sherlock-audit 2023-01-illuminate-judging issues

sherlock-audit / 2023-01-illuminate-judging

1 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Deivitto - Concerns on pause and related to pause functions over the code

#42 github-actions[bot] closed 1 year ago
0
0xhacksmithh - ```Safe.approve(IERC20(token), r, type(uint256).max)``` will not work for some token.

#41 github-actions[bot] closed 1 year ago
0
0xmuxyz - If `"0"` is assigned into the parameter `"a"` on `lend()` method for the Notional Protocol, the calculation of fee will results in `"underflow"`

#40 github-actions[bot] closed 1 year ago
0
0xhacksmithh - HardCoded ```ETH``` price

#39 github-actions[bot] closed 1 year ago
0
0xhacksmithh - ```setAdmin()``` should be a 2-step-process

#38 github-actions[bot] closed 1 year ago
0
Zer0Luck - Zer0Luck - A vulnerability to a dos attack occurs due to the use of the delegatecall command within the batch function that is available from the outside. A vulnerability to improper parameter validation in the mint function also exists.

#37 github-actions[bot] closed 1 year ago
0
0xhacksmithh - There is no sanity check for ```maturity (timestamp) of the market```

#36 github-actions[bot] closed 1 year ago
0
yongkiws - The Redeemer::setAdmin function can be used by anyone or an attacker

#35 github-actions[bot] closed 1 year ago
0
cccz - If no swap to PT, the premium is locked and there is no profit

#34 github-actions[bot] closed 1 year ago
0
cccz - ERC5095.mint should ensure the user received at least the amount desired

#33 github-actions[bot] closed 1 year ago
3
ayeslick - Depositors can lose their entire deposit

#32 github-actions[bot] closed 1 year ago
2
ck - Users can loose their Illuminate tokens if amount to redeem is greater than holdings[u][m]

#31 github-actions[bot] closed 1 year ago
0
ck - ERC5095::deposit does not account for slippage as intended

#30 github-actions[bot] closed 1 year ago
7
ck - Lender::setEtherPrice is unreliable incase of price swings of Ethereum

#29 github-actions[bot] closed 1 year ago
0
0xAgro - EIP-5095 Early Use & False Adherence Risk

#28 github-actions[bot] closed 1 year ago
2
ck - Lender::convertDecimals will return 0 when underlyingDecimals == principalDecimals

#27 github-actions[bot] closed 1 year ago
0
ck - Lender::rateLimit will revert for ERC20 tokens with greater than 27 decimals

#26 github-actions[bot] closed 1 year ago
3
cccz - Incorrect parameters when calling the initiate function, allowing the user to uses the balance of the Lender contract to pay SwivelFee.

#25 github-actions[bot] closed 1 year ago
0
cccz - ERC5095.previewRedeem does not return the calculated result

#24 github-actions[bot] closed 1 year ago
3
cccz - ERC5095 has not approved MarketPlace to spend tokens in ERC5095

#23 github-actions[bot] opened 1 year ago
1
IllIllI - Protocol fees not taken on premium

#22 github-actions[bot] opened 1 year ago
1
IllIllI - Ether price may be stale

#21 github-actions[bot] closed 1 year ago
2
IllIllI - Changing the Illuminate PT will make users of the old iPT lose their funds

#20 github-actions[bot] closed 1 year ago
6
IllIllI - Users can accidentally lose funds during redemption

#19 github-actions[bot] closed 1 year ago
5
IllIllI - Holders of worthless external PTs can stick other Illuminate PT holders with bad debts

#18 github-actions[bot] closed 1 year ago
6
IllIllI - Swivel premium has extra slippage applied to it if not swapped

#17 github-actions[bot] closed 1 year ago
5
IllIllI - Illuminate's PT doesn't respect users' slippage specifications for underlyings

#16 github-actions[bot] opened 1 year ago
6
IllIllI - The Notional version of `lend()` can be used to lock iPTs

#15 github-actions[bot] opened 1 year ago
5
IllIllI - Users can make Illuminate pay their Swivel fees, locking Illuminate's other fees

#14 github-actions[bot] closed 1 year ago
2
Bnke0x0 - Calls To Swivel.initiate() Do Not Verify o.exit or o.vault Allowing An Attacker To Manipulate Accounting In Their Favour

#13 github-actions[bot] closed 1 year ago
0
ck - setAdmin does follow a top step process in setting a new admin

#12 github-actions[bot] closed 1 year ago
0
Bnke0x0 - Centralisation Risk: Admin Can Change Important Variables To Steal Funds

#11 github-actions[bot] closed 1 year ago
0
Bnke0x0 - Easily bypassing admins 'pause' for swivel

#10 github-actions[bot] closed 1 year ago
7
Bnke0x0 - withdraw eToken before withdrawFee of eToken could render of eToken unfunctioning

#9 github-actions[bot] closed 1 year ago
0
Bnke0x0 - Lender.mint() May Take The Illuminate PT As Input Which Will Transfer And Mint More Illuminate PT Cause an Infinite Supply

#8 github-actions[bot] closed 1 year ago
0
ck - Redeemer::setConverter can result in multiple addresses being approved to transfer interest bearing tokens.

#7 github-actions[bot] closed 1 year ago
2
james_wu - Sense redeem is vulnerable to reentrancy

#6 github-actions[bot] closed 1 year ago
2
dinesh - Use safe ERC721 mint

#5 github-actions[bot] closed 1 year ago
0
dinesh - Using the low-level function ".delegatecall" it doesn't checks contract existence

#4 github-actions[bot] closed 1 year ago
0
dinesh - Insufficient mapping to approve multi fees & withdrawals

#3 github-actions[bot] closed 1 year ago
0
dinesh - approve of all with token: type(uint256).max in native token (ETH) will always revert

#2 github-actions[bot] closed 1 year ago
0
ahmedovv - Lack of zero admin check for admin

#1 github-actions[bot] closed 1 year ago
0