issues
search
hats-finance
/
Velvet-Capital-0x0bb0c08fd9eeaf190064f4c66f11d18182961f77
Core smart contracts of Velvet Capital
Other
0
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Asset manager can be exempted paying fee on withdrawal by assigning their address as `assetManagerTreasury`
#86
hats-bug-reporter[bot]
opened
1 hour ago
0
Lack of pausable feature on rebalance or setting weight open for front-run issues
#85
hats-bug-reporter[bot]
opened
6 hours ago
0
Off-by-one timestamp error
#84
hats-bug-reporter[bot]
opened
1 day ago
0
Transferring ownership of a Portfolio is not updated (reflected) on `PortfolioInfolList`
#83
hats-bug-reporter[bot]
opened
1 day ago
0
Empty `revert()` statement
#82
hats-bug-reporter[bot]
opened
1 day ago
1
Deprecated OpenZeppelin functions should not be used
#81
hats-bug-reporter[bot]
opened
1 day ago
1
Unprotected initializer
#80
hats-bug-reporter[bot]
opened
1 day ago
1
Using `block.timestamp` for swap deadline offers no protection
#79
hats-bug-reporter[bot]
opened
1 day ago
1
Possible to drain DepositBatch, WithdrawBatch approver's token balance due improper input validation
#78
hats-bug-reporter[bot]
opened
1 day ago
7
Wrong event is emitted when upgrading the token exclusion manager inside the PortfolioFactory contract
#77
hats-bug-reporter[bot]
opened
2 days ago
0
Unsafe ERC20 Operation
#76
hats-bug-reporter[bot]
opened
2 days ago
1
OOG on `claimRemovedTokens` loop due to potential large gap between `lastClaimedUserId` and `_currentSnapshotId`
#75
hats-bug-reporter[bot]
opened
3 days ago
1
Rebase token, increasing or decreasing, resulting Potential Locked token in `tokenExclusionManager` or Last user unable to `claimRemovedTokens`
#74
hats-bug-reporter[bot]
opened
3 days ago
2
`Safe` signers can disable `VelvetSafeModule`
#73
hats-bug-reporter[bot]
opened
4 days ago
5
WithdrawBatch - multiTokenSwapAndWithdraw - token approval is missing from user
#72
hats-bug-reporter[bot]
opened
4 days ago
1
Vault can never be initialised if `tokenWhitelistingEnabled = false`
#71
hats-bug-reporter[bot]
opened
4 days ago
3
`multiTokenSwapAndTransfer` uses incorrect library function to send ETH - functionality is broken
#70
hats-bug-reporter[bot]
opened
4 days ago
5
WithdrawBatch.sol - if the withdraw token specified is ETH, it isn't correctly sent to the user
#69
hats-bug-reporter[bot]
opened
4 days ago
2
Bypass of `onlyPortfolioManager` calls
#68
hats-bug-reporter[bot]
opened
5 days ago
1
Asset manager can completely drain all user funds from Vault
#67
hats-bug-reporter[bot]
opened
5 days ago
3
Tokens with a maximum transfer logic could cause accounting issues on minting portfolio shares
#66
hats-bug-reporter[bot]
opened
5 days ago
3
EnsoHandler.sol#multiTokenSwapAndTransfer() - swapped tokens would be received by the unintended address
#65
hats-bug-reporter[bot]
opened
5 days ago
1
Asset manager can abuse minimum portfolio holding amount functionality
#64
hats-bug-reporter[bot]
opened
5 days ago
2
Vault deployer can mint unlimited tokens to himself at vault initialization
#63
hats-bug-reporter[bot]
opened
5 days ago
1
Users can bypass `_checkCoolDownPeriod` check to withdraw before remaining cooldown period
#62
hats-bug-reporter[bot]
opened
5 days ago
6
Rebalancing : `updateWeights` could revert to due to strict check for swap. This would impact the timely rebalancing.
#61
hats-bug-reporter[bot]
opened
6 days ago
1
Users Unable to Claim Removed Tokens Due to Transfer Failures in claimRemovedTokens Function
#60
hats-bug-reporter[bot]
opened
1 week ago
1
Tokens can't be added to whitelist after initialisation
#59
hats-bug-reporter[bot]
opened
1 week ago
1
Users can withdraw tokens when the protocol is paused due to inconsistant updates of states.
#58
hats-bug-reporter[bot]
opened
1 week ago
1
CooldownManager : inconsistency in enforcing the minimum cooldownPeriod
#57
hats-bug-reporter[bot]
opened
1 week ago
4
VaultManager.sol - user can never fully withdraw his collateral, due to portfolio fee inflation
#56
hats-bug-reporter[bot]
opened
1 week ago
1
Precision loss in contracts/fee/FeeCalculations.sol#_calculateMintAmountForStreamingFees
#55
hats-bug-reporter[bot]
opened
1 week ago
1
`multiTokenDepositFor()` function has no check for minPortfolioTokenHoldingAmount leading to loss of shares
#54
hats-bug-reporter[bot]
opened
1 week ago
1
Owner can toggle pause/unpause of the protocol rapidly
#53
hats-bug-reporter[bot]
opened
1 week ago
1
Passing of `_tokens` instead of `tokens` to the _resetPreviousTokenList() while calling updateTokenList() and initToken() function, causes updation of already existing tokens in previous list
#52
hats-bug-reporter[bot]
opened
1 week ago
1
cooldown period can be extended by depositing small amount to other user
#51
hats-bug-reporter[bot]
opened
1 week ago
3
Minimum portfolio holding check does not amount for token transfers
#50
hats-bug-reporter[bot]
opened
1 week ago
1
DepositBatch : hardcoding the SWAP_TARGET address could not flexible when there is any upgrade or bug fixes
#49
hats-bug-reporter[bot]
opened
1 week ago
2
DepositBatch : `multiTokenSwapAndTransfer` - swap can not happen as the allowance is not set to SWAP_TARGET
#48
hats-bug-reporter[bot]
opened
1 week ago
2
Accrued Fees Not Minted before Fee Parameters Are Updated
#47
hats-bug-reporter[bot]
opened
1 week ago
0
Deposit and Withdrawal Can Be DoSed
#46
hats-bug-reporter[bot]
opened
1 week ago
1
updateHighWaterMark can never be set to 0
#45
hats-bug-reporter[bot]
opened
1 week ago
0
VaultConfig.sol - adding new tokens would lead to users being unable to withdraw their underlying collateral
#44
hats-bug-reporter[bot]
opened
1 week ago
1
`Rebalancing::removePortfolioToken` is unable to remove tokens
#43
hats-bug-reporter[bot]
opened
1 week ago
1
Portfolio tokens can never be withdrawn on behalf of another user
#42
hats-bug-reporter[bot]
opened
1 week ago
1
Non whitelisted Users can effortlessly bypass _beforeDepositCheck() due to flawed OR operator logic
#41
hats-bug-reporter[bot]
opened
1 week ago
1
No check for active Arbitrum Sequencer in `PriceOracle`
#40
hats-bug-reporter[bot]
opened
1 week ago
1
Removing a portfolio token will break performance fees
#39
hats-bug-reporter[bot]
opened
1 week ago
3
UniswapV2Handler uses block.timestamp as deadline parameter for swaps which could attract mev.
#38
hats-bug-reporter[bot]
opened
1 week ago
1
multiTokenSwapAndTransfer is not checking that the `balance` and `data._depositAmount` are same
#37
hats-bug-reporter[bot]
opened
1 week ago
1
Next