code-423n4 2024-10-ronin-findings issues

code-423n4 / 2024-10-ronin-findings

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

QA Report

#86 howlbot-integration[bot] closed 2 weeks ago
1
QA Report

#85 howlbot-integration[bot] closed 2 weeks ago
1
QA Report

#84 howlbot-integration[bot] closed 2 weeks ago
1
QA Report

#83 howlbot-integration[bot] closed 2 weeks ago
3
QA Report

#82 howlbot-integration[bot] closed 2 weeks ago
1
QA Report

#81 howlbot-integration[bot] opened 3 weeks ago
3
QA Report

#80 howlbot-integration[bot] opened 3 weeks ago
1
V3SwapRouter.sol#checkAuthorizedV3Path cannot decode all token involved

#79 howlbot-integration[bot] closed 2 weeks ago
3
Unauthorized Liquidity Increase in `NonfungiblePositionManager`

#78 howlbot-integration[bot] closed 3 weeks ago
1
Oracle Miscalculation During Zero Liquidity Periods Leads to Inaccurate AMM Data

#77 howlbot-integration[bot] closed 3 weeks ago
1
immutable variables are not initialised, breaks functionality

#76 howlbot-integration[bot] closed 3 weeks ago
1
NonfungiblePositionManager has increaseLiquidity Function Missing Authorization Check

#75 howlbot-integration[bot] closed 3 weeks ago
1
`initialize()` function lacks a check to ensure that the provided `sqrtPriceX96` is non-zero before assigning it to `slot0.sqrtPriceX96`

#74 howlbot-integration[bot] closed 2 weeks ago
5
The `KatanaV3Pool.initializeImmutables` Function is Prone to Denial of Service (DoS) Attacks

#73 howlbot-integration[bot] closed 3 weeks ago
1
Improper Validation of `tickSpacing` Parameter in `initializeImmutables` Function

#72 howlbot-integration[bot] closed 2 weeks ago
3
Users may perform trades or provide liquidity based on the assumption that the pool has a valid price.

#71 howlbot-integration[bot] closed 2 weeks ago
3
Improper Initialization Logic in KatanaV3Factory Causes Failure/Dos in calling `KatanaV3Factory.sol::initialize`

#70 howlbot-integration[bot] closed 3 weeks ago
1
Leftover ETH by the previous liquidator provider might be stolen by another liquidator provider.

#69 howlbot-integration[bot] closed 3 weeks ago
2
Use of `slot0` to get `sqrtPriceLimitX96` can lead to price manipulation.

#68 howlbot-integration[bot] closed 3 weeks ago
1
Missing authorization check in `increaseLiquidity` permits unauthorized liquidity addition

#67 howlbot-integration[bot] closed 3 weeks ago
1
Address Collision Can Cause Stolen Funds

#66 howlbot-integration[bot] closed 3 weeks ago
3
Minting with Extreme Tick Values

#65 howlbot-integration[bot] closed 2 weeks ago
3
LPholders can be prevented from burning their position NFTs

#64 howlbot-integration[bot] closed 3 weeks ago
1
Expired Accounts Continue To be Authorized

#63 howlbot-integration[bot] closed 3 weeks ago
1
Pool Initialization with Extreme Prices Can Break Core Pool Mechanics

#62 howlbot-integration[bot] closed 2 weeks ago
4
Precision Loss in Oracle's Tick Cumulative Calculation Due to Integer Division Order

#61 howlbot-integration[bot] closed 3 weeks ago
1
Unauthorized Liquidity Manipulation in NonfungiblePositionManager Contract Due to Missing Access Control

#60 howlbot-integration[bot] closed 3 weeks ago
1
Oracle's Transform Function Fails to Handle Zero Liquidity, Leading to Data Inaccuracy

#59 howlbot-integration[bot] closed 3 weeks ago
1
`v3SwapRouter` is vulnerable to address collision

#58 howlbot-integration[bot] closed 3 weeks ago
2
Use of slot0 which is extremely manipulatable

#57 howlbot-integration[bot] closed 3 weeks ago
1
KatanaGovernance::createPair(), Any unauthorized account can create pair with any expired token due to logical error in KatanaGovernance::_isAuthorized() function.

#56 howlbot-integration[bot] closed 3 weeks ago
1
Lack of `address(0)` in the `KatanaGovernance::_setFactory` function

#55 howlbot-integration[bot] closed 3 weeks ago
1
Liquidity providers can be restricted from burning their positions.

#54 howlbot-integration[bot] closed 3 weeks ago
1
Price Manipulation Vulnerability in `PoolInitializer` Due to `sqrtPriceX96` Dependency

#53 howlbot-integration[bot] closed 3 weeks ago
1
Expired Accounts Retain Access Due to Flawed Expiry Validation in Authorization Logic

#52 howlbot-integration[bot] closed 3 weeks ago
1
CREATE2` address collision during pool deployment allows for complete draining of the pool

#51 howlbot-integration[bot] closed 3 weeks ago
2
Katana Governance will never be able to initialize the V3factory because of a wrong check

#50 howlbot-integration[bot] closed 3 weeks ago
1
KatanaV3Pool.sol cannot initializeImmutables

#49 howlbot-integration[bot] closed 3 weeks ago
1
slot0 is easy to manupilate

#48 howlbot-integration[bot] closed 3 weeks ago
1
Protocol Fee Ratio Bypass Leading to Excessive Fee Extraction

#47 howlbot-integration[bot] closed 2 weeks ago
3
Usage of slot 0 to get sqrtPriceLimitX96 can be easily manipulated

#46 howlbot-integration[bot] closed 3 weeks ago
2
Authorization Bypass Due to Expired Timestamp Check

#45 howlbot-integration[bot] closed 3 weeks ago
1
Initialization Deadlock in KatanaV3Pool Due to Conflicting Constructor and initializeImmutables Logic

#44 howlbot-integration[bot] closed 3 weeks ago
1
KatanaGovernance::_isAuthorized function allows user to perform action even after expiry time has passed.

#43 howlbot-integration[bot] closed 3 weeks ago
1
Address Collision Attack Using CREATE2 in Katana V3 Pool Deployment

#42 howlbot-integration[bot] closed 3 weeks ago
2
Wrong Implementation, `KatanaV3Factory` never be initialized.

#41 howlbot-integration[bot] closed 3 weeks ago
1
Wrong and unexpected parameters passed to constructor in `KatanaV3PoolProxy`.

#40 howlbot-integration[bot] closed 3 weeks ago
1
slot0 Reliance in swap Allows Price Manipulation

#39 howlbot-integration[bot] closed 3 weeks ago
1
V3factory will fail to initialize because of a wrong check

#38 howlbot-integration[bot] closed 3 weeks ago
1
Potential overestimation of liquidity

#37 howlbot-integration[bot] closed 3 weeks ago
1