issues
search
sherlock-audit
/
2023-01-uxd-judging
3
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Qeew - Rebalancing positive PnL disabled
#446
github-actions[bot]
closed
1 year ago
0
Deivitto - erc20 not checked on transfer
#445
github-actions[bot]
closed
1 year ago
0
yongkiws - A not so Safe Transfer() and TransferFrom() for ERC20
#444
github-actions[bot]
closed
1 year ago
0
joestakey - `UXDToken.Controller` should not be immutable
#443
github-actions[bot]
closed
1 year ago
0
ak1 - Validate critical input parameters
#442
github-actions[bot]
closed
1 year ago
0
Udsen - The protocol heavily depends on admin actions, hence single-step ownership transfer is dangerous
#441
github-actions[bot]
closed
1 year ago
0
Qeew - Centralization risk
#440
github-actions[bot]
closed
1 year ago
0
hansfriese - `PerpDepository._abs` reverts in an edge case
#439
github-actions[bot]
closed
1 year ago
0
GimelSec - No one will call `rebalanceLite` if the caller is unable to get more money
#438
github-actions[bot]
closed
1 year ago
1
joestakey - `_redeem` should not revert for de-whitelisted assets
#437
github-actions[bot]
closed
1 year ago
0
Qeew - Timelock delay can be changed
#436
github-actions[bot]
closed
1 year ago
0
0xhacksmithh - User funds may get stuck inside protocol
#435
github-actions[bot]
closed
1 year ago
0
JohnnyTime - `netAssetDeposits` doesn't represent the real amount of assets deposited into the Perpetual vault
#434
github-actions[bot]
closed
1 year ago
0
yongkiws - calculating Fullmatch:: MulDiv avoiding Overflow/Underflow
#433
github-actions[bot]
closed
1 year ago
0
sach1r0 - `localMintAmount` could be incorrect than the actual amount
#432
github-actions[bot]
closed
1 year ago
0
sach1r0 - Use safeTransferFrom() instead of transferFrom() for ERC20 transfers
#431
github-actions[bot]
closed
1 year ago
0
TomJ - Unhandled Return Values of transfer and transferFrom
#430
github-actions[bot]
closed
1 year ago
0
hansfriese - `rebalanceLite` should provide a slippage protection
#429
github-actions[bot]
opened
1 year ago
8
ak1 - PerpDepository.sol, RageDnDepository.sol : UXD contract would not function when the perp/rage vaults are paused.
#428
github-actions[bot]
closed
1 year ago
2
joestakey - When redeeming, users can choose a different `assetToken` than the one they deposited, potentially making some users unable to redeem
#427
github-actions[bot]
closed
1 year ago
2
Deivitto - ERC20 `approve` fail for some tokens
#426
github-actions[bot]
closed
1 year ago
0
hansfriese - `PerpDepository._rebalanceNegativePnlWithSwap()` shouldn't use a `sqrtPriceLimitX96` twice.
#425
github-actions[bot]
opened
1 year ago
2
duc - Should use safeTransfer/safeTransferFrom instead of transfer/transferFrom
#424
github-actions[bot]
closed
1 year ago
0
HonorLt - Vulnerable GovernorVotesQuorumFraction version
#423
github-actions[bot]
opened
1 year ago
3
hansfriese - There is no option to manage the depository when the `unrealizedPnl` is negative in `RageDnDepository.sol`.
#422
github-actions[bot]
closed
1 year ago
2
GimelSec - Hard to change the positions of registered depositors
#421
github-actions[bot]
closed
1 year ago
0
R2 - Rebalancing issues
#420
github-actions[bot]
closed
1 year ago
2
JohnnyTime - Users can never redeem their USDC tokens
#419
github-actions[bot]
closed
1 year ago
0
0xhacksmithh - MaxCap(maximum amount of token that can be minted) can set below number of token minted by now
#418
github-actions[bot]
closed
1 year ago
0
Qeew - Low-level transfers made using the call() function can fail silently
#417
github-actions[bot]
closed
1 year ago
0
HonorLt - Unsafe type casting
#416
github-actions[bot]
closed
1 year ago
4
minhtrng - No input validation for swap parameters
#415
github-actions[bot]
closed
1 year ago
0
yongkiws - function RageDnDepository:deposit, redeem are not so safe without controller approval
#414
github-actions[bot]
closed
1 year ago
0
JohnnyTime - The `_abs` function in the `PerpDepository.sol` is useless since there are no negative numbers in Solidity
#413
github-actions[bot]
closed
1 year ago
0
Qeew - Upgradeable Contracts Have No Storage Gaps
#412
github-actions[bot]
closed
1 year ago
0
ak1 - UXDControllerStorage.sol - array based asset list handling would cause DOS when more number of asset tokens accepted by the protocol.
#411
github-actions[bot]
closed
1 year ago
0
R2 - Inconsistent work with ``DnGmxSeniorVault`` in ``RageDnDepository``
#410
github-actions[bot]
closed
1 year ago
2
0Kage - Significant divergence in unrealizedPnL calculation of Perp protocol vs Depository can lead to undercollateralization
#409
github-actions[bot]
closed
1 year ago
1
Udsen - The transferred funds could be lost if zero address is passed in as function argument
#408
github-actions[bot]
closed
1 year ago
0
HonorLt - No slippage control
#407
github-actions[bot]
closed
1 year ago
0
Deivitto -
#406
github-actions[bot]
closed
1 year ago
0
joestakey - `setRedeemable()` can lead to users unable to redeem.
#405
github-actions[bot]
closed
1 year ago
0
JohnnyTime - WETH (`assetToken`) & USDC (`quoteToken`) can be stuck forever in `PerpDepository.sol`
#404
github-actions[bot]
closed
1 year ago
0
karanctf - Lack of 0 address check on receiver on mint and mintWithEth function in UXDController.sol
#403
github-actions[bot]
closed
1 year ago
0
duc - Deposit and withdraw to the vault with the wrong decimals of amount in contract `PerpDepository`
#402
github-actions[bot]
opened
1 year ago
6
HonorLt - OFT abandons OFTCore supported interfaces
#401
github-actions[bot]
closed
1 year ago
0
libratus - Not checking the return value of ERC20 transfers
#400
github-actions[bot]
closed
1 year ago
0
zaevlad - Gas cost in array
#399
github-actions[bot]
closed
1 year ago
0
duc - Deposit and withdraw wrong decimals of amount in contract `PerpDepository`
#398
github-actions[bot]
closed
1 year ago
0
zaevlad - No need to declare default values in variables
#397
github-actions[bot]
closed
1 year ago
0
Next