issues
search
sherlock-audit
/
2023-02-gmx-judging
17
stars
11
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Avci - latestRoundData is not checking if returns stale result
#236
sherlock-admin
closed
1 year ago
0
hack3r-0m - faulty abi decoding from revert in catch block can lead to attacker controlled execution
#235
sherlock-admin
closed
1 year ago
0
whiteh4t9527 - Malicious Fee Keeper Could Clear Fee Records with Arbitrary (market, token) Pairs
#234
sherlock-admin
closed
1 year ago
0
hack3r-0m - while creating deposit, fee can be deducted in wrong manner if initialToken is not final token
#233
sherlock-admin
closed
1 year ago
0
simon135 - An attacker can control when the withdraw happens of market tokens and get better price
#232
sherlock-admin
closed
1 year ago
5
hack3r-0m - callback receiver can control when to allow order execution
#231
sherlock-admin
closed
1 year ago
5
hack3r-0m - unsatisfiable condition in `getAdjustedLongAndShortTokenAmounts`
#230
sherlock-admin
closed
1 year ago
0
simon135 - If account is blacklisted by usdc/usdt then the order the will revert and cant get switched
#229
sherlock-admin
closed
1 year ago
5
hack3r-0m - chain libraray has references to deprecated arbitrum rinkeby which causes uninteded behaviour for block values
#228
sherlock-admin
closed
1 year ago
5
joestakey - Incorrect funding amount due to precision loss in `getNextFundingAmountPerSize()` for markets with low open interest
#227
sherlock-admin
closed
1 year ago
0
hack3r-0m - loss of precision while diving `block.timestamp` due to runding towards 0
#226
sherlock-admin
closed
1 year ago
0
hack3r-0m - potentially using old price from pricefeed in oracle due to unchecked timestamp difference
#225
sherlock-admin
closed
1 year ago
0
joestakey - Incorrect check in `claimCollateral` leads to the function always reverting
#224
sherlock-admin
closed
1 year ago
0
simon135 - we can make this swap fail until we get a minOutput price that is good and make crazy profit by making it a big value
#223
sherlock-admin
closed
1 year ago
5
tsvetanovv - Missing deadline check when perform swap
#222
sherlock-admin
closed
1 year ago
0
hack3r-0m - gas usage while updating prices in oracles scales linearly with singers and tokens
#221
sherlock-admin
closed
1 year ago
0
simon135 - Receiver can be an malicious and gain free profit and not get liquidated/adling
#220
sherlock-admin
closed
1 year ago
5
float-audits - Price impact parameters could lead to risk-free profit opportunities for users
#219
sherlock-admin
closed
1 year ago
6
simon135 - no checking round data stale and decimals
#218
sherlock-admin
closed
1 year ago
5
tsvetanovv - ERC20 transfer zero amount can be reverted
#217
sherlock-admin
closed
1 year ago
0
simon135 - If block range it big and adl dosnt use currentblock in the order it will cause issues
#216
sherlock-admin
opened
1 year ago
4
simon135 - if the token gas limit is too little it can be an issue
#215
sherlock-admin
closed
1 year ago
0
simon135 - keepers might have to pay more fees and not get reimbursed
#214
sherlock-admin
closed
1 year ago
0
tsvetanovv - Malicious or hacked admin can steal tokens
#213
sherlock-admin
closed
1 year ago
0
handsomegiraffe - [M-01] Incorrect refund of execution fee to user
#212
sherlock-admin
opened
1 year ago
9
simon135 - slippage set to 0 it can cause users to get sandwiched
#211
sherlock-admin
closed
1 year ago
0
simon135 - An attacker can avoid being auto Delevareged by using the keepers input to its disadvantage
#210
sherlock-admin
closed
1 year ago
0
ShadowForce - Issue when using tx.gasprice to estimate the execution fee
#209
sherlock-admin
closed
1 year ago
0
hack3r-0m - same signature can be used multiple times for validation in oracle while setting prices
#208
sherlock-admin
closed
1 year ago
6
ShadowForce - User can game the order system
#207
sherlock-admin
closed
1 year ago
5
simon135 - If a user makes a tx from their wallet they can get frontrunned and lose their funds
#206
sherlock-admin
closed
1 year ago
0
n33k - WNT in depositVault can be drained by abusing initialLongToken/initialShortToken of CreateDepositParams
#205
sherlock-admin
opened
1 year ago
1
joestakey - Variable subtracted where it should be assigned leads to `getAdjustedLongAndShortTokenAmounts()` reverting.
#204
sherlock-admin
closed
1 year ago
0
joestakey - Incorrect adjusted amount calculation in `getAdjustedLongAndShortTokenAmounts()` always reverts
#203
sherlock-admin
closed
1 year ago
0
hack3r-0m - temporary DOS when `cancelOrder` and `executeOrder` features are disabled for a market at same time
#202
sherlock-admin
closed
1 year ago
5
float-audits - User deposits can be lost if deposits are not crafted carefully
#201
sherlock-admin
closed
1 year ago
0
hack3r-0m - difference in tx.gasPrice is not accounted while paying for execution
#200
sherlock-admin
closed
1 year ago
6
hack3r-0m - net negative sum outcome when liquidating below cetain size
#199
sherlock-admin
closed
1 year ago
5
0xAmanda - Loading arbitrary's contract data to memory allows grieffing attack
#198
sherlock-admin
closed
1 year ago
0
0xAmanda - Incorrect function call leads to stale borrowing fees
#197
sherlock-admin
opened
1 year ago
11
berndartmueller - The claimable collateral factor with the key `Keys.claimableCollateralFactorKey` remains unchanged and results in a claimable collateral amount of zero
#196
sherlock-admin
closed
1 year ago
0
berndartmueller - Underestimated gas estimation for executing withdrawals leads to insufficient keeper compensation
#195
sherlock-admin
opened
1 year ago
1
berndartmueller - Decreasing a position without a swap path is susceptible to slippage
#194
sherlock-admin
closed
1 year ago
0
berndartmueller - Depositing in a market with the same long and short tokens will revert
#193
sherlock-admin
closed
1 year ago
0
berndartmueller - Inability to claim collateral
#192
sherlock-admin
closed
1 year ago
0
hack3r-0m - executing orders might get broken due to console.log
#191
sherlock-admin
closed
1 year ago
5
tsvetanovv - There is no way to decrease timelock delay
#190
sherlock-admin
closed
1 year ago
5
0xAmanda - Uncalculated gas while swapping tokens will make the keeper lose funds on withdrawals
#189
sherlock-admin
closed
1 year ago
0
Breeje - No Slippage protection in `swap` allows MEV Attack and Loss of Funds while executing Deposit
#188
sherlock-admin
closed
1 year ago
0
0xAmanda - Incorrect calculation of the value in the pool
#187
sherlock-admin
closed
1 year ago
0
Next