issues
search
sherlock-audit
/
2024-09-predict-fun-judging
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Precise Banana Beetle - In `PredictDotLoan.sol` it is possible that the fees that are sent to the `protocolFeeRecepient` might round down to 0.
#341
sherlock-admin3
closed
2 days ago
0
Fast Holographic Salmon - Use of Magic Numbers in Code
#340
sherlock-admin4
closed
2 days ago
0
Tangy Coconut Python - refinance is not protected against frontrunning
#339
sherlock-admin2
closed
2 days ago
0
Merry Glass Kitten - Use nested `if` statements instead of logical AND (`&&`)
#338
sherlock-admin3
closed
2 days ago
0
Jumpy Strawberry Caterpillar - Missing Zero Address Checks in Constructor
#337
sherlock-admin4
closed
2 days ago
0
Melodic Mocha Aardvark - The transaction will fail if the transfer of collateral is not already approved
#336
sherlock-admin2
closed
2 days ago
0
Melodic Mocha Aardvark - Protocol fee for refinancing increases could potentially discourage refinancing for long-standing loans
#335
sherlock-admin3
closed
2 days ago
0
Ambitious Amethyst Canary - No limit on Batch cancellation request
#334
sherlock-admin4
closed
2 days ago
0
Merry Glass Kitten - Unused event `LoanTokenStatusUpdated`
#333
sherlock-admin2
closed
2 days ago
1
Fluffy Sangria Wallaby - Unnecessary import of forge-std/console2.sol
#332
sherlock-admin3
closed
2 days ago
1
Kind Aqua Ostrich - Public visibility on a library function can increase gas costs in `InterestLib.sol`
#331
sherlock-admin4
closed
2 days ago
0
Kind Aqua Ostrich - Lack of input validation for `updateProtocolFeeRecipient` will result to funds be lost permanently in `PredictDotLoan.sol`
#330
sherlock-admin2
closed
2 days ago
0
Wild Cinnamon Crocodile - Incorrect Values Emitted in NoncesIncremented Event
#329
sherlock-admin3
closed
2 days ago
0
Massive Foggy Gorilla - Updating protocolFeeBasisPoints Invalidate Existing Proposals, Leading to Denial of Service in the matchProposals function
#328
sherlock-admin2
opened
2 days ago
0
Rare Sky Mouse - fulfillment struct of borrower is not updated when their loan is refinanced
#327
sherlock-admin3
closed
2 days ago
0
Slow Hazel Copperhead - Order of Operations in Batch Refinancing
#326
sherlock-admin2
opened
2 days ago
0
Urban Jetblack Mantaray - Malicious lenders can set the minimum duration of the loan to 0 or close to 0 and use the ```call()`` function to force borrowers to either default or pay high interest rates.
#325
sherlock-admin4
opened
2 days ago
0
Fit Canvas Squid - `matchProposals` function will revert while a proposal (`borrowRequest/loanOffer`) has less than 10% remaining value.
#324
sherlock-admin3
opened
2 days ago
0
Winning Pistachio Hippo - `auction` function does not check if collateral amount > debt + protocol fee
#323
sherlock-admin2
opened
2 days ago
1
Savory White Panda - while filling accepting offer and order
#322
sherlock-admin4
opened
2 days ago
0
Zealous Peanut Wolf - `whenNotPaused()` modifier not checked during `call()` which creates problem
#321
sherlock-admin3
opened
2 days ago
0
Melodic Mocha Aardvark - Insufficient Collateralization Ratio Check Leading to Potential Undercollateralized Loans
#320
sherlock-admin2
opened
2 days ago
0
Massive Foggy Gorilla - Uninitialized minimumOrderFeeRate Allows Bypassing Minimum Fee Requirement in acceptLoanOfferAndFillOrder Function
#319
sherlock-admin4
opened
2 days ago
0
Main Seaweed Condor - A win win sitaution can be there for attacker as borrower
#318
sherlock-admin2
closed
2 days ago
0
Agreeable Umber Cat - incorrect check in acceptloanofferandfillorder will cause the function to revert when the borrower is buying the last loan
#317
sherlock-admin4
opened
2 days ago
0
Dancing Daffodil Dove - Incorrect Handling of Final and Partial Loan Fulfillment Amounts in `_assertFulfillAmountNotTooLow` Function
#316
sherlock-admin3
opened
2 days ago
0
Delightful Strawberry Armadillo - A lender can lend 0 amount of LOAN_TOKEN to lock borrowOffer 's remaining collatteral amount.
#315
sherlock-admin2
opened
2 days ago
0
Petite Coconut Barracuda - Collateral token and Loan token(USDC) decimals could be different leading to incorrect collateralization ratio checks
#314
sherlock-admin4
opened
2 days ago
0
Crazy Arctic Halibut - Static Collateral Checks in `matchProposals()` Prevent Borrowers from Utilizing Updated/Improved Collateralization Ratios After a Partial Fulfillment
#313
sherlock-admin3
opened
2 days ago
1
Cool Ash Ostrich - Malicious user can front-run refinancing to cause DOS
#312
sherlock-admin2
opened
2 days ago
0
Overt Fossilized Elephant - Borrower Receives Less Than Expected Loan Amount Due to Protocol Fee Deduction
#311
sherlock-admin4
opened
2 days ago
0
Main Seaweed Condor - Improper and outdated check of valid signature for wallet address like Multisig wallet is there.
#310
sherlock-admin3
opened
2 days ago
0
Prehistoric Juniper Swan - Incorrect Implementation of InterestLib::pow causes underestimated Debt calculation
#309
sherlock-admin2
opened
2 days ago
0
Massive Foggy Gorilla - Incorrect Handling of Tokens with Different Decimals Causes Miscalculations in Debt and Interest Calculations
#308
sherlock-admin4
opened
2 days ago
0
Savory White Panda - Denial of Service Attack due to `reverting` if `borrower` has turned off `AutoRefinancing`
#307
sherlock-admin3
opened
2 days ago
0
Custom Rusty Urchin - The protocol can change the minimumOrderFeeRate after a loan offer has been created but before it has been accepted.
#306
sherlock-admin2
opened
2 days ago
0
Petite Coconut Barracuda - The `loan.amount` can be greater than the `collateral.amount` leading to less than 100% collateralization ratio
#305
sherlock-admin4
opened
2 days ago
0
Urban Jetblack Mantaray - Malicious borrower can arbitrage with acceptLoanOfferAndFillOrder()
#304
sherlock-admin3
opened
2 days ago
0
Custom Rusty Urchin - 'hashProposal' function will lead to wrong hash due to a wrong `questionId` type in the abi.encode
#303
sherlock-admin2
opened
2 days ago
0
Agreeable Umber Cat - a malicious user can grief the protocol
#302
sherlock-admin4
opened
2 days ago
0
Prehistoric Fleece Pig - Paused ERC1155 result in the borrower being unable to repay his debt
#301
sherlock-admin3
opened
2 days ago
0
Shallow Purple Ladybug - Incorrect Refund Calculation in Partial Order Fulfillment Scenarios
#300
sherlock-admin2
opened
2 days ago
0
Mammoth Basil Baboon - Discrepency between protocol documentation and code implementation for `matchProposals(...)`
#299
sherlock-admin4
opened
2 days ago
0
Stable Midnight Canary - Protocol highly depends on correct block.timestamp values which is not the case in Arbitrum
#298
sherlock-admin3
opened
2 days ago
0
Blurry Chiffon Seagull - Borrowers Have The Ability To Make Other Party Pay Their Interest Rate Fee
#297
sherlock-admin2
opened
2 days ago
0
Fast Fern Mammoth - Borrower can DoS and cause off-chain system big gas costs due to callback function from ERC1155
#296
sherlock-admin4
opened
2 days ago
0
Modern Chili Pelican - Setting `protocolFeeBasisPoints = 0` will allow the lender to DoS on repaying a matured loan by auctioning the loan
#295
sherlock-admin3
opened
2 days ago
0
Zealous Peanut Wolf - Attacker would never lose money under certain circumstances
#294
sherlock-admin2
opened
2 days ago
0
Huge Glossy Ladybug - Decimal difference between CTF token and Loan token is missimplemented while using USDC or USDB as collateral token
#293
sherlock-admin4
opened
2 days ago
0
Urban Jetblack Mantaray - 1.Malicious borrower can use up loan offers by calling acceptLoanOffersAndFillOrders()
#292
sherlock-admin3
opened
2 days ago
0
Next