issues
search
sherlock-audit
/
2024-02-tapioca-judging
2
stars
2
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
hyh - SGL and BB repay do not round up both on allowance spending and elastic amount
#150
sherlock-admin3
opened
5 months ago
6
hyh - `totalBorrow.elastic` and `totalBorrow.base` aren't updated in BB and SGL regular liquidations
#149
sherlock-admin2
closed
5 months ago
1
hyh - Liquidation fees are permanently frozen on Penrose YB account
#148
sherlock-admin4
opened
5 months ago
1
hyh - TOFTOptionsReceiverModule's and UsdoOptionReceiverModule's exerciseOptionsReceiver can lose the option payment provided
#147
sherlock-admin3
opened
5 months ago
3
hyh - mTOFT's fees cannot be paid on native wrapping
#146
sherlock-admin2
opened
5 months ago
3
hyh - Leverage operations of ETH market change debt, but do not accrue linked BB markets, corrupting their interest rate accrual logic
#145
sherlock-admin4
closed
5 months ago
1
hyh - Operation residual is lost for the user of BBLeverage's and SGLLeverage's `sellCollateral()`
#144
sherlock-admin3
opened
5 months ago
3
aycozynfada - Protocol might be inoperable because _extractModule checks for address zero instead of setModule
#143
sherlock-admin2
closed
5 months ago
2
duc - `totalBorrow.elastic` can exceed the totalBorrowCap, resulting in the risk of overflow in `_accrue()` function due to an incorrect limit cap of extraAmount.
#142
sherlock-admin4
closed
5 months ago
1
hyh - Allowances is double spent in BBLeverage's and SGLLeverage's `sellCollateral()`
#141
sherlock-admin3
opened
5 months ago
11
GiuseppeDeLaZara - Pending allowances can be exploited
#140
sherlock-admin2
opened
5 months ago
19
hyh - BBLeverage's and SGLLeverage's `buyCollateral()` remove the required funds from the target twice
#139
sherlock-admin4
opened
5 months ago
25
ComposableSecurity - Stealing tokens added in `skim` mode
#138
sherlock-admin3
closed
5 months ago
1
GiuseppeDeLaZara - `TOFTMarketReceiverModule::marketBorrowReceiver` flow is broken
#137
sherlock-admin2
opened
5 months ago
2
ComposableSecurity - Nesting remote transfer messages to steal tokens
#136
sherlock-admin4
closed
5 months ago
1
ComposableSecurity - OFT can be impersonated through `_lzCompose` with multiple compose messages
#135
sherlock-admin3
closed
5 months ago
10
ComposableSecurity - Unprotected `executeModule` function allows to steal the tokens
#134
sherlock-admin2
opened
5 months ago
2
GiuseppeDeLaZara - TOFT can be forcefully unwrapped resulting in long-term DoS
#133
sherlock-admin4
closed
5 months ago
1
hyh - Any excess native token funds sent to TOFTGenericReceiverModule's `receiveWithParamsReceiver()` can be immediately extracted by anyone via back-running
#132
sherlock-admin3
closed
5 months ago
3
aycozynfada - computeTotalDebt() from the Penrose.sol uses the "&&" operator instead of the "||" operator in its require statement.
#131
sherlock-admin2
closed
5 months ago
3
hyh - TOFTOptionsReceiverModule will have the user lose the whole output TAP when requested to exercise all eligible options
#130
sherlock-admin4
opened
5 months ago
1
cu5t0mPe0 - Borrowing can exceed the maximum amount
#129
sherlock-admin3
closed
5 months ago
1
0xadrii - Secondary Big Bang market rates can be manipulated due to not triggering penrose.reAccrueBigBangMarkets(); when leveraging
#128
sherlock-admin2
opened
5 months ago
1
0xadrii - Big Bang debt rate is computed using an outdated total debt from the ETH market
#127
sherlock-admin4
closed
5 months ago
3
0xadrii - Not considering fees when wrapping mtOFTs leads to DoS in leverage executors
#126
sherlock-admin3
opened
5 months ago
2
0xadrii - Withdrawing to other chain when exercising options won’t work as expected, leading to DoS
#125
sherlock-admin2
opened
5 months ago
2
0xadrii - USDO’s MSG_TAP_EXERCISE compose messages where exercised options must be withdrawn to another chain will always fail due to wrongly requiring sendParam's to address to be whitelisted in the Cluster
#124
sherlock-admin4
opened
5 months ago
2
0xadrii - Using OR operator instead of AND operator in rebalance() will make call always fail if owner() ≠ rebalancer
#123
sherlock-admin3
closed
5 months ago
1
0xadrii - Missing return statement will make mtOFT's compose calls of message type MSG_XCHAIN_LEND_XCHAIN_LOCK always fail
#122
sherlock-admin2
closed
5 months ago
0
0xadrii - Wrong usage of Stargate’s ETH router in balancer enables attackers to steal all bridged native funds
#121
sherlock-admin4
closed
5 months ago
9
0xadrii - Not properly tracking debt accrual leads mintOpenInterestDebt() to lose twTap rewards
#120
sherlock-admin3
opened
5 months ago
8
0xadrii - Variable opening fee will always be wrongly computed if collateral is not a stablecoin
#119
sherlock-admin2
opened
5 months ago
2
0xadrii - Missing pausing functionality implementation makes USDO, tOFT and AssetToSGLPLeverageExecutor contracts not pausable
#118
sherlock-admin4
closed
5 months ago
2
0xadrii - Depositing wrong asset in YieldBox will DoS sellCollateral()
#117
sherlock-admin3
closed
5 months ago
0
0xadrii - Leverage module’s buyCollateral() function will always fail due to wrong parameter when depositing into yieldbox
#116
sherlock-admin2
closed
5 months ago
2
0xadrii - DoS in BBLeverage and SGLLeverage due to using wrong leverage executor interface
#115
sherlock-admin4
opened
5 months ago
2
0xadrii - Remote transfers can be used to drain contract accounts due to wrongly assuming that the owner of the contract account address in the source chain also controls that address in the destination chain
#114
sherlock-admin3
closed
4 months ago
17
0xadrii - Recursive _lzCompose() call can be leveraged to steal all generated USDO fees
#113
sherlock-admin2
opened
5 months ago
8
hyh - TOFT and mTOFT wrapping and executor swaps don't control for `msg.value` when deal with gas tokens, so any excess native token funds can be immediately stolen by anyone via back-running
#112
sherlock-admin4
closed
5 months ago
1
0xadrii - Wrong parameter in remote transfer makes it possible to steal all USDO balance from users
#111
sherlock-admin3
opened
5 months ago
2
bin2chen - exerciseOptionsReceiver() user can send dangerous compose across-chain as _options.from
#110
sherlock-admin2
closed
5 months ago
0
bin2chen - Multiple lzCompose messages did not verify the legality of _srcChainSender
#109
sherlock-admin4
closed
5 months ago
5
bin2chen - mTOFT.wrap/unwrap incorrect permission restriction
#108
sherlock-admin3
closed
5 months ago
2
duc - Unclaimed native tokens in TOFT contract can be stolen
#107
sherlock-admin2
closed
5 months ago
4
bareli - Some ERC20 can revert on a zero value transfer
#106
sherlock-admin4
closed
5 months ago
2
bin2chen - sellCollateral() when sell collateral, the quantity parameter passed may too large
#105
sherlock-admin3
closed
5 months ago
0
bareli - uninitialize "collateralizationRate" and "liquidationCollateralizationRate" in Market.sol.
#104
sherlock-admin2
closed
5 months ago
2
bin2chen - sellCollateral() using incorrect parameters when calling getAsset
#103
sherlock-admin4
closed
4 months ago
9
bin2chen - exerciseOptionsReceiver() Lack of Ownership Check for oTAP, Allowing Anyone to Use oTAPTokenID
#102
sherlock-admin3
opened
5 months ago
1
bin2chen - sellCollateral() does not work properly
#101
sherlock-admin2
closed
5 months ago
2
Next