issues
search
sherlock-audit
/
2023-02-blueberry-judging
12
stars
5
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Avci - divCeil gives strange results
#367
github-actions[bot]
closed
1 year ago
0
Avci - grifing and stoping people from operating actions that needs colaterall
#366
github-actions[bot]
closed
1 year ago
0
joestakey - `WichiFarm.burn` allows user to steal harvest of other users
#365
github-actions[bot]
closed
1 year ago
0
yongkiws - ensure that users do not borrow or pay back more than the amount available at the bank
#364
github-actions[bot]
closed
1 year ago
0
ctf_sec - Underlying exchange rate can be manipulated in compound (fork), which impacting the mint / redeem in SoftVault.sol
#363
github-actions[bot]
closed
1 year ago
1
eierina - Do not copy arrays to resize
#362
github-actions[bot]
closed
1 year ago
0
Avci - user actually will get less than what he supposed to get
#361
github-actions[bot]
closed
1 year ago
0
joestakey - A user depositing in a `softVault` takes advantage of accrued lending interests of other users.
#360
github-actions[bot]
closed
1 year ago
1
Avci - Attacker can make users unable to withdraw their assets
#359
github-actions[bot]
closed
1 year ago
1
saian - BlueBerryBank lend and withdrawLend will revert if fee is 0
#358
github-actions[bot]
closed
1 year ago
0
Avci - wrong calculation in logic of the Lend function
#357
github-actions[bot]
closed
1 year ago
0
ctf_sec - Lack of slippage control and deadline check when depositing into / withdraw from the IChiVaultSpell and IChiFarm integration
#356
github-actions[bot]
closed
1 year ago
0
saian - Tokens will be stuck in the contract
#355
github-actions[bot]
closed
1 year ago
0
minhtrng - Excess funds when withdrawing from lending stuck permanently
#354
github-actions[bot]
closed
1 year ago
0
joestakey - lower `maxDelay` boundary would DOS the protocol
#353
github-actions[bot]
closed
1 year ago
0
minhtrng - ICHI rewards not paid out when reopening a farm position
#352
github-actions[bot]
closed
1 year ago
0
minhtrng - LP tokens might get left in the Spell contract and be taken by someone else
#351
github-actions[bot]
closed
1 year ago
0
Udsen - CONDUCT INPUT PARAMETER VALIDATION FOR `address(0)`
#350
github-actions[bot]
closed
1 year ago
0
eierina - BBMath can overflow
#349
github-actions[bot]
closed
1 year ago
0
ctf_sec - SoftVault cToken redeem can fail if the underlying token has liquidity shortfall in Compound (fork)
#348
github-actions[bot]
closed
1 year ago
3
Avci - everyone CAN Trigger interest accrual for banks and utokens
#347
github-actions[bot]
closed
1 year ago
0
koxuan - amountLpWithdrawn not given back to user
#346
github-actions[bot]
closed
1 year ago
0
PNM - Med: Anyone can call initialize() of the implementation contract
#345
github-actions[bot]
closed
1 year ago
0
stent - Max value for withdrawLend is not correct
#344
github-actions[bot]
closed
1 year ago
0
Udsen - CHECK THE ALLOWANCE AMOUNT BY THE `msg.sender` to `_spender` FOR THE GIVEN ERC20 TOKEN IS ZERO BEFORE CALLING THE `approve` FUNCTION
#343
github-actions[bot]
closed
1 year ago
0
Qeew - BBMath library is vulnerable to overflow
#342
github-actions[bot]
closed
1 year ago
0
eierina - Avoid leaving a contract uninitialized
#341
github-actions[bot]
closed
1 year ago
0
Ch_301 - User could bypass the `MaxLTV`
#340
github-actions[bot]
closed
1 year ago
0
tsvetanovv - Malicious user can Blocklists Token
#339
github-actions[bot]
closed
1 year ago
0
Udsen - VARIABLES WHICH ARE ASSIGNED FIXED VALUES DURING INITIALIZATION CAN BE DEFINED AS CONSTANTS
#338
github-actions[bot]
closed
1 year ago
0
Jaraxxus - MAX_PRICE_DEVIATION is incorrect
#337
github-actions[bot]
closed
1 year ago
0
tsvetanovv - Some ERC20 tokens deduct a fee on transfer
#336
github-actions[bot]
closed
1 year ago
0
peanuts - IchiLpOracle will malfunction if token0 or token1 decimal is not 18
#335
github-actions[bot]
closed
1 year ago
0
banditx0x - Users That Deposit Into Ichi Spell Can be Unfairly Liquidated by Attacker
#334
github-actions[bot]
closed
1 year ago
1
berndartmueller - The total lent amount of a bank is not decremented when a position is liquidated
#333
github-actions[bot]
closed
1 year ago
0
berndartmueller - Rebase/FoT tokens are not supported as isolated collateral
#332
github-actions[bot]
closed
1 year ago
0
berndartmueller - Missing performance fee deduction when closing an `IchiVaultSpell` position
#331
github-actions[bot]
closed
1 year ago
1
berndartmueller - Closing an `IchiVaultSpell` position is susceptible to slippage when swapping tokens
#330
github-actions[bot]
closed
1 year ago
0
berndartmueller - Burning `WIchiFarm` wrapped ICHI vault LP tokens can possibly revert due to insufficient balance of ICHI v2 tokens
#329
github-actions[bot]
closed
1 year ago
1
berndartmueller - A liquidator can repay the smaller debt position to fully liquidate a position and receive the full collateral
#328
github-actions[bot]
closed
1 year ago
1
berndartmueller - The maximum size of an `ICHI` vault spell position can be arbitrarily surpassed
#327
github-actions[bot]
opened
1 year ago
0
berndartmueller - `SoftVault` accrued interest is not refunded and stuck forever
#326
github-actions[bot]
closed
1 year ago
1
tsvetanovv - Possibility of borrowing more tokens than are in reserve
#325
github-actions[bot]
closed
1 year ago
1
berndartmueller - Failure to refund `ICHI` v2 farming reward tokens upon increasing farming position
#324
github-actions[bot]
closed
1 year ago
0
Udsen - MISSING CALLS TO __REENTRANCYGUARD_INIT FUNCTIONS OF INHERITED CONTRACTS
#323
github-actions[bot]
closed
1 year ago
0
berndartmueller - Failure to withdraw Ichi vault LP tokens to the user
#322
github-actions[bot]
closed
1 year ago
0
stent - Max amount for repay function does not have correct formula
#321
github-actions[bot]
closed
1 year ago
0
Avci - Users will not able to use borrow function for first time!
#320
github-actions[bot]
closed
1 year ago
0
berndartmueller - Too few `ICHI` v2 farming reward tokens transferred to the user due to incorrect decimal precision
#319
github-actions[bot]
opened
1 year ago
0
ctf_sec - Division before manipulation incurs heavy precision loss in IchiLpOracle
#318
github-actions[bot]
closed
1 year ago
1
Next