sherlock-audit 2024-03-axis-finance-judging issues

sherlock-audit / 2024-03-axis-finance-judging

1 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

hash - Protocol fees will be collected even when protocol fee is set to 0

#199 sherlock-admin4 closed 7 months ago
2
FindEverythingX - Auction creator can prevent curator fee via revoking approval or insufficient tokens in the wallet

#198 sherlock-admin3 closed 7 months ago
1
bhilare_ - Anyone can insert arbitrary bids information in `decryptedBids` for a lotId, which can benefit any bidder to win in unfair manner

#197 sherlock-admin2 closed 7 months ago
1
cryptonoob - Token buyers can pay less fees in AuctionHouse::purchase setting the referer as himself

#196 sherlock-admin4 closed 7 months ago
0
FindEverythingX - Settle will revert if pfBidder or curator is blacklisted, resulting in permanently stuck funds

#195 sherlock-admin3 closed 7 months ago
0
FindEverythingX - Protocol can face permanent locked funds within EMPAM auction due to revert of mint call (derivative)

#194 sherlock-admin2 closed 7 months ago
1
FindEverythingX - Non-blast rebase tokens won’t work with the contract [AuctionHouse&LinearVesting]

#193 sherlock-admin4 closed 7 months ago
1
FindEverythingX - Reckless check within createAuction may allow callback functionality to create auction using tokens from a (non-owned) callback address

#192 sherlock-admin3 closed 7 months ago
1
web3tycoon - When `Seller` or `AuctionHouse` calls `ClaimBids` they will pay the `Bidders` whom had called `Refund` earlier.

#191 sherlock-admin2 closed 7 months ago
2
hash - Remaining funds of FMAP auctions cannot be recovered once auction is concluded

#190 sherlock-admin4 closed 7 months ago
1
hash - Inconsistent timestamp usage across `_revertIfLotActive` and `_revertIfLotConcluded`

#189 sherlock-admin3 closed 7 months ago
1
hash - Overly restrictive check for claimBid function disallows bidder's from claiming

#188 sherlock-admin2 closed 7 months ago
1
hash - Incorrect `prefundingRefund` calculation will disallow claiming

#187 sherlock-admin4 opened 7 months ago
3
hash - User's can save on fee by setting themselves as referrer

#186 sherlock-admin3 closed 7 months ago
0
hash - Lack of max field value check for coordinates allows bricking the decryption

#185 sherlock-admin2 closed 7 months ago
0
merlin - Seller claim quote tokens with losses for bueyrs

#184 sherlock-admin4 closed 7 months ago
2
hash - Max curator fee would be bypassed for existing curators

#183 sherlock-admin3 closed 7 months ago
9
hash - Inaccurate value is used for partial fill quote amount when calculating fees

#182 sherlock-admin2 opened 7 months ago
3
hash - Downcasting to uint96 can cause assets to be lost for some tokens

#181 sherlock-admin4 opened 7 months ago
21
0xLogos - Auctioneer.auction always write to lotRouting[0]

#180 sherlock-admin3 closed 7 months ago
0
hulkvision - A bidder cannot cancel its bid if a very large number of bids has been placed before the bidder

#179 sherlock-admin2 closed 7 months ago
1
hash - Bidder's payout claim could fail due to validation checks in LinearVesting

#178 sherlock-admin4 opened 7 months ago
3
hash - Gas is not configured to be claimable in Blast

#177 sherlock-admin3 closed 7 months ago
0
hash - Incorrect address for blast weth and usdb

#176 sherlock-admin2 closed 7 months ago
0
hash - Lot id is always set to 0 for new auctions

#175 sherlock-admin4 closed 7 months ago
0
hash - User's can be grieved by not submitting the private key

#174 sherlock-admin3 opened 7 months ago
3
sl1 - Possible DoS when refunding a bid due to an OOG error.

#173 sherlock-admin2 closed 7 months ago
1
web3tycoon - when a bidder calls `Refund`, and another bidder calls `refund` and frontruns the first `bidder`, The first transaction will fail.

#172 sherlock-admin4 closed 7 months ago
1
AgileJune - Auction with lotId > 0 is always not handled as expected due to empty auction routing information

#171 sherlock-admin3 closed 7 months ago
0
bhilare_ - An atomic auction seller can earn more than intended in an unfair manner, which can also cause loss of funds of other auction sellers, completely wrecking the system.

#170 sherlock-admin2 closed 7 months ago
5
web3tycoon - Upon cancelling a `Batch` Auction, Refunds are never returned to the `bidders`.

#169 sherlock-admin4 closed 7 months ago
1
merlin - Malicious seller can freeze quote tokens in EMPAM

#168 sherlock-admin3 closed 7 months ago
0
thisvishalsingh - Lack of Mechanism for Handling Unclaimed Bids Post-Settlement

#167 sherlock-admin2 closed 7 months ago
0
thisvishalsingh - Compromised Auction Data Integrity Post-Settlement

#166 sherlock-admin4 closed 7 months ago
0
thisvishalsingh - Settlement Discrepancies Due to Unaccounted Bid Refunds

#165 sherlock-admin3 closed 7 months ago
0
sl1 - `BlastGas` does not set gas fees to claimable resulting in a loss of revenue for the protocol.

#164 sherlock-admin2 closed 7 months ago
0
thisvishalsingh - Inequitable Settlement Due to Unhandled Capacity Thresholds

#163 sherlock-admin4 closed 7 months ago
0
thisvishalsingh - Settlement Inaccuracy Due to Incorrect Bid Order Processing

#162 sherlock-admin3 closed 7 months ago
0
thisvishalsingh - Inaccurate Auction Outcome Due to Lack of Bid Decryption Validation

#161 sherlock-admin2 closed 7 months ago
0
Kose - All Accounting Is Broken Starting from Second Auction in Axis Because of Wrong Update in Storage

#160 sherlock-admin4 closed 7 months ago
0
thisvishalsingh - Settlement Disruption Due to Multiple Partial Fills

#159 sherlock-admin3 closed 7 months ago
0
devblixt - Protocol has a design vulnerability which could result in future loss of funds

#158 sherlock-admin2 closed 7 months ago
0
devblixt - EMPAM#_getLotMarginalPrice has a potential DOS vulnerability

#157 sherlock-admin4 closed 7 months ago
1
seeques - USDB and WETH yield will be lost in the LinearVesting contract

#156 sherlock-admin3 closed 7 months ago
0
FindEverythingX - Upgrade of module will completely break synchronization and result in lost funds

#155 sherlock-admin2 closed 7 months ago
1
bhilare_ - A partially filled capacity lot winner can cause settling of lot to always REVERT if blacklisted.

#154 sherlock-admin4 closed 7 months ago
0
FindEverythingX - Loose checks within isValidCallbackAddress will result in different undesired scenarios and curator fee prevention

#153 sherlock-admin3 closed 7 months ago
1
Bauer - The auction data of the first participant can be arbitrarily modified

#152 sherlock-admin2 closed 7 months ago
0
devblixt - Auctioneer#auction stores routing data incorrectly which leads to loss of funds for sellers and bidders

#151 sherlock-admin4 closed 7 months ago
0
web3tycoon - In `MaxPriorityQueue.sol` the Algorithm does not sort the highest bid correctly.

#150 sherlock-admin3 closed 7 months ago
3

Previous Next