sherlock-audit 2023-05-ironbank-judging issues

sherlock-audit / 2023-05-ironbank-judging

2 stars 2 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

0xpinky - `ironBank.accrueInterest` is not called when calling the `getSupplyBalance` and `getBorrowBalance`

#499 sherlock-admin closed 1 year ago
7
simon135 - An attacker can borrow with out collateral and gain free tokens through reentrancy

#498 sherlock-admin closed 1 year ago
0
josephdara - Market Config

#497 sherlock-admin closed 1 year ago
0
jayphbee - System parameter change could make user's position unexpectedly liquidatable.

#496 sherlock-admin closed 1 year ago
0
zklim - interestRateModelAddress is not checked during listMarket() in MarketConfigurator.sol

#495 sherlock-admin closed 1 year ago
0
evilakela - UniswapV2Utils library uses pool reserve to determine asset price

#494 sherlock-admin closed 1 year ago
0
josephdara - Critical Bug in Delisting

#493 sherlock-admin closed 1 year ago
0
ni8mare - `accrueInterest` method is not called before updating `reserveFactor` of a market

#492 sherlock-admin closed 1 year ago
0
josephdara - Storage Slot Collision Due to Contracts Upgrade

#491 sherlock-admin closed 1 year ago
0
anthony - Price oracle could get a stale price

#490 sherlock-admin closed 1 year ago
0
0xpinky - TxBuilderExtension.sol : `repayNativeToken` does not return the excess funds to the user.

#489 sherlock-admin closed 1 year ago
8
josephdara - Precision Loss causing loss of funds to the liquidator

#488 sherlock-admin closed 1 year ago
0
evilakela - IronBank::_getExchangeRate doesn't account for market decimals

#487 sherlock-admin closed 1 year ago
0
gkrastenov - Delisting market will not delete userBorrows and userSupplies

#486 sherlock-admin closed 1 year ago
0
ni8mare - Hard-coded Slippage May Freeze User Funds

#485 sherlock-admin closed 1 year ago
0
GimelSec - `PToken.absorb` should have access control.

#484 sherlock-admin closed 1 year ago
0
0xpinky - PToken.sol : `function absorb` is public and it can be called by anyone

#483 sherlock-admin closed 1 year ago
11
anthony - User can prevent liquidations by frontrunning the tx and slightly increasing their collateral

#482 sherlock-admin closed 1 year ago
0
josephdara - Liquidation Failure

#481 sherlock-admin closed 1 year ago
0
simon135 - oracle has no check if the sequencer is alive

#480 sherlock-admin closed 1 year ago
0
evilakela - InterestRateModelInterface::getBorrowRate doesn't account for market decimals

#479 sherlock-admin closed 1 year ago
0
simon135 - no check on timestamp for latestRoundData

#478 sherlock-admin closed 1 year ago
0
ni8mare - No slippage protection in swap functions of UniswapExtension.sol

#477 sherlock-admin closed 1 year ago
0
0xpinky - PriceOracle.sol#L66 : Freshness of asset price is not checked when using the chainlink's `latestRoundData`

#476 sherlock-admin closed 1 year ago
0
jayphbee - getPriceFromChainlink() could get stale price.

#475 sherlock-admin closed 1 year ago
0
josephdara - L2 sequencer Downtime

#474 sherlock-admin closed 1 year ago
0
Arz - Setting the liquidationThreshold to 0 puts some users at risk of getting liquidated

#473 sherlock-admin closed 1 year ago
7
0xMAKEOUTHILL - No checks if an Arbitrum L2 sequencer is down

#472 sherlock-admin closed 1 year ago
0
josephdara - Stale Price from Oracle

#471 sherlock-admin closed 1 year ago
0
evilakela - Chainlink's latestRoundData return no checks for stale or incorrect result

#470 sherlock-admin closed 1 year ago
0
gkrastenov - Returned values of Chainlink Oracle are not verified

#469 sherlock-admin closed 1 year ago
0
ni8mare - No checks for whether Arbitrum sequencer is down

#468 sherlock-admin closed 1 year ago
0
evilakela - Anyone can steal ETH in TxBuilderExtension contract that should be seized by the owner

#467 sherlock-admin closed 1 year ago
0
Kose - Check for stale data before trusting Chainlink's response

#466 sherlock-admin closed 1 year ago
0
evilakela - Loss of msg.value sended with TxBuilderExtension::execute in certain cases

#465 sherlock-admin closed 1 year ago
0
0xMosh - Attacker can frontrun and mint user's token to his address

#464 sherlock-admin closed 1 year ago
0
Nyx - Users wont exit market correctly when input amount is not uint256.max

#463 sherlock-admin closed 1 year ago
0
holyhansss - Not Checking for stale data in PriceOracle.sol

#462 sherlock-admin closed 1 year ago
0
0xMAKEOUTHILL - Can't unpause a listed PToken market

#461 sherlock-admin closed 1 year ago
0
ni8mare - Oracle return values are not being checked.

#460 sherlock-admin closed 1 year ago
0
kn0t - Oracle data feed is insufficiently validated.

#459 sherlock-admin closed 1 year ago
0
bin2chen - liquidate() Lack of restriction that liquidator cannot be a CreditAccount

#458 sherlock-admin closed 1 year ago
4
0xMAKEOUTHILL - Market not delisted properly

#457 sherlock-admin closed 1 year ago
0
qbs - Lack of proper gap between maximal LTV and liquidation LTV ratios

#456 sherlock-admin closed 1 year ago
0
Aymen0909 - Many functions will fail because they runs out of gas if a user has entered many markets

#455 sherlock-admin closed 1 year ago
0
martin - `getPriceFromChainlink` function might return stale results

#454 sherlock-admin closed 1 year ago
0
saidam017 - Chainlink oracle data is not validated, could return unwanted price value.

#453 sherlock-admin closed 1 year ago
0
bin2chen - setCreditLimit() CreditAccount may can't be canceled

#452 sherlock-admin closed 1 year ago
2
saidam017 - `TripleSlopeRateModel` and accrue interest, could get unexpected behavior with WBTC

#451 sherlock-admin closed 1 year ago
0
Aymen0909 - Missing checks for whether Arbitrum Sequencer is active

#450 sherlock-admin closed 1 year ago
0