issues
search
sherlock-audit
/
2023-10-real-wagmi-judging
16
stars
14
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
mstpr-brainbot - Liquidity owner can burn the liquidity position to hurt borrower
#146
sherlock-admin2
closed
11 months ago
0
jah - no slippage lead to loss of fund
#145
sherlock-admin
closed
11 months ago
1
y0ng0p3 - latestUpTimestamp isn't recorded
#144
sherlock-admin2
closed
11 months ago
1
Nyx - Usage of the Wrong borrowing key inside the takeOverDebt() can cause borrowers to lose funds
#143
sherlock-admin
closed
11 months ago
0
detectiveking - Drain vault through abuse of `takeOverDebt` function
#142
sherlock-admin2
closed
11 months ago
1
0xJuda - Unfair distribution of liquidation bonus in LiquidityBorrowingManager#repay during emergency withdrawal
#141
sherlock-admin
closed
11 months ago
0
lil.eth - Underflow in borrow() Function
#140
sherlock-admin2
closed
11 months ago
0
0xJuda - Lender burning his position makes complete repayment of borrow position impossible
#139
sherlock-admin
closed
11 months ago
0
MohammedRizwan - The `FullMath` library used in `LiquidityBorrowingManager.sol` and `DailyRateAndCollateral.sol` is unable to handle intermediate overflows due to overflow
#138
sherlock-admin2
closed
11 months ago
11
lucifero - Users may lose their funds
#137
sherlock-admin
closed
11 months ago
0
Nyx - Liquidity providers can lose fees
#136
sherlock-admin2
closed
11 months ago
6
lucifero - Use of `slot0` to get `sqrtPriceLimitX96` can lead to price manipulation
#135
sherlock-admin
closed
11 months ago
0
kutugu - takeOverDebt does not have expiration time protection
#134
sherlock-admin2
closed
11 months ago
0
lucifero - Borrowing functionality for specific hold token may be dossed
#133
sherlock-admin
closed
11 months ago
0
kutugu - _restoreLiquidity may often DOS due to swap slippage
#132
sherlock-admin2
closed
11 months ago
1
0xblackskull - Unsafe casting from `uint256` to `uint128` in LiquidityManager.sol
#131
sherlock-admin
closed
11 months ago
1
kutugu - Under the emergency liquidation state, malicious borrowers can retain the liquidationBonus
#130
sherlock-admin2
closed
11 months ago
1
ArmedGoose - `Emergency repayment` and `takeOverDebt` rely on the same conditions as Liquidations, making them prone to frontrunning by liquidators
#129
sherlock-admin
closed
11 months ago
1
ArmedGoose - If the LPer becomes blacklisted for particular holdTokens like USDC,USDT, then liquidation of related position will not be possible
#128
sherlock-admin2
closed
11 months ago
0
0xblackskull - Use of `slot0` to get `sqrtPriceLimitX96` can lead to price manipulation.
#127
sherlock-admin
closed
11 months ago
0
0xblackskull - Incorrect Handling of int256 to (uint256(-int256)
#126
sherlock-admin2
closed
11 months ago
1
0xblackskull - Project may fail to be deployed to arbitrum chains becoz of `PUSH0` opcode
#125
sherlock-admin
closed
11 months ago
0
kutugu - The takeOverDebt uses the wrong borrowingKey
#124
sherlock-admin2
closed
11 months ago
0
ArmedGoose - Malicious liquidity provider may burn their LP NFT to make liquidations impossible and cause protocol to incur bad debt
#123
sherlock-admin
closed
11 months ago
0
detectiveking - Borrower collateral that they are owed can get stuck in Vault and not sent back to them after calling `repay`
#122
sherlock-admin2
opened
11 months ago
24
detectiveking - Borrowers are overcharged fees because both `borrowing.dailyRateCollateralBalance` is decremented and `borrowing.feesOwed` is incremented
#121
sherlock-admin
closed
11 months ago
1
detectiveking - `feesDebt` is charged twice rather than once
#120
sherlock-admin2
closed
11 months ago
1
HHK - Wrong `accLoanRatePerSeconds` in `repay()` can lead to underflow
#119
sherlock-admin
opened
11 months ago
16
pks_ - ApproveSwapAndPay.sol is vulnerable to address collision
#118
sherlock-admin2
closed
11 months ago
0
pks_ - Wrong uniswap v3 amountOut cause user attacked by MEV and lose funds
#117
sherlock-admin
closed
11 months ago
8
pks_ - Incompatible ERC20 token would cause contract Dos
#116
sherlock-admin2
closed
11 months ago
0
pks_ - Usage of slot0 is extremely easy to manipulate
#115
sherlock-admin
closed
11 months ago
0
pks_ - No slippage protection when protocol increaseLiquidity and decreaseLiquidity cause user lose funds.
#114
sherlock-admin2
closed
11 months ago
5
pinalikefruit - Unuseful external swap when trying to execute `repay()` function by liquidator/lender
#113
sherlock-admin
closed
11 months ago
3
Bandit - Borrower can devalue LP Position before borrowing or repaying to cheapen cost of restoring liquidity
#112
sherlock-admin2
closed
11 months ago
7
Bandit - Lender can manipulate liquidty value before `borrow` or`repay` to increase the amount borrower needs to repay
#111
sherlock-admin
closed
11 months ago
5
Bandit - Exessive Round up of Collateral
#110
sherlock-admin2
closed
11 months ago
0
talfao - No slippage protection during repayment due to dynamic slippage params and easily influenced `slot0()`
#109
sherlock-admin
opened
11 months ago
6
0xrobsol - Incomplete Token Transfer in Emergency Loan Closure
#108
sherlock-admin2
closed
11 months ago
1
0xrobsol - Rounding to Zero Prevents Fee Collection for Lesser Amounts
#107
sherlock-admin
closed
11 months ago
1
0xrobsol - Whitelisting Potentially Risky Swap Calls
#106
sherlock-admin2
closed
11 months ago
1
talfao - The liquidation bonus is not distributed fairly during emergency liquidations, leading to backrunning.
#105
sherlock-admin
closed
11 months ago
1
HHK - `computePoolAddress()` will not work on ZkSync Era
#104
sherlock-admin2
opened
11 months ago
3
HHK - `repay()` is prone to sandwich attacks
#103
sherlock-admin
closed
11 months ago
14
talfao - A burnt position will prevent repayment and liquidation
#102
sherlock-admin2
closed
11 months ago
0
ArmedGoose - Hardcoded precision is not suitable for all tokens, resulting in unfavorable calculations both for the users and the protocol
#101
sherlock-admin
closed
11 months ago
0
HHK - Lender is stuck as long a borrower is willing to pay
#100
sherlock-admin2
closed
11 months ago
2
ArmedGoose - The mismatch between expected and hardcoded slippage will cause the protocol to frequently revert on `borrow` and `repay`, disrupting normal work
#99
sherlock-admin
closed
11 months ago
1
ArmedGoose - The used solidity version 0.8.21 will not work properly on Arbitrum
#98
sherlock-admin2
closed
11 months ago
0
HHK - No check on liquidation and daily rates update while borrowing
#97
sherlock-admin
closed
11 months ago
19
Previous
Next