issues
search
sherlock-audit
/
2024-04-teller-finance-judging
6
stars
6
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
blockchain555 - Did Not Approve To Zero First
#255
sherlock-admin3
closed
2 months ago
1
merlin - LenderCommitmentGroup_Smart uses the incorrect getSqrtRatioAtTick function from TickMath.sol
#254
sherlock-admin2
closed
2 months ago
0
0xadrii - Escrowed repayments belonging to the lender commitment contract can’t be retrieved from the escrow vault
#253
sherlock-admin4
closed
2 months ago
0
blockchain555 - The owner of the `LenderGroup_Smart` contract can maliciously deploy a non-lending pool or set an unfair interest rate.
#252
sherlock-admin3
closed
2 months ago
4
BoRonGod - ALL liquidation operations can be sandwiched to extract value from the protocol
#251
sherlock-admin2
closed
2 months ago
0
0xadrii - `rolloverLoanWithFlash` does not allow adding collateral when accepting commitments
#250
sherlock-admin4
closed
2 months ago
0
blockchain555 - Some collateral will be locked in the contract
#249
sherlock-admin3
closed
2 months ago
0
0xrobsol - Inconsistency in Tracking Total Principal Tokens Lent and Repaid
#248
sherlock-admin2
closed
2 months ago
1
blockchain555 - Invalid implementation of function `LenderCommitmentGroup_Smart.sol#liquidateDefaultedLoanWithIncentive()`
#247
sherlock-admin4
closed
2 months ago
1
0xadrii - Using wrong selector will dos FlashRolloverLoan's accept commitment
#246
sherlock-admin3
closed
2 months ago
0
blockchain555 - Collateral assets are locked without being transferred to the liquidator in the `LenderCommitmentGroup_Smart.sol#liquidateDefaultedLoanWithIncentive()` function.
#245
sherlock-admin2
closed
2 months ago
0
Afriaudit - Missing Initialization of OwnableUpgradeable in `LenderCommitmentGroup_Smart` Contract
#244
sherlock-admin4
closed
2 months ago
0
0xadrii - Performing a direct multiplication in `_getPriceFromSqrtX96` will overflow for some uniswap pools
#243
sherlock-admin3
opened
2 months ago
10
MaslarovK.eth - Some functions lack `whenNotPaused` modifier.
#242
sherlock-admin2
closed
2 months ago
1
0xadrii - Lender commitment group smart contract won't work properly with fee-on-transfer tokens
#241
sherlock-admin4
closed
2 months ago
0
0xrobsol - Inconsistency in Application of UNISWAP_EXPANSION_FACTOR in Token Conversion Functions
#240
sherlock-admin3
closed
2 months ago
1
KupiaSec - The `LenderCommitmentGroup_Smart` contract cannot use USDT as its principal token, because `USDT.transfer()` does not return a boolean value.
#239
sherlock-admin2
closed
2 months ago
4
0xadrii - Multiplying the collateral amount by the `STANDARD_EXPANSION_FACTOR` when checking the required collateral is incorrect and allows borrowers to get undercollateralized loans
#238
sherlock-admin4
closed
2 months ago
0
KupiaSec - A user can borrow liquidity, even though `getPrincipalAmountAvailableToBorrow() < 0`.
#237
sherlock-admin3
closed
2 months ago
0
KupiaSec - `FlashRolloverLoan_G5` cannot work well with some LenderCommitForwarders including the `SmartCommitmentForwarder` contract.
#236
sherlock-admin2
closed
2 months ago
0
0xadrii - Using slot0 to compute position price can be easily manipulated
#235
sherlock-admin4
closed
2 months ago
0
MaslarovK.eth - No storage gap left for upgradeable contracts
#234
sherlock-admin3
closed
2 months ago
1
KupiaSec - A malicious user can borrow at a much lower interest rate from `LenderCommitmentGroup_Smart`.
#233
sherlock-admin2
closed
2 months ago
0
0xadrii - Not considering `liquidityThresholdPercent` will make pool utilization ratio be wrongly computed
#232
sherlock-admin4
closed
2 months ago
0
BoRonGod - Deviation in oracle price could lead to arbitrage in high LTV markets
#231
sherlock-admin3
closed
2 months ago
4
KupiaSec - The newly added contracts will not work well on fee-on-transfer tokens, because there is no consideration for fee on transfer.
#230
sherlock-admin2
closed
2 months ago
0
KupiaSec - The collateral tokens withdrawn `by liquidateDefaultedLoanWithIncentive()` will be frozen in the `LenderCommitmentGroup_Smart` contract.
#229
sherlock-admin4
closed
2 months ago
0
psb01 - Borrower could be paying more amount than owed.
#228
sherlock-admin3
closed
2 months ago
8
0xadrii - Using transferFrom won’t work with some tokens
#227
sherlock-admin2
closed
2 months ago
0
0xrobsol - Interest Calculation Exclusion in Defaulted Loan Liquidation Process
#226
sherlock-admin4
closed
2 months ago
0
0xadrii - Malicious lenders can set the lender commitment contract as the repayment listener for their regular loans, leading to several issues
#225
sherlock-admin3
closed
2 months ago
0
KupiaSec - Incorrect calculation of the required collateral amount for borrowing. `baseAmount.percent(collateralRatio)`
#224
sherlock-admin2
closed
2 months ago
0
KupiaSec - The interest rate model should be improved in the `LenderCommitmentGroup_Smart`.
#223
sherlock-admin4
closed
2 months ago
0
0xadrii - Burning shares prior to computing value to withdraw will make earnings remain locked forever in the contract
#222
sherlock-admin3
closed
2 months ago
0
bareli - use safetransfer instead of transfer
#221
sherlock-admin2
closed
2 months ago
0
0xadrii - Claiming loan NFT prevents lenders from closing loan and retrieving collateral
#220
sherlock-admin4
closed
2 months ago
0
0xadrii - Not transferring collateral when submitting bids allows malicious users to create honeypot-style attacks
#219
sherlock-admin3
opened
2 months ago
9
KupiaSec - `_collateralAmount` is multiplied by `STANDARD_EXPANSION_FACTOR` unreasonably in the collateral check of the `LenderCommitmentGroup_Smart.acceptFundsForAcceptBid()` function.
#218
sherlock-admin2
closed
2 months ago
0
KupiaSec - A sandwich attack can potentially take most of the interest earned within the `LenderCommitmentGroup_Smart` contract
#217
sherlock-admin4
closed
2 months ago
0
samuraii77 - A market owner can put borrowers in a very unfavorable position and steal money out of lenders
#216
sherlock-admin3
closed
2 months ago
1
0xrobsol - Inadequate Minimum TWAP Interval Configuration Leads to Potential Price Volatility
#215
sherlock-admin2
closed
2 months ago
0
0xrobsol - Uniqueness Violation in Market ID Assignment During Contract Initialization
#214
sherlock-admin4
closed
2 months ago
1
0xLogos - Tokens that return false on failed transfer is not supported
#213
sherlock-admin3
closed
2 months ago
0
BoRonGod - No sllippage protection in addPrincipalToCommitmentGroup and burnSharesToWithdrawEarnings
#212
sherlock-admin2
closed
2 months ago
0
DenTonylifer - Protocol may not work with USDT
#211
sherlock-admin4
closed
2 months ago
0
merlin - DOS vulnerability in the rolloverLoanWithFlash function in FlashRolloverLoan_G5.sol
#210
sherlock-admin3
closed
2 months ago
0
0xLogos - LenderCommitmentGroup_Smart can be tricked to account for not owned loans payments
#209
sherlock-admin2
closed
2 months ago
0
samuraii77 - Lenders might not be able to close their loans and get their collateral back in the case of default
#208
sherlock-admin4
closed
2 months ago
0
bareli - Not all imported contracts are upgradable.
#207
sherlock-admin3
closed
2 months ago
1
merlin - Fee on transfer tokens isn't compatible with LenderCommitmentGroup_Smart.sol
#206
sherlock-admin2
closed
2 months ago
0
Previous
Next