issues
search
sherlock-audit
/
2023-06-bond-judging
3
stars
3
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
bin2chen - claimRewards() If a rewards is too small, it may block other epochs
#110
github-actions[bot]
opened
1 year ago
7
kutugu - Users can bypass allowList
#109
github-actions[bot]
closed
1 year ago
0
bin2chen - stake() missing set lastEpochClaimed when userBalance equal 0
#108
github-actions[bot]
opened
1 year ago
7
tnquanghuy0512 - User losing token when exercise() while is not the option token's receiver
#107
github-actions[bot]
closed
1 year ago
0
bin2chen - steal funds with variable decimals of payoutToken
#106
github-actions[bot]
closed
1 year ago
0
namx05 - Fee Calculation Issue in FixedStrikeOptionTeller.sol
#105
github-actions[bot]
closed
1 year ago
0
tnquanghuy0512 - User can reclaim() multiple time, causing draining the contract
#104
github-actions[bot]
closed
1 year ago
0
tnquanghuy0512 - OptionToken can not deploy with huge strike price
#103
github-actions[bot]
closed
1 year ago
0
supernova - Wrong comparison between block.timestamp , eligible_, and expiry_
#102
github-actions[bot]
closed
1 year ago
0
Kow - Unrestricted reclaim of payout/quote tokens allows user to steal all collateral from Teller
#101
github-actions[bot]
closed
1 year ago
0
Auditwolf - ERC 20 approve can fail for some tokens.
#100
github-actions[bot]
closed
1 year ago
0
caventa - For OracleStrikeOTLM, newly staked token could not be unstaked and its staked rewards could not be claimed in the new epoch due to invalid strike price
#99
github-actions[bot]
closed
1 year ago
0
Auditwolf - Incorrect calculation of current rewards per token.
#98
github-actions[bot]
closed
1 year ago
0
OCC - Reentrancy attack vulnerability in the deploy() function
#97
github-actions[bot]
closed
1 year ago
0
tsvetanovv - The user can't recive rewards if token is USDT
#96
github-actions[bot]
closed
1 year ago
0
ctf_sec - Strike price can be too high and cause overflow depends on the amount of option minted, receiver cannot reclaim the fund
#95
github-actions[bot]
closed
1 year ago
0
OCC - Detect collision due to dynamic type usages
#94
github-actions[bot]
closed
1 year ago
0
ctf_sec - OTLM: Stakers unable to claim their rewards
#93
github-actions[bot]
closed
1 year ago
2
ctf_sec - FixedStrikeOptionTeller: Receiver can only reclaim entire suply of option token and not a partial option token amount
#92
github-actions[bot]
closed
1 year ago
3
ctf_sec - FixedStrikeOptionTeller: create can be invoked when block.timestamp == expiry but exercise reverts
#91
github-actions[bot]
opened
1 year ago
3
ctf_sec - All funds can be stolen from FixedStrikeOptionTeller using a token with malicious decimals
#90
github-actions[bot]
opened
1 year ago
7
ctf_sec - Flashloan can be used to bypass the token allow list check
#89
github-actions[bot]
closed
1 year ago
3
ctf_sec - Too few or too much option reward token is minted if the payout token decimal miss match the staked token decimal
#88
github-actions[bot]
closed
1 year ago
3
ctf_sec - Division before multiplication result in loss of token reward if the reward update time elapse is small
#87
github-actions[bot]
opened
1 year ago
3
ctf_sec - IERC20(token).approve revert if the underlying ERC20 token approve does not return boolean
#86
github-actions[bot]
opened
1 year ago
3
ctf_sec - User cannot emergencyUnstake in certain case because the staked token balance is treated as the payout balance if the payout token equals to the staked token
#85
github-actions[bot]
closed
1 year ago
4
ctf_sec - Strike price can be too high and cause overflow when exercise their token, then user will never exercise their option and lose their option token
#84
github-actions[bot]
closed
1 year ago
10
ctf_sec - Use A's staked token balance can be used to mint option token as reward for User B if the payout token equals to the stake token
#83
github-actions[bot]
opened
1 year ago
18
ctf_sec - Loss of option token from Teller and reward from OTLM if L2 sequencer goes down
#82
github-actions[bot]
opened
1 year ago
5
ctf_sec - Blocklisted address can be used to lock the option token minter's fund
#81
github-actions[bot]
opened
1 year ago
13
qandisa - Users can not access the exercise function when the sequencer is down on Arbitrum
#80
github-actions[bot]
closed
1 year ago
0
ctf_sec - All fund from Teller contract can be drained because a malicious receiver can call reclaim repeatedly
#79
github-actions[bot]
opened
1 year ago
4
qandisa - Options can expire while users are unable to exercise them during sequencer failure
#78
github-actions[bot]
closed
1 year ago
0
qandisa - Rounding to nearest day is incorrect
#77
github-actions[bot]
closed
1 year ago
5
berndartmueller - A malicious option token deployer can drain quote token funds from the `FixedStrikeOptionTeller` contract
#76
github-actions[bot]
closed
1 year ago
0
caventa - Functions of OracleStrikeOTLM could not be performed for certain strike price
#75
github-actions[bot]
closed
1 year ago
0
caventa - Blacklist receiver maybe unable to reclaim option token leads to fund token in the contract
#74
github-actions[bot]
closed
1 year ago
0
Sm4rty - Attacker can Steal Other User's Collateral
#73
github-actions[bot]
closed
1 year ago
0
kutugu - A malicious user can use a backrun attack to make the staking user lose the reward
#72
github-actions[bot]
closed
1 year ago
0
Jiamin - Option Tokens should not be repeatedly used for reclaiming
#71
github-actions[bot]
closed
1 year ago
0
bin2chen - receiver can prevent exercise then force OptionToken to expire
#70
github-actions[bot]
closed
1 year ago
0
kutugu - Fulfill a small quantity portion of the order will affect the income of the protocol
#69
github-actions[bot]
closed
1 year ago
0
bin2chen - reclaim() can be executed repeatedly
#68
github-actions[bot]
closed
1 year ago
0
kutugu - A malicious user can use reclaim to steal teller funds
#67
github-actions[bot]
closed
1 year ago
0
tvdung94 - Malicious users could empty teller quote/payout tokens by repeatedly reclaim expired option token
#66
github-actions[bot]
closed
1 year ago
0
TrungOre - optionToken can't be exercise right after function `create` is called
#65
github-actions[bot]
closed
1 year ago
0
BenRai - The period in which `optionTokens` are executable is up to nearly 1 day shorter than intended
#64
github-actions[bot]
closed
1 year ago
0
BenRai - `optionTokens` can be expired even though the epoch is not over
#63
github-actions[bot]
opened
1 year ago
6
berndartmueller - Payout tokens can be stolen from the `FixedStrikeOptionTeller` contract by exercising call options without paying quote tokens
#62
github-actions[bot]
closed
1 year ago
0
berndartmueller - Funds can be stolen from the `FixedStrikeOptionTeller` contract by creating put option tokens without providing collateral
#61
github-actions[bot]
opened
1 year ago
7
Next