issues
search
hats-finance
/
Convergence---Convex-integration-0xb3df23e155b74ad2b93777f58980d6727e8b40bb
0
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
user's CRX balance in CvxConvergenceLocker can be mistakenly distributed as reward and charged fee if the CRX token is kicked out.
#41
hats-bug-reporter[bot]
opened
5 months ago
6
Malicious user can lock CvxConvergenceLocker cvxcrv reward forever
#40
hats-bug-reporter[bot]
opened
5 months ago
6
Lost and lock of CRV token if the reward locker is shut down
#39
hats-bug-reporter[bot]
opened
5 months ago
2
`CvxConvergenceLocker.mint()` will revert when lock amount is zero
#38
hats-bug-reporter[bot]
opened
5 months ago
1
User looses StakeDao rewards, if he misses to call `claimCvgCvxRewards` for cycle
#37
hats-bug-reporter[bot]
opened
5 months ago
4
CvgCvxStakingPositionService.sol#_convertCvxToCvgCvx() - slippage is not checked for opposite direction depeg
#36
hats-bug-reporter[bot]
opened
5 months ago
1
`CvxConvergenceLocker::sentTokens` doesn't protect from newly added reward tokens
#35
hats-bug-reporter[bot]
opened
5 months ago
3
Incorrect access control on `CvxStakingPositionManager.mint()` allows unauthorized address to mint position NFTs
#34
hats-bug-reporter[bot]
opened
5 months ago
2
Users can front-run the process of locking tokens in `CvxConvergenceLocker.sol`
#33
hats-bug-reporter[bot]
opened
5 months ago
3
Inability to change the swap path may lead to users losing funds
#32
hats-bug-reporter[bot]
opened
5 months ago
3
Unsafe miniting of position nfts
#31
hats-bug-reporter[bot]
opened
5 months ago
3
initialize could revert for non-standard token like USDT
#30
hats-bug-reporter[bot]
opened
5 months ago
1
Some functions might revert due to zero value transfer tokens
#29
hats-bug-reporter[bot]
opened
5 months ago
1
Unsafe casting can lead to overflow in `StakingServiceBase.sol::claimCvgRewards()` function
#28
hats-bug-reporter[bot]
opened
5 months ago
1
`CvxRewardDistributor.sol :: claimCvgCvxSimple` assumes 1:1 peg and doesn't check for depeg scenario
#27
hats-bug-reporter[bot]
opened
5 months ago
2
`StakingServiceBase` is vulnerable to stepwise jump farming, which would reduce honest stakers yield
#26
hats-bug-reporter[bot]
opened
5 months ago
1
Disable renounce of ownership in contracts
#25
hats-bug-reporter[bot]
opened
5 months ago
1
Missing events for functions that change critical parameters
#24
hats-bug-reporter[bot]
opened
5 months ago
3
Mint function doesn't check zero amount
#23
hats-bug-reporter[bot]
opened
5 months ago
0
`CVX1.sol` does not check `treasuryDao` address is zero address as done in other contracts
#22
hats-bug-reporter[bot]
opened
5 months ago
6
Missing `_disableInitializer()` in Upgradeable Constructor Body
#21
hats-bug-reporter[bot]
opened
5 months ago
1
NFT does not Handle Hard Forks Appropriately
#20
hats-bug-reporter[bot]
opened
5 months ago
1
Usage of Vulnerable Package Versions
#19
hats-bug-reporter[bot]
opened
5 months ago
1
__gap missing in upgradeable contracts
#18
hats-bug-reporter[bot]
opened
5 months ago
1
Temporary Denial of Service Due to Non-Shrinking Array Usage in an Unbounded Loop
#17
hats-bug-reporter[bot]
opened
5 months ago
2
CvgSvxStakingPositionService.sol - All calls to `curvePool` are wrong, as they use incorrect `i` and `j`.
#16
hats-bug-reporter[bot]
opened
5 months ago
1
Use safeTransferFrom instead of transferFrom for ERC721 transfers
#15
hats-bug-reporter[bot]
opened
5 months ago
1
Position NFTs are still burnable
#14
hats-bug-reporter[bot]
opened
5 months ago
1
Improper use of Deadline in `_depositEth` function of `StakingServicesBase.sol` using UniswapV2 router
#13
hats-bug-reporter[bot]
opened
5 months ago
1
Users will lose their staked rewards when a curve pool is killed
#12
hats-bug-reporter[bot]
opened
5 months ago
3
CvxAssetStakingService#_mintOrSwapToCvxAsset has 50% chance of failure as it assumes `asset` has index 0 in the Curve pool
#11
hats-bug-reporter[bot]
opened
5 months ago
2
`setRewardWeight()` does not implement upper weight limit
#10
hats-bug-reporter[bot]
opened
5 months ago
3
CvxRewardDistributor.sol#claimMultipleStaking() - tokens already in sdt claimable or not in cvx claimable would lead to a wrong claim
#9
hats-bug-reporter[bot]
opened
5 months ago
1
Initializer can be frontrun
#8
hats-bug-reporter[bot]
opened
5 months ago
0
CvxRewardDistributor misses `_Ownable2Step_init()` in the `initialize()` function
#7
hats-bug-reporter[bot]
opened
5 months ago
13
the `mint()` function in `CVX1.sol` can lead to loss of funds
#6
hats-bug-reporter[bot]
opened
5 months ago
4
Missing `_disableInitializers` in constructor of `CvxAssetStakerBuffer.sol`.
#5
hats-bug-reporter[bot]
opened
5 months ago
3
transfer return value is not checked, use safeTransfer() instead
#4
hats-bug-reporter[bot]
opened
5 months ago
4
tokenURI() does not comply with ERC721 - Metadata specification in CvxStakingPositionManager.sol
#3
hats-bug-reporter[bot]
opened
5 months ago
3
Use `safeTransfer` instead of `transfer`.
#2
hats-bug-reporter[bot]
opened
5 months ago
2
Using `block.timestamp` for swap deadline offers no protection
#1
hats-bug-reporter[bot]
opened
5 months ago
11
Previous