sherlock-audit 2024-02-telcoin-platform-audit-update-judging issues

sherlock-audit / 2024-02-telcoin-platform-audit-update-judging

3 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

bughuntoor - There's no way for a swap to use both pre-owned funds and ones received from the `defiSwap`

#38 sherlock-admin2 closed 8 months ago
1
bughuntoor - Unnecessary restrictions within `swapAndSend` if both tokens are the same.

#37 sherlock-admin4 closed 8 months ago
1
bughuntoor - Users can still receive and send tokens after getting blacklisted

#36 sherlock-admin2 closed 8 months ago
1
Nyxaris - Reentrancy Vulnerability in rescueCrypto Function of AmirX Contract

#35 sherlock-admin4 closed 8 months ago
1
bughuntoor - `stablecoinSwap` gives the user the same amount of tokens, regardless of the result of the `defiSwap`

#34 sherlock-admin2 closed 8 months ago
3
Nyxaris - Front-Running Risk in ETH Bridging Due to Shared Contract Balance Use

#33 sherlock-admin4 closed 8 months ago
1
DiGarOn - Excessive centralization Medium

#32 sherlock-admin2 closed 8 months ago
1
DiGarOn - Casual Blacklisting Medium

#31 sherlock-admin4 closed 8 months ago
1
DiGarOn - Front Run of the function addBlackList Medium

#30 sherlock-admin2 closed 8 months ago
1
ZdravkoHr. - The protocol is not compatible with some tokens like BNB, leading to loss of these tokens

#29 sherlock-admin4 closed 8 months ago
10
ZanyBonzy - Stablecoin blocklist feature is ineffective

#28 sherlock-admin2 closed 8 months ago
1
merlin - The `Stablecoin` smart contract does not prevent blacklisted addresses from interacting with it

#27 sherlock-admin4 closed 8 months ago
1
ZdravkoHr. - Not all ERC20 tokens can be bridged because of hardcoded `PREDICATE_ADDRESS`

#26 sherlock-admin2 opened 8 months ago
23
0xKartikgiri00 - In `BridgeRelay` contract the user MATIC balance can lost permanently.

#25 sherlock-admin4 closed 8 months ago
3
cats - User can front-run blacklisting mechanism to retain their tokens

#24 sherlock-admin2 closed 8 months ago
1
Anubis - Permanent Loss of Ether Due to Unhandled msg.value in bridgeTransfer Function

#23 sherlock-admin4 closed 8 months ago
1
Anubis - Inadequate Token Pair Validation in DefiSwap Potentially Leading to Incorrect Balance Calculations

#22 sherlock-admin2 closed 8 months ago
1
Anubis - Insufficient Token Allowance Check Leading to Potential Transfer Failures in stablecoinSwap Function

#21 sherlock-admin4 closed 8 months ago
1
Anubis - Metamorphic Contract Attack Vulnerability in Deterministic Proxy Deployment

#20 sherlock-admin2 closed 8 months ago
1
Anubis - Manipulation of Supply Accounting in Stacking Contract Leading to Fund Freezing

#19 sherlock-admin4 closed 8 months ago
1
Anubis - Swap Path Manipulation in _buyBack Function Leads to Incorrect lastBuyBackPrice Calculation

#18 sherlock-admin2 closed 8 months ago
1
Anubis - Centralized Risk With Coin Transfer in contracts/swap/AmirX.sol

#17 sherlock-admin4 closed 8 months ago
1
petro1912 - `convertFromEXYZ` method in `StablecoinHandler` doesn't check if `ss.target` is external XYZ token, so can burn origin XYZ tokens without minting target XYZ tokens.

#16 sherlock-admin2 closed 8 months ago
1
petro1912 - `convertToEXYZ` method in `StablecoinHandler` doesn't check if `ss.origin` is external XYZ token, so can mint destination XYZ tokens without burning origin XYZ tokens.

#15 sherlock-admin4 closed 8 months ago
1
Silvermist - ClonableBeaconProxy.sol contains no way to recover stuck Ether

#14 sherlock-admin2 closed 8 months ago
1
Nyxaris - Missing Validation of External XYZ Tokens in convertFromEXYZ Function

#13 sherlock-admin4 closed 8 months ago
1
Nyxaris - Unvalidated Burn Operation from Zero Address in swapAndSend Function

#12 sherlock-admin2 closed 8 months ago
1
cawfree - External protocol changes to the `RootChainManager` can invalidate hardcoded `PREDICATE_ADDRESS`.

#11 sherlock-admin4 closed 8 months ago
10
cawfree - `BridgeRelay` deposits assets on behalf of itself and not the caller.

#10 sherlock-admin2 closed 8 months ago
9
ZdravkoHr. - Missing `DefiSwap` validation in `AmirX.defiSwap()`

#9 sherlock-admin4 closed 8 months ago
1
ZdravkoHr. - Slippage because of missing deadline parameter in `StablecoinSwap`

#8 sherlock-admin2 closed 8 months ago
1
cats - Only `MATIC` can be rescued from Bridge Relay leaving some tokens stuck

#7 sherlock-admin4 closed 8 months ago
1
cats - Bridge Relay unable to transfer some popular `ERC-20` tokens

#6 sherlock-admin2 closed 8 months ago
1
Krace - Accounts that have been blacklisted still retain the ability to engage with stablecoins

#5 sherlock-admin4 closed 8 months ago
1
cawfree - Blacklisted accounts can still transact.

#4 sherlock-admin2 opened 8 months ago
4
the-first-elder - Maintainer can Cause a denial of service when calling UpdateXYZ function

#3 sherlock-admin4 closed 8 months ago
3
ZdravkoHr. - Blacklisting functionality can be completely bypassed by sandwiching the transaction

#2 sherlock-admin2 closed 8 months ago
1
the-first-elder - Front Run of addBlackList() function

#1 sherlock-admin4 closed 8 months ago
1