issues
search
sherlock-audit
/
2024-02-perpetual-judging
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Avci - the `deposit()` won't work after the first call in `OracleMaker.sol`
#152
sherlock-admin3
closed
1 month ago
1
Avci - Nonces are not used in the signature checks
#151
sherlock-admin4
closed
1 month ago
1
bareli - amountOutMinimum in filllorder shouldnot be 0.
#150
sherlock-admin2
closed
1 month ago
0
ge6a - The protocol uses prices in usd instead of usdt/usdc
#149
sherlock-admin3
closed
1 month ago
26
bareli - use 'safeapprove' insted of 'approve'
#148
sherlock-admin4
closed
1 month ago
1
ihavebigmuscle - Increasing the Exposure of SpotHedgeMaker and OracleMaker
#147
sherlock-admin2
closed
1 month ago
0
Kose - Traders Continue to Pay Fees When a Market or The System is Suspended
#146
sherlock-admin3
closed
1 month ago
1
Avci - Malicious users can manipulate the price to their advantage
#145
sherlock-admin4
closed
1 month ago
4
ihavebigmuscle - Opening a Delta Neutral Position Enables OracleMaker LP to Profit from SpotHedgeMaker LP
#144
sherlock-admin2
closed
1 month ago
1
Avci - anyone can drain `PythOracleAdapter.sol` by `updatePrice()`
#143
sherlock-admin3
closed
1 month ago
1
Avci - There are no checks to ensure ecrecover() does not return 0.
#142
sherlock-admin4
closed
1 month ago
1
ihavebigmuscle - Whitelisted LPs in OracleMaker Can Manipulate the Funding Rate through Deposit/Withdraw Operations
#141
sherlock-admin2
closed
1 month ago
7
ge6a - Loss of funds for trader because whitelisted maker can't be liquidated
#140
sherlock-admin3
opened
2 months ago
15
Kose - Unfair Liquidation After System Suspension Lift Because of Lack of Grace Period for Traders
#139
sherlock-admin4
closed
1 month ago
1
Avci - lack of slippage parameteres in `fillOrder` function.
#138
sherlock-admin2
closed
1 month ago
0
jokr - Incorrect premium calculation in OracleMaker
#137
sherlock-admin3
opened
2 months ago
4
nirohgo - Price difference between pyth oracle and uniswap can be exploited for immediate gain by takers
#136
sherlock-admin4
closed
1 month ago
2
jasonxiale - tiny positions might not be liquidated entirely
#135
sherlock-admin2
closed
1 month ago
2
jokr - Instant arbitrage oppurtunity in OracleMaker
#134
sherlock-admin3
closed
1 month ago
0
nirohgo - Funding Fee Rate is calculated based only on the Oracle Maker's skew but applied across the entire market, which enables an attacker to generate an extreme funding rate for a low cost and leverage that to their benefit
#133
sherlock-admin4
opened
2 months ago
83
ihavebigmuscle - Triggering Custom Error Allows Quoter to Return Incorrect Prices
#132
sherlock-admin3
closed
1 month ago
7
ge6a - Update price 2 times in the same block
#131
sherlock-admin2
closed
1 month ago
24
Kose - Unfair LP Fund Losses in SpotHedgeBaseMaker Due to CircuitBreaker Rate-Limiting
#130
sherlock-admin4
closed
1 month ago
8
IllIllI - Signature validation callbacks can be used to make margin withdrawal calculations invalid
#129
sherlock-admin3
closed
1 month ago
11
IllIllI - Oracle updates can be front-run in order to bypass price band caps
#128
sherlock-admin2
closed
1 month ago
8
IllIllI - Whale LPs can make the admin's risk control parameters ineffective
#127
sherlock-admin4
closed
3 weeks ago
23
IllIllI - Borrow fees can be arbitrarily increased without the maker providing any value
#126
sherlock-admin3
opened
2 months ago
42
ge6a - Draining maker through funding fee
#125
sherlock-admin2
closed
1 month ago
12
IllIllI - Reservation price does not take into account the size of the order
#124
sherlock-admin4
closed
1 month ago
1
IllIllI - Two Pyth prices can be used in the same transaction to attack the LP pools
#123
sherlock-admin3
opened
2 months ago
2
jokr - Incorrect slippage check for taker in `ClearingHouse`
#122
sherlock-admin2
closed
1 month ago
2
IllIllI - No slippage control on maker LP `deposit()`/`withdraw()`
#121
sherlock-admin4
opened
2 months ago
10
AgileJune - Attacker can drain all ethers on PythOracleAdapter contract via updatePrice() function
#120
sherlock-admin2
closed
1 month ago
1
IllIllI - Attackers can sandwich their own trades up to the price bands
#119
sherlock-admin4
opened
2 months ago
26
IllIllI - SpotHedgeBaseMaker LPs will be able to extract value during a USDT/USDC de-peg
#118
sherlock-admin3
opened
2 months ago
1
IllIllI - Withdrawal caps can be bypassed by opening positions against the SpotHedgeBaseMaker
#117
sherlock-admin3
opened
2 months ago
2
IllIllI - Price band caps apply to decreasing orders, but not to liquidations
#116
sherlock-admin2
opened
2 months ago
30
IllIllI - Attackers can create positions that have no incentive to be liquidated
#115
sherlock-admin2
opened
2 months ago
13
IllIllI - SpotHedgeBaseMaker uses the wrong oracle for non-evm/non-erc20 markets
#114
sherlock-admin4
closed
1 month ago
3
PUSH0 - OracleMaker LPs are unnecessarily forced-exposed to risk when CircuitBreaker's rate limit is close to triggering
#113
sherlock-admin4
closed
1 month ago
2
neon2835 - Users can avoid the possibility of liquidation
#112
sherlock-admin3
closed
1 week ago
78
jokr - Liquidators can prevent users from making their positions healthy during an unpause
#111
sherlock-admin2
closed
1 month ago
1
ihavebigmuscle - Relay Fee is Collected All at Once, Allowing Relayers to Earn Relay Fees by Only Partially Filling Orders
#110
sherlock-admin2
closed
1 month ago
2
ihavebigmuscle - The Order Key Does Not Include Complete Order Data
#109
sherlock-admin4
closed
1 month ago
2
Ragnark_323 - Potential Precision loss Due to Division before multiplication in Shares calculation
#108
sherlock-admin4
closed
1 month ago
2
ni8mare - `deposit` function in `SpotHedgeBaseMaker` and `OracleMaker` is prone to slippage
#107
sherlock-admin3
closed
1 month ago
1
PUSH0 - Bad debt liquidation leaves liquidated user with negative margin, which can cause bank run and loss of funds for the last users to withdraw
#106
sherlock-admin3
closed
1 month ago
9
neon2835 - setAuthorization functions should not be hard coded
#105
sherlock-admin2
closed
1 month ago
1
unsafesol - Wrong Implementation of Borrowing Fee Mechanism causes lose of Funds for Whitelisted Makers
#104
sherlock-admin2
closed
1 month ago
2
qpzm - OracleMaker._getBasePriceWithSpread returns unfavorable price for itself.
#103
sherlock-admin4
closed
1 month ago
5
Next