issues
search
code-423n4
/
2024-08-wildcat-findings
3
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
lender that's mistakenly flagged can lose access to funds
#125
howlbot-integration[bot]
opened
1 month ago
3
Inability to Override Erroneous Chainalysis Sanction Flag for Borrowers in WildcatMarket.borrow Function
#124
howlbot-integration[bot]
closed
1 month ago
3
Upgraded Q -> 2 from #17 [1728912210729]
#123
c4-judge
closed
1 month ago
3
Users are incentivized to not withdraw immediately after the market is closed.
#121
howlbot-integration[bot]
opened
1 month ago
4
QA Report
#120
howlbot-integration[bot]
closed
1 month ago
2
QA Report
#119
howlbot-integration[bot]
opened
2 months ago
6
QA Report
#118
howlbot-integration[bot]
closed
1 month ago
4
QA Report
#117
howlbot-integration[bot]
opened
2 months ago
1
QA Report
#116
howlbot-integration[bot]
opened
2 months ago
3
QA Report
#115
howlbot-integration[bot]
opened
2 months ago
0
QA Report
#114
howlbot-integration[bot]
opened
2 months ago
2
QA Report
#113
howlbot-integration[bot]
opened
2 months ago
1
QA Report
#112
howlbot-integration[bot]
closed
1 month ago
2
QA Report
#111
howlbot-integration[bot]
opened
2 months ago
0
QA Report
#110
howlbot-integration[bot]
closed
1 month ago
2
QA Report
#109
howlbot-integration[bot]
opened
2 months ago
4
QA Report
#108
howlbot-integration[bot]
opened
2 months ago
3
Disabled SphereXEngine Proctection.
#107
howlbot-integration[bot]
closed
2 months ago
1
A borrower can create a market with disabled `hookTemplate`.
#106
howlbot-integration[bot]
closed
2 months ago
1
`WildcantMarketWithdrawals.sol::executeWithdrawals` function does not have validation check for the sufficient balance is there to repay all the address in the queue
#105
howlbot-integration[bot]
closed
1 month ago
3
originationFeeAsset can be a sanctioned asset
#104
howlbot-integration[bot]
closed
2 months ago
1
Delinquency fee can be totally or partially avoided due to MarketState.isDelinquent only being updated at the end of a market operation
#103
howlbot-integration[bot]
closed
2 months ago
1
A user with expired credentials can receive tokens and bypass restrictions because credentials check is not enforced in the transfer hook as it is done in the deposit hook
#102
howlbot-integration[bot]
opened
2 months ago
2
Borrower can lock `lender` funds in `market` via `WildcatMarket::closeMarket`
#101
howlbot-integration[bot]
closed
2 months ago
3
Repaying outstanding debt by the borrower will not clear the debt in the system thus the contract still incurs more debt after calling this function
#100
howlbot-integration[bot]
closed
2 months ago
4
`WildcatArchController::updateSphereXEngineOnRegisteredContracts` will never execute because `sphereXEngine` is set as `address(0)` and never updated.
#99
howlbot-integration[bot]
closed
2 months ago
1
Partially repaying unpaid batches will be broken if scale factor exceeds 2
#98
howlbot-integration[bot]
closed
2 months ago
1
Incorrect Interest Accrual for Expired Withdrawal Batches After Repayment
#97
howlbot-integration[bot]
closed
2 months ago
1
No State Update After Transfer in repayOutstandingDebt and repayDelinquentDebt Leads to Inaccurate Interest Accrual
#96
howlbot-integration[bot]
closed
2 months ago
1
The `annualInterestBips` of a market hooked by a fixed-term hook can be reduced at any time even when the fixed term time of the market has not yet elapsed
#95
howlbot-integration[bot]
closed
2 months ago
2
`HooksFactory#_deployMarket()` didn't check if `originationFeeAmount` is zero or not
#94
howlbot-integration[bot]
closed
2 months ago
2
Inherent Delayed Delinquency Status Update in WildcatMarket Contract
#93
howlbot-integration[bot]
closed
2 months ago
1
Sanctioned user can modify state of the market
#92
howlbot-integration[bot]
opened
2 months ago
2
`HooksFactory#deployMarket()` doesn't check whether the specified `hooksTemplate` is disabled
#91
howlbot-integration[bot]
closed
2 months ago
1
`maxTotalSupply` can be set to any value, even below the current total supply of the market
#90
howlbot-integration[bot]
opened
2 months ago
2
Markets do not update delinquency timer correctly if the account goes underwater through interest accrual
#89
howlbot-integration[bot]
closed
2 months ago
1
some protected external non-view functions does not have sphereXGuardExternal() modifier
#88
howlbot-integration[bot]
opened
2 months ago
2
Lenders' funds is locked without interest in prematurely closed fixed-term loan markets
#87
howlbot-integration[bot]
closed
2 months ago
1
Role provider permission escalation
#86
howlbot-integration[bot]
closed
2 months ago
1
H-01 `LibHooksConfig.setHooksAddress` is updating `address` incorrectly
#85
howlbot-integration[bot]
opened
2 months ago
7
onRepay hook can be bypassed
#84
howlbot-integration[bot]
opened
2 months ago
2
Anyone can call `AccessControlHooks.onQueueWithdrawal` to DOS lender's operation
#83
howlbot-integration[bot]
closed
1 month ago
7
Inability of `ArchController` to enable disabled hookstemplate
#82
howlbot-integration[bot]
closed
2 months ago
1
Borrower can REVOKE A USER'S CREDENTIAL by Blocking the user instead of just preventing deposits, while the unblocking function if called will not return back the User's Revoked Role.
#81
howlbot-integration[bot]
closed
2 months ago
1
Borrowers can sidestep paying the needed APR for some supported assets
#80
howlbot-integration[bot]
closed
2 months ago
2
Block reorg can cause unexpected behaviour during deployment of WildcatMarkets which could lead to broken functionality of the protocol
#79
howlbot-integration[bot]
closed
2 months ago
4
`AccessControlHooks::onQueueWithdrawal` Missing Access Control Check
#78
howlbot-integration[bot]
closed
1 month ago
5
`FixedTermLoanHooks` allow Borrower to update Annual Interest before end of the "Fixed Term Period"
#77
howlbot-integration[bot]
opened
2 months ago
2
Inconsistent Interest Accrual After Withdrawal Batch Expiry
#76
howlbot-integration[bot]
closed
2 months ago
1
debit owned by borrower not cleared after full repayment of loan
#75
howlbot-integration[bot]
closed
2 months ago
1
Next