sherlock-audit 2023-10-mzero-judging issues

sherlock-audit / 2023-10-mzero-judging

3 stars 2 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

0xkaden - Voters can receive inflation from voting with 0 voting weight

#32 sherlock-admin2 closed 7 months ago
4
0xkaden - Lack of precision results in broken core invariant between balance and votingPower

#31 sherlock-admin4 closed 7 months ago
0
00001111x0 - Bootstrapping is likely to destroy a large portion of users' Power Tokens

#30 sherlock-admin3 closed 7 months ago
11
maushish - Inaccurate Balance Retrieval in PowerToken due to Asynchronous Snapshotting.

#29 sherlock-admin2 closed 7 months ago
9
KingNFT - Users holding both ````ZeroToken```` and ````PowerToken```` are incentivized to cast ````NO```` votes

#28 sherlock-admin4 closed 7 months ago
7
almurhasan - There will always be less supply of M tokens than owedM(active/inactive) in the protocol.

#27 sherlock-admin3 closed 7 months ago
1
00001111x0 - If `StandardGovernor.proposalFee` is small or zero, an attacker can asymmetrically gas grief the PowerToken voters and/or prevent them from earning ZeroToken and accruing inflation

#26 sherlock-admin2 closed 7 months ago
1
almurhasan - Inconsistency in totalInactiveOwedM and principalOfTotalActiveOwedM.

#25 sherlock-admin4 closed 7 months ago
0
almurhasan - latestIndex can be 0 unexpectedly in an edge case scenario.

#24 sherlock-admin3 closed 7 months ago
2
itsabinashb - Penalty charge is not considered during recalculation of `principalOfTotalActiveOwedM` while deactivating a minter results misscount throughout various functions.

#23 sherlock-admin2 closed 7 months ago
1
KingNFT - Voting bias due to incentive of significant gas saving

#22 sherlock-admin4 closed 7 months ago
3
almurhasan - Some power token holders(other than initial accounts defined in PowerBootstrapToken) will lose previous tokens when calling the function buy(powertoken contract).

#21 sherlock-admin3 closed 7 months ago
2
almurhasan - Voting tokens holders can delegate voting power(weight) to different accounts(own account) and castvote unfairly,get more reward tokens unfairly.

#20 sherlock-admin2 closed 7 months ago
3
0xkaden - EIP-5805 non-compliance

#19 sherlock-admin4 closed 7 months ago
3
0xkaden - Minters that are earning and active are unable to burn their full balance of owed M

#18 sherlock-admin3 closed 7 months ago
3
levi_104 - Wrong number of votes

#17 sherlock-admin2 closed 7 months ago
3
levi_104 - Using ordered nonces may lead to short-term DoS.

#16 sherlock-admin4 closed 7 months ago
3
levi_104 - active and deactive have unidirectionality

#15 sherlock-admin3 closed 7 months ago
3
levi_104 - Mint overflow

#14 sherlock-admin2 closed 7 months ago
2
levi_104 - The content of DOMAINSEPARATOR is redundant

#13 sherlock-admin4 closed 7 months ago
3
levi_104 - Signature front-run

#12 sherlock-admin3 closed 7 months ago
2
KingNFT - Users might pay more proposal fees then they intend

#11 sherlock-admin2 closed 7 months ago
2
0xkaden - Syncing inflation fails to trigger a Transfer event making PowerToken not ERC20 compliant

#10 sherlock-admin4 closed 7 months ago
14
0xkaden - Possible overflow when minting M

#9 sherlock-admin3 closed 7 months ago
2
dany.armstrong90 - `MinterGateway.sol#_verifyValidatorSignatures` function miscalculates `minTimestamp_`.

#8 sherlock-admin2 closed 7 months ago
1
dany.armstrong90 - `MToken.sol#_addNonEarningAmount` function may cause overflow error.

#7 sherlock-admin4 closed 7 months ago
2
KingNFT - Several ````castVotes***BySig()```` functions are broken due to incorrect implementation of EIP712

#6 sherlock-admin3 closed 7 months ago
4
dany.armstrong90 - Penalties are applied wrong.

#5 sherlock-admin2 closed 7 months ago
2
itsabinashb - Validator can maliciously cancel an authentic mint by frontrunning minter's call to mintM()

#4 sherlock-admin4 closed 7 months ago
6
pashap9990 - Power token has same cost for every cash token

#3 sherlock-admin3 closed 7 months ago
1
araj - `ApprovedEarner` can still earn `EarnerRate` even after removal from `EARNERS_LIST`

#2 sherlock-admin2 closed 7 months ago
3
g - Stable Earner Rate Model brick core functions of Minter Gateway due to 0 initial rate

#1 sherlock-admin4 closed 7 months ago
2