sherlock-audit 2023-05-perennial-judging issues

sherlock-audit / 2023-05-perennial-judging

12 stars 9 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

ak1 - No validation to check the `arbitrum` sequencer is down

#245 sherlock-admin closed 1 year ago
0
supernova - Cached Address can be changed by anyone

#244 sherlock-admin closed 1 year ago
0
ak1 - oracle - freshness of price value is not checked.

#243 sherlock-admin closed 1 year ago
0
MohammedRizwan - Missing check for active Arbitrum Sequencer

#242 sherlock-admin closed 1 year ago
0
josephdara - resolveShortfall fails when contract is paused

#241 sherlock-admin closed 1 year ago
0
MohammedRizwan - Unhandled chainlink revert would lock price oracle access

#240 sherlock-admin closed 1 year ago
0
seerether - Spender have unrestricted access to the account's shares.

#239 sherlock-admin closed 1 year ago
0
josephdara - Liquidation Reverts

#238 sherlock-admin closed 1 year ago
0
ak1 - ProductManager.sol : function sync would revert when `available fund` is lesser than `refundAmount` amount.

#237 sherlock-admin closed 1 year ago
18
BLACK-PANDA-REACH - Overvalued collateral in case of USDC depeg

#236 sherlock-admin closed 1 year ago
0
MohammedRizwan - Chainlink's latestRoundData might return stale or incorrect results

#235 sherlock-admin closed 1 year ago
0
josephdara - user deposits are overwritten

#234 sherlock-admin closed 1 year ago
0
BLACK-PANDA-REACH - Balanced Vault Upgrade can trigger a mass liquidation event

#233 sherlock-admin closed 1 year ago
2
BLACK-PANDA-REACH - `BalancedVault` doesn't consider potential break in one of the markets

#232 sherlock-admin opened 1 year ago
7
ak1 - BalancedVault.sol#L211 : claim reset the `_unclaimed[account]` when there is less amount of fund.

#231 sherlock-admin closed 1 year ago
7
ashirleyshe - Do not check allowance before token transfer

#230 sherlock-admin closed 1 year ago
0
josephdara - L2 Sequencer Unhandled for Arbitrum and Optimism

#229 sherlock-admin closed 1 year ago
0
ak1 - BalancedVault.sol# : double count of `_pendingRedemption` during settle process.

#228 sherlock-admin closed 1 year ago
0
bitsurfer - Perennial only use DSU as collateral which pegged to USDC open for depeg failure

#227 sherlock-admin closed 1 year ago
0
ast3ros - Incentive can be miscalculated

#226 sherlock-admin closed 1 year ago
17
ak1 - BalancedVault.sol#L137 : `sync()` can be called by anyone which would hurt the user when the market has negative fluctuations.

#225 sherlock-admin closed 1 year ago
0
tsvetanovv - Missing check for active L2 Sequencer

#224 sherlock-admin closed 1 year ago
0
rvierdiiev - When Product is closed, then liquidation is not allowed

#223 sherlock-admin closed 1 year ago
0
simon135 - owner can create projects for other product coordinator

#222 sherlock-admin closed 1 year ago
0
simon135 - Some positions wont be able to be liquidated becuase of mistake in the code

#221 sherlock-admin closed 1 year ago
0
BLACK-PANDA-REACH - DoS when calling `_chargeFee` in `MultiInvoker`

#220 sherlock-admin closed 1 year ago
1
BLACK-PANDA-REACH - Wrong rate when maker and taker are 0

#219 sherlock-admin closed 1 year ago
1
ashirleyshe - Mint token event does not follow the ERC20 token standard

#218 sherlock-admin closed 1 year ago
0
BLACK-PANDA-REACH - Loss of Precision when calculating `positionFee`

#217 sherlock-admin closed 1 year ago
0
BLACK-PANDA-REACH - Oracles may return stale prices

#216 sherlock-admin closed 1 year ago
0
simon135 - when their are no positions in the que the protocol it will revert and it wont allow takers to open Positions

#215 sherlock-admin closed 1 year ago
0
simon135 - when their are no positions in the que the protocol wont allow the taker to make position

#214 sherlock-admin closed 1 year ago
0
simon135 - Pauser role can pause the contracts and since its not the owner is can cause users not to be able to close their positions

#213 sherlock-admin closed 1 year ago
0
rvierdiiev - BalancedVault.claim can be called in not favorable situation

#212 sherlock-admin closed 1 year ago
0
BLACK-PANDA-REACH - Lack of L2 Sequencer uptime check when getting oracle data on Arbitrum

#211 sherlock-admin closed 1 year ago
0
ast3ros - Maker can close position without checking utilization rate.

#210 sherlock-admin closed 1 year ago
0
Jaraxxus - BalanceVault is not EIP-4626 compliant

#209 sherlock-admin closed 1 year ago
0
BLACK-PANDA-REACH - Maker/taker will be paying slightly less funding fee to taker/maker respectively due to precision loss

#208 sherlock-admin closed 1 year ago
1
BLACK-PANDA-REACH - User can mint variable numbers of DSU tokens by paying same amount of USDC

#207 sherlock-admin closed 1 year ago
1
mstpr-brainbot - Potential Vault Rebalancing Failure due to Zero Target Collateral

#206 sherlock-admin closed 1 year ago
0
tsvetanovv - It is possible to revert because overflow in `getPhaseSwitchoverData`

#205 sherlock-admin closed 1 year ago
0
rvierdiiev - BalancedVault doesn't have ability to claim and distribute rewards among holders

#204 sherlock-admin closed 1 year ago
0
Jaraxxus - ChainlinkOracle will return the wrong price for asset if underlying aggregator hits minAnswer

#203 sherlock-admin closed 1 year ago
0
Jaraxxus - No check if Arbitrum L2 sequencer is down in Chainlink feeds

#202 sherlock-admin closed 1 year ago
0
Jaraxxus - Return values from Chainlink's latestRoundData is not checked properly

#201 sherlock-admin closed 1 year ago
0
sashik_eth - Not checking if the L2 sequencer is down during the call to Chainlink feeds

#200 sherlock-admin closed 1 year ago
0
tsvetanovv - A user may lose funds if he uses the `claim()` function

#199 sherlock-admin closed 1 year ago
0
rvierdiiev - Malicious user can send protocol fees to address 0

#198 sherlock-admin closed 1 year ago
0
rvierdiiev - Incentivizer.complete doesn't sync last oracle version

#197 sherlock-admin closed 1 year ago
12
levi - `collateralInvariant` is restrictive on deposits

#196 sherlock-admin closed 1 year ago
0