sherlock-audit 2024-05-pooltogether-judging issues

sherlock-audit / 2024-05-pooltogether-judging

8 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

0xSpearmint1 - A malicious user can set their hook to a malicious implementation, so that claimers tx spends all the gas allocated and reverts

#70 sherlock-admin4 closed 2 months ago
0
Rhaydden - Inconsistent Total Supply Accounting in `_transferBalance` Function

#69 sherlock-admin3 closed 2 months ago
2
Timenov - No token and gas yield configured for Blast.

#68 sherlock-admin2 closed 2 months ago
0
alexbabits - deadline can be current block.timestamp during swaps leading to maximum price slippage

#67 sherlock-admin4 closed 2 months ago
0
newt - Avoiding Contradictions in Conditional Logic

#66 sherlock-admin3 closed 2 months ago
1
newt - Lack Of Zero Address Checks

#65 sherlock-admin2 closed 2 months ago
1
Rhaydden - `liquidationPair` is able to add any number of `_yieldFee`

#64 sherlock-admin4 closed 2 months ago
2
AnasTur - TPDA Dutch Auction Manipulation in PoolTogether V5

#63 sherlock-admin3 closed 2 months ago
1
AnasTur - Inconsistent TWAB Calculation for Zero Balances in TwabController

#62 sherlock-admin2 closed 2 months ago
1
AnasTur - Prize Pool Tier Manipulation via Claim Counts

#61 sherlock-admin4 closed 2 months ago
0
AnasTur - Critical Access Control Flaw in PoolTogether V5 Prize Pool Contract - Potential for Prize Manipulation

#60 sherlock-admin3 closed 2 months ago
1
Rhaydden - Potential Issue in `withdrawShutdownBalance` can allow users receive more than their fair share at the expense of others

#59 sherlock-admin2 closed 2 months ago
2
zraxx - The function finishDraw and startDraw can be front-runned.

#58 sherlock-admin4 closed 2 months ago
2
zraxx - By claiming prizes at the canary tiers, malicious users can reduce the claim fee at other tiers

#57 sherlock-admin3 closed 2 months ago
1
0xSpearmint1 - If a user calls `contributePrizeTokens` they are vulnerable to a frontrunning attack

#56 sherlock-admin2 closed 2 months ago
1
0xSpearmint1 - Liquidator can avoid paying the yieldFee by liquidating small amounts

#55 sherlock-admin4 closed 2 months ago
2
zraxx - Since no deadline is set, `startDraw` will cause the user to suffer losses

#54 sherlock-admin3 closed 2 months ago
2
Rhaydden - Missing `notShutdown` modifier in `claimPrize`

#53 sherlock-admin2 closed 2 months ago
0
NoOne - Permit is not compatible with `DAI`

#52 sherlock-admin4 closed 2 months ago
1
0xSpearmint1 - An attacker can force the prize vault into a state such that `withdraw` will revert for all users that deposited

#51 sherlock-admin3 closed 2 months ago
0
zraxx - Attackers can create invalid observations by contributing 0 PrizeToken, causing getDisbursedBetween to return incorrect values.

#50 sherlock-admin2 closed 2 months ago
2
newt - Functions Missing Parameters

#49 sherlock-admin4 closed 2 months ago
1
volodya - _directlyContributedReserve doesn't work as expected

#48 sherlock-admin3 closed 2 months ago
1
zraxx - When the total Draw Auction Rewards exceeds availableRewards, `finishDraw` will fail.

#47 sherlock-admin2 closed 2 months ago
0
zraxx - `getDisbursedBetween` may return incorrect values when `ringBufferInfo.cardinality = 1`

#46 sherlock-admin4 closed 2 months ago
2
0xSpearmint1 - YieldVaults with fee on deposit are incompatible with the protocol

#45 sherlock-admin3 closed 2 months ago
11
0xSpearmint1 - An attacker can take advantage of a yield vault that made a loss, at the expense of all other users

#44 sherlock-admin2 closed 2 months ago
7
AuditorPraise - witnet doesn't support avalanche chain

#43 sherlock-admin4 closed 2 months ago
1
0xSpearmint1 - A new draw cannot be finished if the lastStartDrawAuction's rngRequestId is void

#42 sherlock-admin3 closed 2 months ago
1
AuditorPraise - Users can know the random number before a draw closes

#41 sherlock-admin2 closed 2 months ago
2
AuditorPraise - `prizeVault.previewDeposit()` and `prizeVault.previewMint()` don't comply to ERC4626 standard

#40 sherlock-admin4 closed 2 months ago
2
MiloTruck - `TpdaLiquidationPair.swapExactAmountOut()` can be DOSed by a vault's mint limit

#39 sherlock-admin3 opened 3 months ago
9
MiloTruck - Price formula in `TpdaLiquidationPair._computePrice()` does not account for a jump in liquidatable balance

#38 sherlock-admin2 opened 3 months ago
9
MiloTruck - `try/catch` in `Claimer._claim()` allows users to steal gas from claimer bots

#37 sherlock-admin4 closed 2 months ago
0
MiloTruck - Distributing liquidity based on the last `grandPrizePeriodDraws` days post-shutdown is problematic

#36 sherlock-admin3 closed 2 months ago
12
snapishere - DOS of claimprize function in the PrizePool.sol+ Loss of Tokens

#35 sherlock-admin2 closed 2 months ago
1
0xSpearmint1 - Attacker can ensure they win by manipulating `isWinner` calculation

#34 sherlock-admin4 closed 2 months ago
11
MiloTruck - `TierCalculationLib.calculateWinningZone()` rounding down could severely reduce a user's chances of winning

#33 sherlock-admin3 closed 2 months ago
2
MiloTruck - Inconsistent result from `DrawAccumulator.binarySearch()` causes prize pool calculations to be incorrect

#32 sherlock-admin2 closed 2 months ago
3
0xSpearmint1 - An attacker can DOS deposits by frontrunning to reach the TWAB limit

#31 sherlock-admin4 closed 2 months ago
1
MiloTruck - `uint96` is too small for `_directlyContributedReserve`, which is cumulative

#30 sherlock-admin3 closed 2 months ago
3
MiloTruck - Undistributed prize liquidity due to `tierLiquidityUtilizationRate` remains stuck in the prize pool

#29 sherlock-admin2 closed 2 months ago
1
MiloTruck - `drawTimeoutAt()` causes the prize pool to shutdown one draw earlier

#28 sherlock-admin4 opened 3 months ago
11
MiloTruck - Draws can be retried even if a random number is available or the current draw has finished

#27 sherlock-admin3 opened 3 months ago
11
MiloTruck - `DrawManager.startDraw()` can be called after prize pool shutdown, even though `finishDraw()` always reverts

#26 sherlock-admin2 closed 2 months ago
28
MiloTruck - `DrawManager.finishDraw()` might allocate more rewards than the reserve amount to draws

#25 sherlock-admin4 closed 2 months ago
0
MiloTruck - Use of `.transfer()` in `Requestor.withdraw()` will not work on zkSync

#24 sherlock-admin3 closed 2 months ago
1
0xSpearmint1 - `yieldFeeBalance` cannot be claimed once `TWAB_SUPPLY_LIMIT` is reached

#23 sherlock-admin2 closed 2 months ago
8
0xSpearmint1 - An attacker can DOS liquidations once a vault is near the TWAB limit

#22 sherlock-admin4 closed 2 months ago
1
dany.armstrong90 - The condition check of function `DrawManager.sol#canStartDraw` is wrong.

#21 sherlock-admin3 closed 2 months ago
1

Previous Next