issues
search
code-423n4
/
2024-06-panoptic-validation
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
HM issue validation
#56
CloudEllie
opened
5 months ago
0
SFPM does not update `s_accountPremiumOwed` or 's_accountPremiumGross` accumulators while transferring position
#55
c4-bot-1
opened
5 months ago
0
JSON injection and xss through ERC20 symbol when generating `tokenUri`
#54
c4-bot-1
opened
5 months ago
0
M-02 from past audit not completely fixed. Users can still bypass solvency checks when settling long premium
#53
c4-bot-1
opened
5 months ago
0
Incorrect Validation for tickLimitLow and tickLimitHigh Causing Potential Slippage Check Failures
#52
c4-bot-8
opened
5 months ago
0
Lack of Validation for positionIdList in mintOptions Function Can Lead to Errors and Potential Exploits
#51
c4-bot-3
opened
5 months ago
0
Incorrect Validation in _updatePositionsHash Function Allows Exceeding Maximum Positions Limit by One
#50
c4-bot-10
opened
5 months ago
0
Inaccurate Collateral Calculation in _computeSpread Function Due to Insufficient Zero Difference Handling
#49
c4-bot-4
opened
5 months ago
0
Division by Zero in _computeSpread Function Leads to Potential Runtime Errors and Incorrect Collateral Calculations
#48
c4-bot-1
opened
5 months ago
0
Uninitialized Variable in _getRequiredCollateralSingleLegPartner Function May Lead to Incorrect Collateral Calculations
#47
c4-bot-5
opened
5 months ago
0
[M-01] Potential Division by Zero or Unintended Behavior Due to Close Asset Values in the `revoke` function
#46
c4-bot-9
opened
5 months ago
0
Unhandled return value of transferFrom in contracts/CollateralTracker.sol
#45
c4-bot-9
opened
5 months ago
0
Missing return values in `assertMinCollateralValues` function causes difficulty in slippage checks
#44
c4-bot-1
opened
5 months ago
0
The `tokenURI` function doesn't verify if a token ID is valid before returning its metadata. This means it could return data for a fake or non existent NFT.
#43
c4-bot-4
opened
5 months ago
0
Usage of `slot0` is extremely easy to manipulate
#42
c4-bot-7
opened
5 months ago
0
safeERC20Symbol() function will always revert when interating with tokens that returns bytes32 as Symbol
#41
c4-bot-8
opened
5 months ago
0
Approve race condition in Collateral Tracker
#40
c4-bot-10
opened
5 months ago
0
`_validatePositionList()` positionIdList can still lead to forgery
#39
c4-bot-1
opened
5 months ago
0
I will describe a smart way to exploit the smart contract's totalAssets()
#38
c4-bot-3
opened
5 months ago
0
Protocol is vulnerable to SVG JSON injection attacks
#37
c4-bot-9
opened
5 months ago
0
The issue around validating the position list from the previous audit seems to have not been fixed
#36
c4-bot-2
opened
5 months ago
0
getChainName()'s implementation is somewhat broken on the Blast chain.
#35
c4-bot-5
opened
5 months ago
0
`FactoryNFT#tokenURI()` does not comply with 721 since it doedne check if the tokenId is valid
#34
c4-bot-2
opened
5 months ago
0
Issue M-02 not correctly fixed since the check is not inclusive
#33
c4-bot-5
opened
5 months ago
0
Users solvency validation are being erroneously executed since they are done on the basis of wrong tick data
#32
c4-bot-5
opened
5 months ago
0
After EIP-3074 owners would be unable to withdraw due to the `msg.sender != owner` check
#31
c4-bot-7
opened
5 months ago
0
Usage of Low-Level .call() Function
#30
c4-bot-2
opened
5 months ago
0
The value of `FORCE_EXERCISE_COST` may be too low and make forced exercises very cheap
#29
c4-bot-10
opened
5 months ago
0
Lack of overflow validation allows manipulation of s_poolAssets leading to incorrect totalAssets calculation
#28
c4-bot-10
opened
5 months ago
0
Use of delegatecall in a payable function inside a loop
#27
c4-bot-4
opened
5 months ago
0
Array length should be checked in MetadataStore.sol.
#26
c4-bot-1
opened
5 months ago
0
QA Report
#25
c4-bot-3
opened
5 months ago
1
Sum vonalblity of smart contact
#24
c4-bot-6
opened
5 months ago
0
integer overflow.
#23
c4-bot-3
opened
5 months ago
0
the lack of access controls on certain functions
#22
c4-bot-3
opened
5 months ago
0
QA Report
#21
c4-bot-2
opened
5 months ago
1
The `startToken` function in the `CollateralTracker` contract is missing a critical modifier to ensure that only the associated Panoptic pool can call it
#20
c4-bot-7
opened
5 months ago
0
Pool deployment can be DoS'd through price manipulation
#19
c4-bot-5
opened
5 months ago
0
`s_poolAssets` underflow in `CollateralTracker.sol` will lead to protocol failure
#18
c4-bot-10
opened
5 months ago
0
Users should not be allowed to mint more positions than the limit
#17
c4-bot-6
opened
5 months ago
0
Inaccurate Premium Accounting in SFPM Due to Incomplete Data Updates in registerTokenTransfer.
#16
c4-bot-8
opened
5 months ago
0
UniswapV3 Callback Miscalculation in SFPM Risks Loss of Funds for Payers.
#15
c4-bot-3
opened
5 months ago
0
Integer Overflow in Pool ID Storage *unchecked Addition Can Lead to Incorrect Pool ID in SFPM
#14
c4-bot-5
opened
5 months ago
0
Integer Overflow in Metadata Access Logic ([bytes32("descriptions")])
#13
c4-bot-2
opened
5 months ago
0
Incorrect String Truncation in FactoryNFT Can Lead to Incomplete Panoptic Pool Addresses Within Metadata URI
#12
c4-bot-3
opened
5 months ago
0
Incorrect Assumption in FactoryNFT Can Lead to Reverts During Token URI Retrieval.
#11
c4-bot-5
opened
5 months ago
0
the issue type ragarding expect return value for approve, transfer and we adding transfer from.
#10
c4-bot-6
opened
5 months ago
0
Incorrect Event Emission in Redeem Function
#9
c4-bot-4
opened
5 months ago
0
Math.sol library uses the bitwise-xor operator instead of the exponentiation operator
#8
c4-bot-4
opened
5 months ago
0
There is couple of issues with the privius code.
#7
c4-bot-10
opened
5 months ago
0
Next