sherlock-audit 2024-06-leveraged-vaults-judging issues

sherlock-audit / 2024-06-leveraged-vaults-judging

11 stars 8 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

unRekt - Not checking if a sequencer is down or not in a function to fetch rate from oracle can lead to outdated and unordered data feed

#132 sherlock-admin3 closed 4 months ago
1
smbv-1923 - Missing deadline checks allow pending transactions to be maliciously executed

#131 sherlock-admin2 closed 4 months ago
0
unique - in `PendlePTOracle::_calculateBaseToQuote()` the function expects to return `answeredInRound` which is Deprecated

#130 sherlock-admin4 closed 4 months ago
2
unRekt - Not taking in account `approve` race condition can lead to frontrunning attack

#129 sherlock-admin3 closed 4 months ago
1
unRekt - No checks present in the `getRewardSettings()` function of `VaultRewarderLib.sol` to ensure if the index `for` loop is going out of bound, can lead to potential DoS attacks.

#128 sherlock-admin2 closed 4 months ago
1
sa9933 - Use of block.timestamp for deadline in every swap can lead to loss

#127 sherlock-admin4 closed 4 months ago
0
brgltd - Lack of slippage protection

#126 sherlock-admin3 closed 4 months ago
0
0xrobsol - Incomplete Handling of Sequencer Uptime Checking

#125 sherlock-admin2 closed 4 months ago
1
0xrobsol - Incomplete Handling of Liquidation Events in _finalizeWithdrawsManual

#124 sherlock-admin4 closed 4 months ago
1
unRekt - Using AMM as an Oracle can lead to price manipulation attacks via flashLoan

#123 sherlock-admin3 closed 4 months ago
1
0xrobsol - Potential Risk of Unchecked Slippage Guard in _sellStakedUSDe

#122 sherlock-admin2 closed 4 months ago
0
4b - Unhandled return value of transfer can cause `EthenaCooldownHolder::_finalizeCooldown()` to return true when it is not supposed to

#121 sherlock-admin4 closed 4 months ago
1
bareli - stale price may happen in "_calculateBaseToQuote"

#120 sherlock-admin3 closed 4 months ago
1
0xrobsol - Potential Insolvency Risk and Underflow in _finalizeWithdrawImpl Function Due to Lack of Balance Validation

#119 sherlock-admin2 closed 4 months ago
1
unRekt - `_checkReentrancyContext()` lacks implementation and doesn't checks for reentrancy anywhere.

#118 sherlock-admin4 closed 4 months ago
1
unRekt - Rebasing tokens can break functionality of `getStakingTokensForVaultShare` function in `BaseStakingVault.sol`

#117 sherlock-admin3 closed 4 months ago
1
unRekt - `_claimRewardToken` function in `VaultRewarderLib` contract uses `IEIP20NonStandard` which makes protocol vulnerable to weird ERC20 behaviors.

#116 sherlock-admin2 closed 4 months ago
1
katta_seller - Reward calculation is broken

#115 sherlock-admin4 closed 4 months ago
9
unRekt - Contracts not using safe math

#114 sherlock-admin3 closed 4 months ago
1
ZeroTrust - Users can frontrun LSTs/LRTs tokens prices decrease in order to avoid losses

#113 sherlock-admin2 closed 4 months ago
1
4b - Using `block.timestamp` for deadline offers no protection

#112 sherlock-admin4 closed 4 months ago
0
zhuying - Don't check the emission is over when setting new emission rate

#111 sherlock-admin3 closed 4 months ago
1
denzi_ - `minAmountOut` set to 0 in `_redeemPT()` can cause loss of funds through redemption

#110 sherlock-admin2 closed 4 months ago
0
denzi_ - Usage of hardcoded 0 as limit in _sellStakedUSDe() function allows for sandwich opportunities.

#109 sherlock-admin4 closed 4 months ago
0
4b - DOS in `BaseStakingVault::convertStrategyToUnderlying()`

#108 sherlock-admin3 closed 4 months ago
1
4b - Chainlink feed not validated in `PendlePTOracle`

#107 sherlock-admin2 closed 4 months ago
1
4b - `PendlePTOracle::twapDuration` should not be immutable

#106 sherlock-admin4 closed 4 months ago
1
lemonmon - `Kelp:_finalizeCooldown` cannot claim the withdrawal if adversary would requestWithdrawals with dust amount for the holder

#105 sherlock-admin3 opened 4 months ago
10
BiasedMerc - Kelp vault allows staking of amounts that will be less than minimum required to be redeemable

#104 sherlock-admin2 closed 4 months ago
1
zhuying - Some rewards will be struck in contract because of rounding down

#103 sherlock-admin4 closed 4 months ago
1
zhuying - `claimAccountRewards` could revert if many users want to claim at the same time

#102 sherlock-admin3 closed 4 months ago
1
lemonmon - The `PendlePTOracle` contract may return a wrong price when calculating the price with `getPtToAssetRate()`

#101 sherlock-admin2 closed 4 months ago
0
lemonmon - Missing implementation of `ClonedCoolDownHolder:rescueTokens` inside the `PendlePTKelpVault` and `PendlePTStakedUSDeVault` vaults

#100 sherlock-admin4 closed 4 months ago
1
lemonmon - Missing slippage protection in `PendlePrincipalToken:redeemPT`

#99 sherlock-admin3 closed 4 months ago
0
Hearmen - EtherFiLib_initiateWithdrawImpl approve to wrong address lead to withdraw fail

#98 sherlock-admin2 closed 4 months ago
1
lemonmon - Missing slippage protection in `Ethena:_sellStakedUSDe`

#97 sherlock-admin4 closed 4 months ago
0
ZeroTrust - Corruptible Upgradability Pattern

#96 sherlock-admin3 closed 4 months ago
1
ZeroTrust - In `updateRewardToken()` function missing revoking tokens permissions in the TradingModule

#95 sherlock-admin2 closed 4 months ago
1
nirohgo - VaultRewardLib decreases a user's claimable reward amount even if the reward transfer fails

#94 sherlock-admin4 closed 4 months ago
0
nirohgo - WithdrawRequestBase::_getValueOfSplitFinalizedWithdrawRequest does not account for decimals when converting from redeem token to borrow token

#93 sherlock-admin3 closed 4 months ago
0
nirohgo - PendlePTOracle does not check pendle oracle's health with every call

#92 sherlock-admin2 closed 4 months ago
1
nirohgo - Precision calculation error in PendlePTOracle::_calculateBaseToQuote causing erroneous price reports

#91 sherlock-admin4 closed 4 months ago
0
nirohgo - Reward emissions can be blocked with a DOS attack due to insufficient precision is emissions calculation

#90 sherlock-admin3 closed 4 months ago
7
aman - `WithdrawRequestBase:_splitWithdrawRequest` assigns a request ID of `0` to `_to` when `w.vaultShares == vaultShares` and the vault shares cannot be redeemed.

#89 sherlock-admin2 closed 4 months ago
1
aman - minPurchaseAmount check wil be bypassed in case of `borrowToken==DAI`

#88 sherlock-admin4 closed 4 months ago
0
aman - The integration with `Kelp:WithdrawManager` is not correct

#87 sherlock-admin3 closed 4 months ago
15
Clever Pink Bat - Front-runable initializer

#86 sherlock-admin4 closed 4 months ago
1
Ironsidesec - `_sellStakedUSDe` is prone to slippage and MEV

#85 sherlock-admin3 closed 4 months ago
0
Ironsidesec - `_redeemPT` uses 0 slippage

#84 sherlock-admin2 closed 4 months ago
0
Ironsidesec - `_canFinalizeWithdrawRequest` returns false on an edge case

#83 sherlock-admin4 closed 4 months ago
1