sherlock-audit 2024-02-smilee-finance-judging issues

sherlock-audit / 2024-02-smilee-finance-judging

2 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

0xlucky - Missing checks for whether L2 Sequencer is active

#155 sherlock-admin closed 8 months ago
1
cheatcode - Malicious User Could Block Other Users From Completing Regular Withdrawals.

#154 sherlock-admin4 closed 8 months ago
1
mgf15 - Chainlink's `latestRoundData` might return stale or incorrect results

#153 sherlock-admin3 closed 8 months ago
1
cheatcode - Insufficient Slippage Handling for Swaps

#152 sherlock-admin2 closed 8 months ago
1
ge6a - rescueShares() will not allow LPs to withdraw part of the fees

#151 sherlock-admin closed 8 months ago
2
cheatcode - Insufficient Slippage Handling for Withdrawals

#150 sherlock-admin4 closed 8 months ago
1
cheatcode - Rounding Errors in Conversion from Asset Amount to Shares

#149 sherlock-admin3 closed 8 months ago
1
sa9933 - No check for active L2 Sequencer

#148 sherlock-admin2 closed 8 months ago
1
cheatcode - Share Price Inflation due to Accumulated Shares

#147 sherlock-admin closed 8 months ago
1
smbv-1919 - No expiration deadline leads to losing of funds

#146 sherlock-admin4 closed 8 months ago
1
mgf15 - safeApprove could revert for non-standard token like USDT

#145 sherlock-admin3 closed 8 months ago
1
mgf15 - _DEFAULT_FEE is set to worng basis points

#144 sherlock-admin2 closed 8 months ago
1
0xweebad - A user may not receive all his available shares of previous epochs if the asset amount to be redeemed is too small.

#143 sherlock-admin closed 8 months ago
1
ge6a - DOS of IG mint/burn because of _deltaHedgePosition() revert

#142 sherlock-admin4 closed 8 months ago
21
smbv-1919 - No check if Arbitrum L2 sequencer is down in ChainlinkPriceOracle

#141 sherlock-admin3 closed 8 months ago
1
FonDevs - `IG.sol` mint and burn functions are vulnerable to DOS attack

#140 sherlock-admin2 closed 8 months ago
2
ge6a - Manipulation of _state.liquidity.totalDeposit

#139 sherlock-admin closed 8 months ago
2
kfx - DEX swaps will revert if their execution price is too good, causing lost gas and inconvenience for the protocol and users

#138 sherlock-admin4 closed 8 months ago
1
kfx - The vault is vulnerable to the initial depositor share inflation attacks

#137 sherlock-admin3 closed 8 months ago
2
kfx - Vault losses due to DEX slippage are not fairly shared between depositors

#136 sherlock-admin2 closed 8 months ago
1
y0ng0p3 - Missing checks for maxDeposit_ != 0

#135 sherlock-admin closed 8 months ago
1
y0ng0p3 - Unhandled Chainlink revert results in frozen assets

#134 sherlock-admin4 closed 8 months ago
1
y0ng0p3 - Not checking for Arbitrum L2 Sequencer

#133 sherlock-admin3 closed 8 months ago
1
y0ng0p3 - Missing reset approval in SwapAdapterRouter::swapIn() prevents some swaps

#132 sherlock-admin2 closed 8 months ago
1
y0ng0p3 - Interactions with AMMs do not use proper deadlines for operations

#131 sherlock-admin closed 8 months ago
1
y0ng0p3 - Wrong calculation of tokenOutAmount - amountIn when swapping by _swapInSingle and_swapOutSingle

#130 sherlock-admin4 closed 8 months ago
1
y0ng0p3 - Risk of Incorrect Asset Pricing by ChainlinkPriceOracle in Case of Underlying Aggregator Reaching minAnswer

#129 sherlock-admin3 closed 8 months ago
1
y0ng0p3 - Users are forced to swap all reward tokens with no slippage protection

#128 sherlock-admin2 closed 8 months ago
1
ge6a - Dos through large deposit

#127 sherlock-admin closed 8 months ago
11
ge6a - Permanent Dos through trackVaultFee()

#126 sherlock-admin4 closed 8 months ago
2
0xweebad - Return values of ERC20::transfer function is not checked in both redeem and initiateWithdraws

#125 sherlock-admin3 closed 8 months ago
1
bareli - Chainlink price issue

#124 sherlock-admin2 closed 8 months ago
1
hals - `UniswapAdapter` uses a hardcoded `_DEFAULT_FEE` for UNIV3 pools

#123 sherlock-admin closed 8 months ago
1
hals - `IG` contract can be DoS'd from minting or burning options

#122 sherlock-admin4 closed 8 months ago
2
hals - `UniswapAdapter._swapInSingle()` & `UniswapAdapter._swapInPath()` don't implement a slippage check

#121 sherlock-admin3 closed 8 months ago
1
hals - `ChainlinkPriceOracle`: no check if Arbitrum L2 sequencer is down

#120 sherlock-admin2 closed 8 months ago
1
404Notfound - No check if L2 sequencer is down in Chainlink feeds

#119 sherlock-admin closed 8 months ago
1
ZanyBonzy - Mint and sales can be dossed due to lack of safeApprove to 0

#118 sherlock-admin4 opened 9 months ago
4
Chad0 - Users do not get increased amount of unredeemedShares after they make a deposit

#117 sherlock-admin3 closed 8 months ago
1
Chad0 - The protocol is not checking the status of the L2 sequencer

#116 sherlock-admin2 closed 8 months ago
1
Chad0 - Missing necessary checks on the quality of price feed data from Chainlink oracle

#115 sherlock-admin closed 8 months ago
1
Chad0 - Inadequate checking on the arbitrary `receiver` address given to the external `deposit` function introduces compliance risks of contaminating the protocol & users' addresses

#114 sherlock-admin4 closed 8 months ago
1
rbitbytes - Incorrect Naming Of The ERC721 Contract Name and Symbol Inherited By The PositionManager

#113 sherlock-admin3 closed 8 months ago
1
1X1 - hedgeMargin equal to zero leads to using a larger amount than usual while buying side tokens

#112 sherlock-admin2 closed 8 months ago
2
juan - The epoch rolling mechanism is incorrect, leading to shorter epochs than intended

#111 sherlock-admin closed 8 months ago
2
bearonbike - DVP's _mint/_burn function could be DoS by FeeManager.

#110 sherlock-admin4 closed 8 months ago
2
jasonxiale - `Vault._state.liquidity.totalDeposit` can avoid being decreased.

#109 sherlock-admin3 closed 8 months ago
2
jasonxiale - assets will be stuck in `PositionManager.sol` if `params.strike` is not equal to `DVP.currentStrike()`

#108 sherlock-admin2 closed 8 months ago
2
0xweebad - Deposits can be denied by abusing the maxDeposit function and threshold value

#107 sherlock-admin closed 8 months ago
1
0xumarkhatab - M-2 : Denial Of Service : Unhandled Chain-link Oracle Price feed absence Revert

#106 sherlock-admin4 closed 8 months ago
1