issues
search
code-423n4
/
2024-07-reserve-validation
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Stale Backup Configuration May Lead to Basket Switching Failures (`BasketHandlerP1::setBackupConfig`)
#66
c4-bot-6
closed
1 month ago
0
Inconsistent State Handling in `BasketHandlerP1::refreshBasket()` Can Lead to Permanent Basket Disablement
#65
c4-bot-10
closed
1 month ago
0
Malicious users can manipulate redemption values through portion sum exploitation (`BasketHandlerP1::quoteCustomRedemption`)
#64
c4-bot-5
closed
1 month ago
0
Incorrect Balance Update in `FurnaceP1::melt()` Will Lead to Reduced RToken Melting Over Time
#63
c4-bot-1
opened
2 months ago
0
Malicious actors can exploit race condition in `RevenueTraderP1::returnTokens()` and `RevenueTraderP1::manageTokens()` to cause inconsistent state and potential loss of funds
#62
c4-bot-2
closed
1 month ago
0
Malicious actors can exploit stale prices to manipulate trades (`RevenueTraderP1::manageTokens`)
#61
c4-bot-3
closed
1 month ago
0
Silent Failure in `settleTrade` Can Lead to Incomplete Operations and Stuck Funds (`RevenueTraderP1::settleTrade`)
#60
c4-bot-8
opened
2 months ago
0
Unintended Token Transfer Can Disrupt Distribution Process (`RevenueTraderP1::returnTokens`)
#59
c4-bot-6
opened
2 months ago
0
Users can receive incorrect redemption amounts leading to under-collateralization (`RTokenP1::redeemCustom`)
#58
c4-bot-9
closed
1 month ago
0
Incorrect Handling of `amtBaskets` During Initial Issuance May Lead to State Inconsistencies (`RTokenP1::issueTo`)
#57
c4-bot-7
closed
1 month ago
0
Incorrect Validation of `portions` Array Can Lead to Under-Collateralization (`RToken::redeemCustom`)
#56
c4-bot-7
closed
1 month ago
0
BaskedHandler.sol init will revert when upgrading contract
#55
c4-bot-6
closed
1 month ago
0
QA Report
#54
c4-bot-8
closed
1 month ago
0
Exchange rate calculation exploit via Stake/Unstake
#53
c4-bot-6
opened
2 months ago
0
Incorrect rounding direction in `_scaleDown` Rtoken
#52
c4-bot-1
closed
1 month ago
2
QA Report
#51
c4-bot-5
closed
1 month ago
0
melt function can be called by anyone front running some important action of the system
#50
c4-bot-3
closed
1 month ago
2
`payoutRewards` function can be called directly in the stRSR possibly altering the normal behavior of the protocol.
#49
c4-bot-10
closed
1 month ago
0
Incorrect Validation of `portions` Sum May Lead to Incorrect Redemptions (`RTokenP1::redeemCustom`)
#48
c4-bot-2
closed
1 month ago
0
Malicious users can extract excess RSR due to incorrect rate calculations (`StRSRP1::unstake` and `StRSRP1::withdraw`)
#47
c4-bot-10
opened
2 months ago
0
BackingManager can seize more RSR than intended due to calculation error (`StRSRP1::seizeRSR()`)
#46
c4-bot-10
opened
2 months ago
0
Improper State Management in `rebalance()` Function Can Lead to Incorrect Trade State (`BackingManagerP1::rebalance`)
#45
c4-bot-8
closed
1 month ago
0
Attacker can Inflate RToken Supply (`BackingManagerP1::forwardRevenue`)
#44
c4-bot-7
closed
1 month ago
0
Malicious users can manipulate redemption throttle to bypass redemption limits (`RTokenP1::issueTo`)
#43
c4-bot-8
closed
1 month ago
0
Attacker can manipulate auction outcome by exploiting rounding in clearingPrice calculation (`GnosisTrade::settle`)
#42
c4-bot-7
opened
2 months ago
0
Attacker can manipulate token balances to affect auction settlement (`GnosisTrade::settle`)
#41
c4-bot-8
closed
1 month ago
0
QA Report
#40
c4-bot-2
closed
1 month ago
0
`_writeCheckpoint` does not write to storage on the same block.
#39
c4-bot-3
closed
1 month ago
0
Throttle rate is applied incorrectly.
#38
c4-bot-1
opened
2 months ago
0
Reentrancy Vulnerability in `AssetRegistry::refresh`
#37
c4-bot-9
closed
1 month ago
0
Reentrancy Vulnerability in `Distributor::_setDistribution` function
#36
c4-bot-8
closed
1 month ago
0
Admin can't set throttle amount as zero.
#35
c4-bot-2
opened
2 months ago
0
issue and redeem can be called in the same timestamp allowing an attacker to manipulate some state variables
#34
c4-bot-2
closed
1 month ago
0
Potential Risk that Deprecated Assets can be Used as Valid Ones
#33
c4-bot-9
opened
2 months ago
0
Misallocation of reserved space, which will lead to a storage collision when updating the contracts concerned.
#32
c4-bot-4
closed
1 month ago
0
Gas Optimizations
#31
c4-bot-1
closed
1 month ago
0
QA Report
#30
c4-bot-8
closed
1 month ago
0
Running external rebalancing might be delayed even after a Dutch auction has already been settled
#29
c4-bot-6
closed
1 month ago
0
Gas Optimizations
#28
c4-bot-9
closed
1 month ago
0
Unprotected settleTrade function in RevenueTrader.sol
#27
c4-bot-8
closed
1 month ago
0
Unprotected function manageTokens in RevenueTrader.sol
#26
c4-bot-1
closed
1 month ago
0
Using length of array in loop
#25
c4-bot-10
closed
1 month ago
0
StRSRVotes owners can block token burning and transfers.
#24
c4-bot-5
closed
1 month ago
0
Security Report: Public Accessibility of `refresh` Function
#23
c4-bot-2
closed
1 month ago
0
Gas Optimizations
#22
c4-bot-7
closed
1 month ago
0
Precision loss when calculating the transfer amount inside the distribute function of the Distributor contract
#21
c4-bot-3
opened
2 months ago
0
Precision loss when calculating the transfer amount inside the distribute function of the Distributor contract
#20
c4-bot-3
closed
1 month ago
0
delegateBySig() does not validate the delegatee address, malicious user can lock other user's NFT(funds)
#19
c4-bot-4
opened
2 months ago
0
Lack of sequencer uptime checks can lead to dutch auctions executing at bad prices or failing
#18
c4-bot-2
opened
2 months ago
0
QA Report
#17
c4-bot-8
closed
1 month ago
0
Previous
Next