issues
search
sherlock-audit
/
2024-02-perpetual-judging
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
ether_sky - There may be excess funds in the PnL pool or bad debt due to the funding fee.
#102
sherlock-admin3
opened
2 months ago
19
petro1912 - `settleOrder` doesn't calculate margin requirement correctly if `ActionType` is `reduceOnly`.
#101
sherlock-admin3
closed
1 month ago
13
ether_sky - A liquidator has the ability to liquidate any amount between half and the entire position that is being liquidated.
#100
sherlock-admin2
closed
2 months ago
3
petro1912 - cancelOrder - The order owner can cancel the order even if the order has been settled by the relayer and the position has already been created.
#99
sherlock-admin2
closed
2 months ago
2
lemonmon - Liquidations of unhealthy positions may fail when the oracle is facing issues
#98
sherlock-admin4
closed
2 months ago
1
PUSH0 - Users will always pay max borrowing fee against SpotHedgeBaseMaker
#97
sherlock-admin2
closed
2 months ago
7
unsafesol - `PythOracleAdapter.sol` 's funds can be drained by a Malicious User by continuous calls of `updatePrice` function
#96
sherlock-admin3
closed
2 months ago
1
ether_sky - In certain cases, users are unable to settle their orders with the PartialFill trade type.
#95
sherlock-admin2
opened
2 months ago
3
lemonmon - Missing check for `redeemedRatio` in `OracleMaker.withdraw()` may result in burning the withdrawer's shares without them receiving collateral tokens
#94
sherlock-admin2
closed
2 months ago
2
lemonmon - Potential revert due to an underflow in `LibLugiaMath.applyDelta()` may cause several issues
#93
sherlock-admin4
closed
2 months ago
8
Kose - SpotHedgeBaseMaker is Vulnerable to Price Manipulation Attacks Because Insufficient Slippage Protection
#92
sherlock-admin2
closed
2 months ago
8
Kose - Arbitrary Price Selection Enables Fund Theft Which Brokes The Vault Accounting
#91
sherlock-admin4
closed
2 months ago
2
PUSH0 - If both makers make a loss, closing positions may be impossible, discouraging liquidations
#90
sherlock-admin4
closed
1 month ago
16
bigbick123456789000 - Orders can get stuck in cancelled state due to missing deadline check
#89
sherlock-admin3
closed
2 months ago
2
PUSH0 - Mass liquidations of any market generates sell pressure on the same UniV3 pool
#88
sherlock-admin2
closed
1 month ago
14
unsafesol - Slippage controls set in `SpotHedgeBaseMaker.sol` causes revert at all times
#87
sherlock-admin2
closed
2 months ago
1
bigbick123456789000 - Lack of Proper Handling for ERC20 Token Approvals
#86
sherlock-admin4
closed
2 months ago
1
bigbick123456789000 - Lack of Stale Price Checking in `_getPrice` Function
#85
sherlock-admin3
closed
2 months ago
1
lilizhu - [H-01] The borrowingFee continues to be calculated when the marketId is paused, which may cause trades to be charged more borrowingFee.
#84
sherlock-admin4
closed
2 months ago
1
AllTooWell - The liquidition penalty to the protocol will be locked in ```ClearingHouse.sol``` forever
#83
sherlock-admin4
closed
2 months ago
2
AllTooWell - ```updateBadDebt``` will revert in some situation
#82
sherlock-admin3
closed
2 months ago
1
krkba - No emergency stop or pausing mechanism in `Vault.sol` contract
#81
sherlock-admin2
closed
2 months ago
1
Bauer - Malicious orders will prevent the batch execution of limit orders
#80
sherlock-admin4
closed
2 months ago
2
Hama - First depositor can abuse exchange rate to steal funds from later depositors
#79
sherlock-admin3
closed
2 months ago
2
PUSH0 - Sequencer outage will create mass liquidations
#78
sherlock-admin2
closed
2 months ago
9
santipu_ - Attacker can sandwich its own position settlement on `SpotHedgeBaseMaker` to get a better price and have instant profits
#77
sherlock-admin4
closed
2 months ago
30
PUSH0 - Global deposit cap cannot reflect per-asset liquidity
#76
sherlock-admin4
closed
2 months ago
10
Bauer - Arbitrage can be conducted using the different prices returned by the Oracle
#75
sherlock-admin3
closed
2 months ago
0
cu5t0mPe0 - When the Market is not active, funding fees and borrowing will still be calculated.
#74
sherlock-admin2
closed
2 months ago
1
Ragnark_323 - Potential Negative value for maintenanceMarginRequirement
#73
sherlock-admin4
closed
2 months ago
2
Ragnark_323 - ClearingHouse Upgradable Contract Not Using IERC20Upgradeable Interface
#72
sherlock-admin4
closed
2 months ago
1
Ragnark_323 - Discrepancy Between Comment and Implementation in setAuthorization Function
#71
sherlock-admin3
closed
2 months ago
0
tallo - pythOracleAdapter excess funds can be drained by any user
#70
sherlock-admin2
closed
2 months ago
3
santipu_ - The position rate on `OracleMaker` is not including unrealized profits, which will penalize extra hard traders that may increase long/short exposure
#69
sherlock-admin4
closed
2 months ago
10
santipu_ - `MakerReporter` not accounting for unrealized PnL on whitelisted makers leads to inaccurate borrowing fee
#68
sherlock-admin3
closed
2 months ago
20
santipu_ - Funding rate not accounting for unrealized PnL on `OracleMaker` leads to inaccurate funding fee
#67
sherlock-admin2
closed
2 months ago
12
santipu_ - Settle order on `OrderGatewayV2` will fail when margin to withdraw is so small it rounds down to zero
#66
sherlock-admin4
closed
2 months ago
5
santipu_ - Inability to liquidate whitelisted makers will cause bad debt on the protocol
#65
sherlock-admin3
closed
2 months ago
27
santipu_ - Protocol fees will increase bad debt when liquidating underwater positions
#64
sherlock-admin3
closed
2 months ago
28
santipu_ - Underwater positions won't be liquidated when the PnL pool is empty
#63
sherlock-admin2
closed
2 months ago
14
santipu_ - The cooldown period on `CircuitBreaker` will never be triggered because transactions will revert
#62
sherlock-admin2
closed
2 months ago
2
joicygiore - The attacker used self-transaction to modify the margin, causing the account to not be liquidated as expected.
#61
sherlock-admin4
closed
2 months ago
1
CL001 - maker may get the wrong amount pendingFee after liquidation
#60
sherlock-admin4
closed
2 months ago
2
CL001 - When the market is suspended(non Malicious),the system will accumulate bad debts
#59
sherlock-admin3
closed
2 months ago
1
PUSH0 - LP can instantly arbitrage and drain any Maker by updating the Pyth price
#58
sherlock-admin2
closed
2 months ago
2
Bauer - The deposit() and withdraw() functions lack slippage protection
#57
sherlock-admin4
closed
2 months ago
1
0xumarkhatab - Protocol is incompatible with USDT
#56
sherlock-admin3
closed
2 months ago
1
0xumarkhatab - Liquidation will fail if trader or liquidater is blacklisted by USDC
#55
sherlock-admin3
closed
2 months ago
2
0xumarkhatab - Depositors who are blacklisted by USDC can not get their collateral back
#54
sherlock-admin2
closed
2 months ago
2
0xumarkhatab - SystemStatus can be bricked by making it non-operational through renounce ownership
#53
sherlock-admin4
closed
2 months ago
2
Previous
Next