sherlock-audit 2023-02-bond-judging issues

sherlock-audit / 2023-02-bond-judging

2 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

whitehat - The createMarket transaction lack of expiration timestamp check

#60 sherlock-admin opened 1 year ago
4
tsvetanovv - No way to remove auctioneer

#59 sherlock-admin closed 1 year ago
1
tsvetanovv - The protocol will not work with tokens over 18 decimal

#58 sherlock-admin closed 1 year ago
5
tsvetanovv - Malicious or hacked owner can steal tokens

#57 sherlock-admin closed 1 year ago
1
whitehat - liveMarketsBetween reverts if lastIndex_ is out of marketsToAuctioneers length

#56 sherlock-admin closed 1 year ago
1
tsvetanovv - Some ERC20 tokens deduct a fee on transfer

#55 sherlock-admin closed 1 year ago
1
tsvetanovv - ERC20 transfer zero amount can be reverted

#54 sherlock-admin closed 1 year ago
1
martin - Insufficient oracle data validation

#53 sherlock-admin closed 1 year ago
1
tsvetanovv - Malicious user can Blacklists Token

#52 sherlock-admin closed 1 year ago
1
martin - Usage of deprecated `transfer` to send Ether

#51 sherlock-admin closed 1 year ago
1
cryptostellar5 - Not calling approve(0) before setting a new approval causes the call to revert when used with certain Tokens such as Tether - USDT

#50 sherlock-admin closed 1 year ago
1
Breeje - Multiplication after Division can cause larger Precision loss

#49 sherlock-admin closed 1 year ago
9
Diana - Not calling approve(0) before setting a new approval causes the call to revert when used with tether(USDT)

#48 sherlock-admin closed 1 year ago
1
Diana - call() should be used instead of transfer() on an address payable

#47 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Overflow on parameter params.conclusion. BondFixedTermOFDAV3.t.sol function testCorrectness_CannotCreateMarketWithInvalidParams()

#46 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Underflow on parameter params.vesting BondFixedTermOSDAV3.t.sol function testCorrectness_CannotCreateMarketWithInvalidParams()

#45 sherlock-admin closed 1 year ago
1
usmannk - Removing support for a currency pair from the oracle leaves markets in an invalid state

#44 sherlock-admin closed 1 year ago
4
usmannk - Transferring ownership might break the market

#43 sherlock-admin closed 1 year ago
6
usmannk - Creating bonds will fail for some valid tokens

#42 sherlock-admin closed 1 year ago
5
usmannk - Users can avoid the max payout limit for FPA and OFDA auction types

#41 sherlock-admin closed 1 year ago
5
ktg - Auctioneers constructors don't check if teller is of the same type

#40 sherlock-admin closed 1 year ago
2
spyrosonic10 - Possibility of underflow in calling `initiateBatchAuction`

#39 sherlock-admin closed 1 year ago
9
Bauer - Incorrect capacity calculation in BondBaseOSDA contract.

#38 sherlock-admin closed 1 year ago
1
Bauer - Use call() instead of transfer() on an address payable

#37 sherlock-admin closed 1 year ago
7
Bauer - The initiateBatchAuction transaction could fail

#36 sherlock-admin closed 1 year ago
5
Bauer - Missing check for oracle leading to loss of assets for users

#35 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Underflow on parameter params.fixedDiscount. BondFixedExpiryOFDAV1.t.sol function testCorrectness_CannotCreateMarketWithInvalidParams() params.fixedDiscount

#34 sherlock-admin closed 1 year ago
1
J4de - In OSDA mode, The market owner may maliciously close the market in order to avoid selling payout token at a low price

#33 sherlock-admin closed 1 year ago
1
J4de - In OSDA mode, the attacker may buy payout token at a price lower than the theoretical value

#32 sherlock-admin closed 1 year ago
1
OCC - Incorrect calculation of fees in amount variable

#31 sherlock-admin closed 1 year ago
1
MultiSig - minPrice Can Be 0 If maxDiscountFromCurrent Is Set To ONE_HUNDRED_PERCENT

#30 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Overflow on parameter priceFeed.setTimestamp. BondFixedExpiryOSDAV1.t.sol BondFixedExpiryOSDA.sol function testCorrectness_CannotCreateMarketWithInvalidParams() priceFeed.setTimestamp.

#29 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Overflow on parameter params.depositInterval. BondFixedExpiryOSDAV1.t.sol BondFixedExpiryOSDA.sol function testCorrectness_CannotCreateMarketWithInvalidParams() params.depositInterval.

#28 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Overflow and Underflow on parameter params.baseDiscount and params.maxDiscountFromCurrent. BondFixedExpiryOSDAV1.t.sol BondFixedExpiryOSDA.sol function testCorrectness_CannotCreateMarketWithInvalidParams() params.baseDiscount and params.maxDiscountFromCurrent

#27 sherlock-admin closed 1 year ago
1
xiaoming90 - Inconsistencies within the `payoutFor` function

#26 sherlock-admin closed 1 year ago
7
xiaoming90 - Inconsistent max payout returned from `getMarketInfoForPurchase` across different auctioneers

#25 sherlock-admin closed 1 year ago
7
xiaoming90 - Lack of validation in `setPair`

#24 sherlock-admin closed 1 year ago
3
xiaoming90 - Incorrect max payout returned from the `BondBaseFPA.maxPayout` function (FPA Only)

#23 sherlock-admin closed 1 year ago
1
xiaoming90 - Incorrect max accepted amount returned from the `BondBaseFPA.maxAmountAccepted` function (FPA Only)

#22 sherlock-admin closed 1 year ago
1
xiaoming90 - Incorrect payout amount returned from the `BondBaseFPA.payoutFor` function (FPA only)

#21 sherlock-admin closed 1 year ago
1
xiaoming90 - Incorrect market price returned from `BondBaseFPA.marketPrice` function (FPA Only)

#20 sherlock-admin closed 1 year ago
1
xiaoming90 - Incorrect payout computation (FPA Only)

#19 sherlock-admin closed 1 year ago
1
xiaoming90 - "Equilibrium price" is not used to compute the capacity (OSDA Only)

#18 sherlock-admin opened 1 year ago
6
fat32 - SWC-101 Arithmetic Underflow on parameter params.baseDiscount. BondFixedExpiryOSDAV1.t.sol BondFixedExpiryOSDA.sol function testCorrectness_CannotCreateMarketWithInvalidParams() params.baseDiscount

#17 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Overflow on parameter params.conclusion. BondFixedExpiryOSDAV1.t.sol BondFixedExpiryOSDA.sol function testCorrectness_CannotCreateMarketWithInvalidParams() params.conclusion

#16 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Underflow on params.targetIntervalDiscount. BondFixedExpiryOSDAV1.t.sol BondFixedExpiryOSDA.sol function testCorrectness_CannotCreateMarketWithInvalidParams() params.targetIntervalDiscount

#15 sherlock-admin closed 1 year ago
1
Delvir0 - BondBaseOFDA.purchaseBond might become unavailable if ownership is transferred

#14 sherlock-admin closed 1 year ago
1
Delvir0 - Array size could result in DoS making function unavailable

#13 sherlock-admin closed 1 year ago
1
ss3434 - Must approve by zero first

#12 sherlock-admin closed 1 year ago
1
fat32 - SWC-101 Arithmetic Underflow on param.maxDiscountFromCurrent. BondFixedExpiryOSDAV1.t.sol BondFixedExpiryOSDA.sol function testCorrectness_CannotCreateMarketWithInvalidParams() maxDiscountFromCurrent

#11 sherlock-admin closed 1 year ago
1