink’s latestRoundData might return stale or incorrect results
#277
howlbot-integration[bot]
closed
2 months ago
1
Multiple instances of usage of `slot0` to calculate square root price, which is easily manipulatable
#276
howlbot-integration[bot]
closed
2 months ago
1
Malicious user can create positions that can never be liquidated, breaking protocol invariant
#275
howlbot-integration[bot]
closed
2 months ago
2
Using `block.timestamp` as deadline is dangerous
#274
howlbot-integration[bot]
closed
2 months ago
1
`PerpMarketLib::validateStopPrice` calculates the ratio of `oraclePrice` and `stopPrice` incorrectly
#273
howlbot-integration[bot]
closed
2 months ago
1
No `deadline` parameter on `swapExactIn` and `swapExactOut` can lead to less faourable swaps.
#272
howlbot-integration[bot]
closed
2 months ago
1
Improper Validation in PerpMarketV1: Reverting Mechanism Fails to revert an Invalid Trades
#271
howlbot-integration[bot]
closed
2 months ago
1
Filler can update `settlementWhitelist` through basemarketupgradeable.sol.
#270
howlbot-integration[bot]
closed
2 months ago
2
Lack of slippage protection in supply function leads staker receives less shares than expected
#269
howlbot-integration[bot]
closed
2 months ago
4
Missing slippage check in supply and withdraw function in PredyPool
#268
howlbot-integration[bot]
closed
2 months ago
4
Chainlink's `latestRoundData` may return a stale or incorrect result
#267
howlbot-integration[bot]
closed
2 months ago
1
Missing check for sequencer downtime in PriceFeed contract
#266
howlbot-integration[bot]
closed
2 months ago
4
Use of Potentially Stale Price Data from Pyth Oracle
#265
howlbot-integration[bot]
closed
2 months ago
1
No Sequencer Status Check in Price Feed Contract on Arbitrum L2
#264
howlbot-integration[bot]
closed
2 months ago
4
Lack of Chainlink Price Range Validation in PriceFeed Contract
#263
howlbot-integration[bot]
closed
2 months ago
1
`validateStopPrice()` is potentially flawed by wrong `value` parameter
#262
howlbot-integration[bot]
closed
2 months ago
3
Incorrect data is saved as `userPosition` during trade execution
#261
howlbot-integration[bot]
closed
2 months ago
3
Next