issues
search
sherlock-audit
/
2024-05-kwenta-x-perennial-integration-update-judging
5
stars
3
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Missing checks for `address(0)` in constructor/initializers
#50
sherlock-admin2
closed
5 months ago
0
Low 04 No Check Whether Address is msg.sender
#49
sherlock-admin4
closed
5 months ago
0
Low 03 Reserve Address is not checked for address(0)
#48
sherlock-admin3
closed
5 months ago
0
Low 02 IMarket Instance
#47
sherlock-admin2
closed
5 months ago
0
Low 01 IMarket Instance
#46
sherlock-admin4
closed
5 months ago
0
Informational 08 Inconsistent Handling Of Comparison Cases
#45
sherlock-admin3
closed
5 months ago
0
Informational 07 currentPosition Check
#44
sherlock-admin2
closed
5 months ago
0
Informational 06 Old Signature of verifyCallResult
#43
sherlock-admin4
closed
5 months ago
0
Informational 05 Concrete Solidity Version
#42
sherlock-admin3
closed
5 months ago
0
Informational 04 Use Of Magic Numbers
#41
sherlock-admin2
closed
5 months ago
0
Informational 03 Possible Reentrancy
#40
sherlock-admin4
closed
5 months ago
0
Informational 02 Unused Function
#39
sherlock-admin3
closed
5 months ago
0
Informational 01 Missing Interface Fees Deduction
#38
sherlock-admin2
closed
5 months ago
0
`msg.sender` will always be account owner, unnecessary function cost more gas
#37
sherlock-admin4
closed
5 months ago
0
kgothatso - loss of eth when you cancel the order
#36
sherlock-admin3
closed
5 months ago
1
me_na0mi - Lack of gap in upgradeable contract
#35
sherlock-admin2
closed
5 months ago
1
maushish - `market.update` could lead to integration issues in future
#34
sherlock-admin4
closed
5 months ago
13
kgothatso - Keeper Fees can not be raised or changed
#33
sherlock-admin3
closed
5 months ago
1
stackbuster23 - Unbounded loop in the _invoke function can lead to denial of service
#32
sherlock-admin2
closed
5 months ago
1
maushish - `_marketWithdraw:market.update` is following wrong implementation of Fixed6.sol.
#31
sherlock-admin4
closed
5 months ago
2
kgothatso - User can get front-run and loss funds and experience a DOS attack when they call `invoke`
#30
sherlock-admin3
closed
5 months ago
1
kaancaglan - Vulnerable versions of packages are being used
#29
sherlock-admin2
closed
5 months ago
1
1337web3 - Medium 03 Improper Handling of Accounts in _commitPrice
#28
sherlock-admin4
closed
5 months ago
2
1337web3 - Medium 02 Lost Funds
#27
sherlock-admin3
closed
5 months ago
1
1337web3 - Medium 01 DoS
#26
sherlock-admin2
closed
5 months ago
1
maushish - `_invoke` will revert if the amount remaining is less than the gas required for the transaction.
#25
sherlock-admin4
closed
5 months ago
1
1337web3 - High 01 Ownership Check Missing
#24
sherlock-admin3
closed
5 months ago
2
bareli - wrong implementation of nonce in _placeOrder
#23
sherlock-admin2
closed
5 months ago
1
bareli - wrong implement of "_placeOrder"
#22
sherlock-admin4
closed
5 months ago
1
bareli - wrong implement of "_handleKeeperFee"
#21
sherlock-admin3
closed
5 months ago
1
odhismanuel - Lack of validation when updating system Configurations
#20
sherlock-admin2
closed
5 months ago
1
bareli - wrong implement of "_vaultUpdate"
#19
sherlock-admin4
closed
5 months ago
1
bareli - wrong implement of "_invoke" function
#18
sherlock-admin3
closed
5 months ago
1
0xblack_bird - `vaultUpdate` function calculates wrong claimAmount for user
#17
sherlock-admin2
closed
5 months ago
1
sammy - Leftover balance is routed to the wrong address when an invocation is performed by an `operator`
#16
sherlock-admin4
closed
5 months ago
4
0xtenma - Tokens are not pushed to account after unwrapping in `MultiInvoker::_withdraw()`
#15
sherlock-admin3
closed
5 months ago
1
emiridbest - [H-01] No check in the `initialize` function if Arbitrum L2 sequencer is down in Chainlink feeds
#14
sherlock-admin2
closed
5 months ago
1
odhismanuel - Gas Optimization
#13
sherlock-admin4
closed
5 months ago
1
blackhole - _commitPrice doesn't work on user's behalf as expected if the msg.sender is an operator.
#12
sherlock-admin3
closed
5 months ago
2
pnkjbee2 - Unprotected _cancelOrder function
#11
sherlock-admin2
closed
5 months ago
1
pnkjbee2 - Unprotected _marketWithdraw function
#10
sherlock-admin4
closed
5 months ago
1
pnkjbee2 - Lack of input validation in _placeOrder function
#9
sherlock-admin3
closed
5 months ago
1
pnkjbee2 - Unprotected updateOperator function
#8
sherlock-admin2
closed
5 months ago
1
0xumarkhatab - PerennialAction.EXEC_ORDER _executeOrder does not pay fee to `msg.sender` conflicting Natspec when keepBufferBase=0
#7
sherlock-admin4
closed
5 months ago
1
panprog - ETH remaining in the contract after `invoke` is sent to `account` rather than `msg.sender`
#6
sherlock-admin3
closed
5 months ago
6
0xumarkhatab - `PerennialAction.UPDATE_POSITION` invoke action should have deadline checks in place
#5
sherlock-admin2
closed
5 months ago
2
0xumarkhatab - _deposit function's implementation contradicts with its Natspec
#4
sherlock-admin4
closed
5 months ago
4
0xumarkhatab - Invoke functionality is bricked for users using relayers for transactions
#3
sherlock-admin3
closed
5 months ago
1
joicygiore - The `PerennialAction.EXEC_ORDER` branch authentication in `MultiInvoker::_invoke()` is invalid. Anyone can bypass the verification and execute other people's orders.
#2
sherlock-admin2
closed
5 months ago
3
phenom - Unconditional ETH Transfer After Potential Invocation Failures
#1
sherlock-admin4
closed
5 months ago
1
Next