Open c4-bot-9 opened 3 months ago
hansfriese marked the issue as grade-a
hansfriese marked the issue as selected for report
C4 staff have removed the selected for report
label until QA votes are finalized.
+2 for #102, #19
For awarding purposes, C4 staff have marked as 1st place
and selected for report
.
[L-1] There should be a grace period for repayment. Low
[L-2] Users cannot borrow USDC from a lender who has less than the minimumCreditBorrowAToken amount of borrowA tokens. Upgraded to Medium - #423
[L-3] The buyCreditMarket transaction can be reverted due to an amount check. Upgraded to Medium - #423
[L-4] The validateVariablePoolHasEnoughLiquidity check in the buyCreditMarket function is incorrect. Upgraded to Medium - #424
[L-5] When the protocol is paused, debt positions can become overdue because repayments are also paused. Known issue from ReadMe
[L-6] Lenders can potentially lose funds in the buyCreditMarket function. Low
[L-7] Users who have a loan offer should have some USDC to create a loan. Low
[L-8] The isMulticall flag is not correctly reset to false in the multicall function. Low
plus 2 downgraded Lows(#102 and #19)
Just a note that C4 is excluding the invalid entries from the official report.
See the markdown file with the details of this report here.