sherlock-audit 2023-06-bond-judging issues

sherlock-audit / 2023-06-bond-judging

3 stars 3 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

bin2chen - claimRewards() If a rewards is too small, it may block other epochs

#110 github-actions[bot] opened 1 year ago
7
kutugu - Users can bypass allowList

#109 github-actions[bot] closed 1 year ago
0
bin2chen - stake() missing set lastEpochClaimed when userBalance equal 0

#108 github-actions[bot] opened 1 year ago
7
tnquanghuy0512 - User losing token when exercise() while is not the option token's receiver

#107 github-actions[bot] closed 1 year ago
0
bin2chen - steal funds with variable decimals of payoutToken

#106 github-actions[bot] closed 1 year ago
0
namx05 - Fee Calculation Issue in FixedStrikeOptionTeller.sol

#105 github-actions[bot] closed 1 year ago
0
tnquanghuy0512 - User can reclaim() multiple time, causing draining the contract

#104 github-actions[bot] closed 1 year ago
0
tnquanghuy0512 - OptionToken can not deploy with huge strike price

#103 github-actions[bot] closed 1 year ago
0
supernova - Wrong comparison between block.timestamp , eligible_, and expiry_

#102 github-actions[bot] closed 1 year ago
0
Kow - Unrestricted reclaim of payout/quote tokens allows user to steal all collateral from Teller

#101 github-actions[bot] closed 1 year ago
0
Auditwolf - ERC 20 approve can fail for some tokens.

#100 github-actions[bot] closed 1 year ago
0
caventa - For OracleStrikeOTLM, newly staked token could not be unstaked and its staked rewards could not be claimed in the new epoch due to invalid strike price

#99 github-actions[bot] closed 1 year ago
0
Auditwolf - Incorrect calculation of current rewards per token.

#98 github-actions[bot] closed 1 year ago
0
OCC - Reentrancy attack vulnerability in the deploy() function

#97 github-actions[bot] closed 1 year ago
0
tsvetanovv - The user can't recive rewards if token is USDT

#96 github-actions[bot] closed 1 year ago
0
ctf_sec - Strike price can be too high and cause overflow depends on the amount of option minted, receiver cannot reclaim the fund

#95 github-actions[bot] closed 1 year ago
0
OCC - Detect collision due to dynamic type usages

#94 github-actions[bot] closed 1 year ago
0
ctf_sec - OTLM: Stakers unable to claim their rewards

#93 github-actions[bot] closed 1 year ago
2
ctf_sec - FixedStrikeOptionTeller: Receiver can only reclaim entire suply of option token and not a partial option token amount

#92 github-actions[bot] closed 1 year ago
3
ctf_sec - FixedStrikeOptionTeller: create can be invoked when block.timestamp == expiry but exercise reverts

#91 github-actions[bot] opened 1 year ago
3
ctf_sec - All funds can be stolen from FixedStrikeOptionTeller using a token with malicious decimals

#90 github-actions[bot] opened 1 year ago
7
ctf_sec - Flashloan can be used to bypass the token allow list check

#89 github-actions[bot] closed 1 year ago
3
ctf_sec - Too few or too much option reward token is minted if the payout token decimal miss match the staked token decimal

#88 github-actions[bot] closed 1 year ago
3
ctf_sec - Division before multiplication result in loss of token reward if the reward update time elapse is small

#87 github-actions[bot] opened 1 year ago
3
ctf_sec - IERC20(token).approve revert if the underlying ERC20 token approve does not return boolean

#86 github-actions[bot] opened 1 year ago
3
ctf_sec - User cannot emergencyUnstake in certain case because the staked token balance is treated as the payout balance if the payout token equals to the staked token

#85 github-actions[bot] closed 1 year ago
4
ctf_sec - Strike price can be too high and cause overflow when exercise their token, then user will never exercise their option and lose their option token

#84 github-actions[bot] closed 1 year ago
10
ctf_sec - Use A's staked token balance can be used to mint option token as reward for User B if the payout token equals to the stake token

#83 github-actions[bot] opened 1 year ago
18
ctf_sec - Loss of option token from Teller and reward from OTLM if L2 sequencer goes down

#82 github-actions[bot] opened 1 year ago
5
ctf_sec - Blocklisted address can be used to lock the option token minter's fund

#81 github-actions[bot] opened 1 year ago
13
qandisa - Users can not access the exercise function when the sequencer is down on Arbitrum

#80 github-actions[bot] closed 1 year ago
0
ctf_sec - All fund from Teller contract can be drained because a malicious receiver can call reclaim repeatedly

#79 github-actions[bot] opened 1 year ago
4
qandisa - Options can expire while users are unable to exercise them during sequencer failure

#78 github-actions[bot] closed 1 year ago
0
qandisa - Rounding to nearest day is incorrect

#77 github-actions[bot] closed 1 year ago
5
berndartmueller - A malicious option token deployer can drain quote token funds from the `FixedStrikeOptionTeller` contract

#76 github-actions[bot] closed 1 year ago
0
caventa - Functions of OracleStrikeOTLM could not be performed for certain strike price

#75 github-actions[bot] closed 1 year ago
0
caventa - Blacklist receiver maybe unable to reclaim option token leads to fund token in the contract

#74 github-actions[bot] closed 1 year ago
0
Sm4rty - Attacker can Steal Other User's Collateral

#73 github-actions[bot] closed 1 year ago
0
kutugu - A malicious user can use a backrun attack to make the staking user lose the reward

#72 github-actions[bot] closed 1 year ago
0
Jiamin - Option Tokens should not be repeatedly used for reclaiming

#71 github-actions[bot] closed 1 year ago
0
bin2chen - receiver can prevent exercise then force OptionToken to expire

#70 github-actions[bot] closed 1 year ago
0
kutugu - Fulfill a small quantity portion of the order will affect the income of the protocol

#69 github-actions[bot] closed 1 year ago
0
bin2chen - reclaim() can be executed repeatedly

#68 github-actions[bot] closed 1 year ago
0
kutugu - A malicious user can use reclaim to steal teller funds

#67 github-actions[bot] closed 1 year ago
0
tvdung94 - Malicious users could empty teller quote/payout tokens by repeatedly reclaim expired option token

#66 github-actions[bot] closed 1 year ago
0
TrungOre - optionToken can't be exercise right after function `create` is called

#65 github-actions[bot] closed 1 year ago
0
BenRai - The period in which `optionTokens` are executable is up to nearly 1 day shorter than intended

#64 github-actions[bot] closed 1 year ago
0
BenRai - `optionTokens` can be expired even though the epoch is not over

#63 github-actions[bot] opened 1 year ago
6
berndartmueller - Payout tokens can be stolen from the `FixedStrikeOptionTeller` contract by exercising call options without paying quote tokens

#62 github-actions[bot] closed 1 year ago
0
berndartmueller - Funds can be stolen from the `FixedStrikeOptionTeller` contract by creating put option tokens without providing collateral

#61 github-actions[bot] opened 1 year ago
7