issues
search
sherlock-audit
/
2024-02-perennial-v2-3-judging
6
stars
5
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Gas Optimization
#37
Emmanuel-hub321
closed
2 months ago
0
w42d3n - Uncontrolled Registry in MarketFactory.sol
#36
sherlock-admin3
closed
3 months ago
2
w42d3n - Reentrancies in oracle.sol
#35
sherlock-admin2
closed
3 months ago
2
w42d3n - Use call instead of transfer on payable addresses
#34
sherlock-admin4
closed
3 months ago
1
bareli - uncheck output of "transfer"
#33
sherlock-admin3
closed
3 months ago
2
bin2chen - ChainlinkFactory will pay non-requested versions keeper fees
#32
sherlock-admin2
opened
3 months ago
3
bareli - No check on "ethTokenOracleFeed().latestRoundData()"
#31
sherlock-admin4
closed
3 months ago
2
bin2chen - after update v2.1.1 may not be able to settle properly
#30
sherlock-admin3
closed
3 months ago
8
bin2chen - ChainlinkFactory no convert decimals
#29
sherlock-admin2
closed
3 months ago
9
4b - In `MultiInvoker.sol::invoke` transfer will not be compatible with some wallets
#28
sherlock-admin4
closed
3 months ago
1
thisvishalsingh - Restrictive Oracle-Market Mapping in `MarketFactory` Leading to Limited Market Creation and Impaired Revenue Potential
#27
sherlock-admin3
closed
3 months ago
2
panprog - Vault global shares and assets change will mismatch local shares and assets change during settlement due to incorrect `_withoutSettlementFeeGlobal` formula
#26
sherlock-admin2
opened
3 months ago
2
panprog - Vault checkpoints slightly incorrect conversion from assets to shares leads to slow loss of funds for long-time vault depositors
#25
sherlock-admin4
opened
3 months ago
3
4b - In `MultiInvoker.sol::_withdraw` Blacklisted USDC addresses can lead to DOS
#24
sherlock-admin3
closed
3 months ago
2
panprog - Vault and oracle keepers DoS in some situations due to `market.update(account,max,max,max,0,false)`
#23
sherlock-admin2
opened
3 months ago
2
bin2chen - Liquidator can set up referrals for other users
#22
sherlock-admin4
opened
3 months ago
12
bin2chen - Liquidator/referrer is himself, rewards will be lost
#21
sherlock-admin3
closed
3 months ago
3
bin2chen - MultiInvoker is not backward compatible
#20
sherlock-admin2
closed
3 months ago
1
bin2chen - OracleVersion will not be invalid
#19
sherlock-admin4
closed
3 months ago
3
4b - In `Vault.sol::update` USDC blacklists can lead to locked up funds
#18
sherlock-admin3
closed
3 months ago
2
bin2chen - _loadContext() uses the wrong pendingGlobal.
#17
sherlock-admin2
opened
3 months ago
3
panprog - If referral or liquidator is the same address as the account, then liquidation/referral fees will be lost due to local storage being overwritten after the `claimable` amount is credited to liquidator or referral
#16
sherlock-admin4
opened
3 months ago
3
4b - Vault Rounding Issue in `Vault.sol::_update`
#15
sherlock-admin3
closed
3 months ago
2
krkba - Missing check for array limit in `invoke` function.
#14
sherlock-admin2
closed
3 months ago
2
KingNFT - ````Pyth```` oracle is paying ````30%```` more than intended keep fee
#13
sherlock-admin4
closed
3 months ago
28
panprog - MultiInvoker's stored TriggerOrders are not migrated to new format, potentially causing huge interface fees charged to users.
#12
sherlock-admin3
closed
3 months ago
8
panprog - All transactions to claim assets from the vault will revert in some situations due to double subtraction of the claimed assets in market position allocations calculation.
#11
sherlock-admin2
opened
3 months ago
2
KingNFT - Orders on Optimism chains can not be settled due to revert of ````keep()````
#10
sherlock-admin4
opened
3 months ago
2
panprog - Makers can lose funds from price movement even when no long and short positions are opened, due to incorrect distribution of adiabatic fees exposure between makers
#9
sherlock-admin3
opened
3 months ago
2
panprog - When vault's market weight is set to 0 to remove the market from the vault, vault's leverage in this market is immediately set to max leverage risking position liquidation
#8
sherlock-admin2
opened
3 months ago
6
bigbick123456789000 - Use of `call()` Instead of `transfer()` in `MultiInvoker` 's `invoke` Function
#7
sherlock-admin4
closed
3 months ago
3
panprog - Requested oracle versions, which have expired, must return this oracle version as invalid, but they return it as a normal version with previous version's price instead
#6
sherlock-admin3
opened
3 months ago
4
panprog - Empty orders do not request from oracle and during settlement they use an invalid oracle version with `price=0` which messes up a lot of fees and funding accounting leading to loss of funds for the makers
#5
sherlock-admin2
opened
3 months ago
5
bigbick123456789000 - Exploitable Flaw in `transferOwnership` Function
#4
sherlock-admin4
closed
3 months ago
2
bigbick123456789000 - Lack of Handling Non-Standard ERC20 Behavior in `approve` Function
#3
sherlock-admin3
closed
3 months ago
2
bigbick123456789000 - Division by Zero Vulnerability in `MetaQuantsFactory` Contract
#2
sherlock-admin2
closed
3 months ago
2
bigbick123456789000 - Lack of Sequencer Uptime Feed Consultation in Arbitrum Chainlink Oracle
#1
sherlock-admin4
closed
3 months ago
2