sherlock-audit 2023-05-ironbank-judging issues

sherlock-audit / 2023-05-ironbank-judging

2 stars 2 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

innertia - Disable deferLiquidityCheck functionality

#399 sherlock-admin closed 1 year ago
0
innertia - Cannot delete Extension that user has allowed

#398 sherlock-admin closed 1 year ago
0
Delvir0 - An user can use an attack contract to block being liquidated.

#397 sherlock-admin closed 1 year ago
0
Delvir0 - `IronBank.deferLiquidityCheck` can be used to drain the pool

#396 sherlock-admin closed 1 year ago
0
Delvir0 - User can get liquidated even if collateral is sufficient by using ibToken at an other protocol

#395 sherlock-admin closed 1 year ago
0
Arabadzhiev - Lack of stale data checks when retrieving price data from Chainlink

#394 sherlock-admin closed 1 year ago
0
Arabadzhiev - Missing L2 sequencer outage checks

#393 sherlock-admin closed 1 year ago
0
Delvir0 - Calling `IronBank._isLiquidateable` can result to DoS due to high amount of market participation

#392 sherlock-admin closed 1 year ago
0
Delvir0 - Delisting a market could lead to a bad debt of the market or lead to users unable to redeem their collateral

#391 sherlock-admin closed 1 year ago
0
n33k - Oracle does not check if anwser returned from chainlink is in valid range

#390 sherlock-admin closed 1 year ago
0
josephdara - Wrong Storage Slot Calculation

#389 sherlock-admin closed 1 year ago
0
dy - Liquidation of full debt fails at sufficiently low collateral price

#388 sherlock-admin closed 1 year ago
0
n33k - Oracle has no check for timestamp

#387 sherlock-admin closed 1 year ago
0
n33k - Oracle has no check for round completeness

#386 sherlock-admin closed 1 year ago
0
Delvir0 - Missing sequencer check for ARB network in `PriceOracle.sol`

#385 sherlock-admin closed 1 year ago
0
Delvir0 - Missing stale price check from Chainlink oracle

#384 sherlock-admin closed 1 year ago
0
qpzm - `PriceOracle.getPriceFromChainlink` is not validated properly.

#383 sherlock-admin closed 1 year ago
0
n33k - Missing check for whether L2 Sequencer is active

#382 sherlock-admin closed 1 year ago
0
n33k - Multihop uniV3SwapExactOut does not work

#381 sherlock-admin closed 1 year ago
0
n33k - Incorrect parameter ordering in function call

#380 sherlock-admin closed 1 year ago
0
MohammedRizwan - Unhandled chainlink revert would lock price oracle access

#379 sherlock-admin closed 1 year ago
0
jprod15 - delistMarket can break the protocol

#378 sherlock-admin closed 1 year ago
0
jprod15 - FlashLoan can be fail if token is USDT

#377 sherlock-admin closed 1 year ago
0
jprod15 - ETh can be steal

#376 sherlock-admin closed 1 year ago
0
oxchryston - The `repay` function `reverts` if the `amount` passed in the ` input` is greater than the `repay amount`.

#375 sherlock-admin closed 1 year ago
0
plainshift-2 - Users providing a low supply amount results in no tokens received

#374 sherlock-admin closed 1 year ago
0
plainshift-2 - Lenders can withdraw all tokens through a repetitive withdraws

#373 sherlock-admin closed 1 year ago
0
plainshift-2 - Certain functions may not return the latest account's liquidity state

#372 sherlock-admin closed 1 year ago
0
plainshift-2 - PriceOracle#getPriceFromChainlink doesn't do a staleness check

#371 sherlock-admin closed 1 year ago
0
plainshift-2 - IronBank should consult with Arbitrum Chainlink Sequencer Uptime Feed before using oracles

#370 sherlock-admin closed 1 year ago
0
plainshift-2 - Utilization rate incorrectly includes reserves in calculations

#369 sherlock-admin closed 1 year ago
0
CMierez - User's ETH can be stuck and stolen in TxBuilderExtension due to Native Token actions' unexpected behaviour and double-spending

#368 sherlock-admin closed 1 year ago
0
CMierez - Griefing can be performed to make User's use of main IronBank functions more gas expensive

#367 sherlock-admin closed 1 year ago
0
CMierez - No Validity, Staleness nor Sequencer Uptime checks on Oracle's PriceFeed consumption

#366 sherlock-admin closed 1 year ago
0
shealtielanz - Malicious Borrower can `repay` debt in a market with actual paying.

#365 sherlock-admin closed 1 year ago
0
oxchryston - Malicious `credit` `account` can ` drain` the `contract` of it's funds

#364 sherlock-admin closed 1 year ago
0
oxchryston - Anyone can call `absorb` to absorb excess `underlying` asset.

#363 sherlock-admin closed 1 year ago
0
0x52 - Pragma isn't specified correctly which can lead to nonfunction/damaged contract when deployed on Arbitrum

#362 sherlock-admin closed 1 year ago
2
0x52 - supplyNativeToken will strand ETH in contract if called after ACTION_DEFER_LIQUIDITY_CHECK

#361 sherlock-admin opened 1 year ago
16
0x52 - TxBuilderExtension#redeemNativeToken fails to accrueToken before getSupplyBalance

#360 sherlock-admin closed 1 year ago
14
Arz - USDT needs safeApprove(0) before setting a new approval

#359 sherlock-admin closed 1 year ago
0
0x52 - Flashloan#maxFlashloan and flashFee are not EIP-3156 compatible

#358 sherlock-admin closed 1 year ago
4
tsueti_ - _safeMint() SHOULD BE USED RATHER THAN _mint() WHEREVER POSSIBLE

#357 sherlock-admin closed 1 year ago
0
0x52 - PriceOracle#getPriceFromChainlink fails to check Arbitrum/Optimism Sequencer uptime

#356 sherlock-admin closed 1 year ago
0
EmanHerawy - delisted Market is not properly deleted

#355 sherlock-admin closed 1 year ago
0
0x52 - PriceOracle#getPriceFromChainlink may return stale data

#354 sherlock-admin closed 1 year ago
0
Arz - Missing checks for whether L2 Sequencer is active

#353 sherlock-admin closed 1 year ago
0
0x52 - Contracts never initialize owner for Ownable2Step.sol

#352 sherlock-admin closed 1 year ago
3
cryptostellar5 - User can lose funds on running execute() function

#351 sherlock-admin closed 1 year ago
0
Angry_Mustache_Man - PriceOracle will return the wrong price for asset if underlying aggregator hits minPrice

#350 sherlock-admin closed 1 year ago
0

Previous Next