issues
search
sherlock-audit
/
2023-05-ironbank-judging
2
stars
2
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
oxchryston - Users can `borrow` with `zero` `collateral.`
#349
sherlock-admin
closed
1 year ago
0
0x52 - PriceOracle.sol will return the wrong price for asset if underlying aggregator hits minAnswer
#348
sherlock-admin
closed
1 year ago
0
Angry_Mustache_Man - PriceOracle use BTC/USD chainlink oracle to price WBTC which is problematic if WBTC depegs
#347
sherlock-admin
closed
1 year ago
0
Angry_Mustache_Man - The use of the platform can be disrupted if access to Chainlink oracle data feed is blocked
#346
sherlock-admin
closed
1 year ago
0
Angry_Mustache_Man - Missing checks for whether L2 Sequencer is active
#345
sherlock-admin
closed
1 year ago
0
Angry_Mustache_Man - Chainlink's latestRoundData return stale or incorrect result
#344
sherlock-admin
closed
1 year ago
0
oxchryston - The function `setcreditlimit` can be `frontruned` leading to more funds being collected.
#343
sherlock-admin
closed
1 year ago
0
Ocean_Sky - Chainlink's latestRoundData return stale or incorrect result
#342
sherlock-admin
closed
1 year ago
0
kutugu - AccrueInterest should be called first to get the latest user balance
#341
sherlock-admin
closed
1 year ago
6
Ocean_Sky - No checking for status of L2 sequencer on whether it is active or not
#340
sherlock-admin
closed
1 year ago
0
0x3b - Chainlick price not fully checked, possibility of stale data if sequencer is down
#339
sherlock-admin
closed
1 year ago
0
Auditwolf - Bad debts accrual if a borrowers account is so underwater.
#338
sherlock-admin
closed
1 year ago
8
Ignite - _loan() Function does not check borrow before and after
#337
sherlock-admin
closed
1 year ago
0
Ignite - userBorrows and userSupplies arrays may still contain their previous values even after the market is delisted
#336
sherlock-admin
closed
1 year ago
0
Ignite - Borrower Can Avoid Liquidation by Creating a Large `allEnteredMarkets` Array Size
#335
sherlock-admin
closed
1 year ago
0
Ignite - No check if Arbitrum L2 sequencer is down in PriceOracle.sol
#334
sherlock-admin
closed
1 year ago
0
Ignite - Insufficient Price Oracle Validation
#333
sherlock-admin
closed
1 year ago
0
shtesesamoubiq - Lack of safeApprove(0)
#332
sherlock-admin
closed
1 year ago
0
ArmedGoose - After delisting the market users will not be able to redeem their supplied tokens (even after relisting)
#331
sherlock-admin
closed
1 year ago
5
shtesesamoubiq - Chainlink’s latestRoundData might return stale or incorrect results
#330
sherlock-admin
closed
1 year ago
0
ArmedGoose - Liquidatable collateral may be delisted leading to bad debt
#329
sherlock-admin
closed
1 year ago
5
TiesStevelink - If user had became a credit user after he supplied and borrowed, it is hard for him to repay and redeem
#328
sherlock-admin
closed
1 year ago
0
Schpiel - MarketConfiguration: adjustMarketLiquidationThreshold() could lead to immediate liquidations of users
#327
sherlock-admin
closed
1 year ago
0
Schpiel - If a market is delisted, it is impossible for a user to redeem tokens
#326
sherlock-admin
closed
1 year ago
0
Schpiel - IronBank: _getAccountLiquidity() & _isLiquidatable() might run out of gas due to for loop
#325
sherlock-admin
closed
1 year ago
0
Schpiel - If a token's oracle goes down or price falls to zero, all liquidations, redemptions, and borrowing will be frozen if the user has entered that token market
#324
sherlock-admin
closed
1 year ago
0
cuthalion0x - `IronBank#_getExchangeRate()` disregards recently accrued interest
#323
sherlock-admin
closed
1 year ago
5
Schpiel - Chainlink’s latestRoundData Might Return Stale Results
#322
sherlock-admin
closed
1 year ago
0
Schpiel - User can frontrun liquidation & repay dust amounts, which will revert the liquidation, even if the loan is still under-collateralized.
#321
sherlock-admin
closed
1 year ago
0
0xSmartContract - Flash credit transactions are not charged, in which case attackers can abuse the system
#320
sherlock-admin
closed
1 year ago
0
Diana - Chainlink's latestRoundData returns stale or incorrect result
#319
sherlock-admin
closed
1 year ago
0
Diana - Wrong borrow rate is returned on using getBorrowRate()
#318
sherlock-admin
closed
1 year ago
0
Madalad - Missing check if Chainlink sequencer is down
#317
sherlock-admin
closed
1 year ago
0
Madalad - Chainlink aggregators return the incorrect price if it drops below `minAnswer`
#316
sherlock-admin
closed
1 year ago
0
Madalad - Chainlink's `latestRoundData` may return stale or incorrect result
#315
sherlock-admin
closed
1 year ago
0
Nyx - Excess ETH amount is sent to to address rather than msg.sender
#314
sherlock-admin
closed
1 year ago
0
mert_eren - A user can redeem some lend token which he shouldn't after that he can liqudiate himself.
#313
sherlock-admin
closed
1 year ago
7
BenRai - Users cannot be liquidated if there is no cash in the market they used for collateral
#312
sherlock-admin
closed
1 year ago
0
mert_eren - Liqudiate healthy account
#311
sherlock-admin
closed
1 year ago
0
BenRai - Setting `liquidationThreshold` x `liquidationBonus` to 100% can result in bed debt for the bank when prices decrease fast
#310
sherlock-admin
closed
1 year ago
0
NickWang - The impact of borrowing pause was not considered when calculating totalReserves in the _accrueInterest function.
#309
sherlock-admin
closed
1 year ago
0
NickWang - The user's liquidation and supply should be paused simultaneously.
#308
sherlock-admin
closed
1 year ago
0
pavankv241 - Unbounded loop may cause Dos by user-specified array-length.
#307
sherlock-admin
closed
1 year ago
0
cuthalion0x - `IronBank#_isLiquidatable()` potentially reverts on multiplication overflow
#306
sherlock-admin
closed
1 year ago
7
cuthalion0x - `IronBank#_getAccountLiquidity()` potentially reverts on multiplication overflow
#305
sherlock-admin
closed
1 year ago
0
cuthalion0x - Liquidated collateral can get stuck in credit accounts
#304
sherlock-admin
closed
1 year ago
7
ArmedGoose - No grace period after adjusting CollateralFactor/LiqThreshold may cause users to be liquidated immediately after
#303
sherlock-admin
closed
1 year ago
6
cuthalion0x - Zero-value transfers of `IBToken` prohibited
#302
sherlock-admin
closed
1 year ago
5
XDZIBEC - XDZIBEC-getPrice function does not specify the precision of the price
#301
sherlock-admin
closed
1 year ago
0
XDZIBEC - XDZIBEC-wrap function does not validate the amount parameteR
#300
sherlock-admin
closed
1 year ago
0
Previous
Next