issues
search
sherlock-audit
/
2024-09-predict-fun-judging
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Blurry Chiffon Seagull - Borrowers Will Have The Ability To Extend The Loan Duration As They Like
#291
sherlock-admin2
opened
2 days ago
0
Shallow Purple Ladybug - ``PredictDotLoan.supportsInterface` is not EIP1155 compliant
#290
sherlock-admin4
opened
2 days ago
0
Massive Foggy Gorilla - Inability to Refinance Loans with 100% Collateralization Due to Insufficient Collateral Check
#289
sherlock-admin3
opened
2 days ago
0
Cool Ash Ostrich - Borrowers can't refinance their loans due improper check
#288
sherlock-admin2
opened
2 days ago
0
Main Seaweed Condor - Loan with less Collateral amount and more Loan Amount will be created during auction()
#287
sherlock-admin4
opened
2 days ago
0
Wonderful Ceramic Bat - batch refinancing in ` refinance` can be DOS'd by users toggling `toggleAutoRefinancingEnabled`
#286
sherlock-admin3
opened
2 days ago
0
Fit Canvas Squid - Flawed design on `acceptLoanOfferAndFillOrder`.
#285
sherlock-admin2
opened
2 days ago
0
Bumpy Rainbow Mustang - Mismatch between the Interface and function calls
#284
sherlock-admin4
opened
2 days ago
0
Agreeable Umber Cat - a malicious lender can sell already repaid loan
#283
sherlock-admin3
opened
2 days ago
0
Striped Bronze Ferret - Lender cannot use auction functionality if lender called loan when contract is paused
#282
sherlock-admin2
opened
2 days ago
0
Rare Emerald Sealion - Auctioning a loan can be used to deny a repayment even when there are zero protocol fees
#281
sherlock-admin4
opened
2 days ago
0
Magnificent Cinnamon Fly - If the protocol is paused, loans can be called, seized, but cannot be auctioned
#280
sherlock-admin3
opened
2 days ago
0
Decent Marmalade Blackbird - PredictDotLoan::auction() doesn't allow new lenders to specify a minimum interest rate
#279
sherlock-admin2
opened
2 days ago
0
Fast Fern Mammoth - Protocol does not factor for auto-rebasing mechanism of USDB
#278
sherlock-admin4
opened
2 days ago
0
Abundant Graphite Hippo - Malicious user can perpetually DoS AUTO-REFINANCER's refinance function
#277
sherlock-admin3
opened
2 days ago
0
Stable Midnight Canary - Malicious lenders can perpetually deny borrowers of repaying their loan leading to higher debt
#276
sherlock-admin2
opened
2 days ago
0
Hot Carrot Jaguar - A malicious user can create empty loans with the loan offer which is fully fulfilled
#275
sherlock-admin4
opened
2 days ago
0
Shallow Purple Ladybug - Mismanagement of Remaining LOAN_TOKEN Balance in Fee Refund Logic in `acceptLoanOfferAndFillOrder`
#274
sherlock-admin3
opened
2 days ago
0
Zealous Peanut Wolf - Loss of user funds during `refinance()` under certain circumstances.
#273
sherlock-admin2
opened
2 days ago
0
Main Seaweed Condor - New lender will not be able to call auction() eventhough loan would be 'Called' Status
#272
sherlock-admin4
opened
2 days ago
0
Gorgeous Sangria Ant - Failure to Support Child Markets Due to Hardcoded Parent ID for Collection Calculation
#271
sherlock-admin3
opened
2 days ago
0
Slow Hazel Copperhead - Collateral Under-Collateralization Due to Integer Division
#270
sherlock-admin2
opened
2 days ago
0
Agreeable Umber Cat - function acceptLoanOfferAndFillOrder will revert when a loan amount is fully filled
#269
sherlock-admin4
opened
2 days ago
0
Energetic Tangelo Starfish - Refinance Batch may DoS due to quadratic memory expansion cost
#268
sherlock-admin3
opened
2 days ago
0
Zealous Peanut Wolf - Breaking of `Collateralization Ratio At LeastOneHundredPercent` invariant during `auction()`
#267
sherlock-admin2
opened
2 days ago
0
Savory Aqua Wolf - hashProposal uses wrong typeshash when hashing the encoded Proposal struct data
#266
sherlock-admin4
opened
2 days ago
1
Savory White Panda - `Loans` can mature instantly due to lack of `minimumDuration` check and `variable`
#265
sherlock-admin3
opened
2 days ago
0
Fantastic Canvas Hedgehog - Malicious User can frontrun loan/order cancellations
#264
sherlock-admin2
opened
2 days ago
0
Zealous Peanut Wolf - Breaking of `Collateralization Ratio At LeastOneHundredPercent` invariant during `auction()`
#263
sherlock-admin4
opened
2 days ago
0
Cool Ash Ostrich - Denial of Service in Auction Function Causing Loss of Funds for lenders
#262
sherlock-admin3
opened
2 days ago
0
Rare Sky Mouse - protocol is charging protocol fee on principal amount during auction
#261
sherlock-admin2
opened
2 days ago
0
Mammoth Basil Baboon - Refinance and Auto-Refinance can be DoS-ed due to collateralization cap
#260
sherlock-admin4
opened
2 days ago
0
Ambitious Bubblegum Salmon - The `PredictDoLoan` contract is not fully compliant with EIP-1271.
#259
sherlock-admin3
opened
2 days ago
0
Energetic Tangelo Starfish - The absence of a lower bound for the interest rate of a loan can make debts <5% APY unfavourable for a lender
#258
sherlock-admin2
opened
2 days ago
0
Rough Raisin Guppy - Denial of Service via Unfulfilled Asset Transfers
#257
sherlock-admin4
opened
2 days ago
0
Prehistoric Fleece Pig - The borrower pays interest for the protocol fee
#256
sherlock-admin3
opened
2 days ago
0
Clumsy Fern Parrot - Seizing collateral in the `call()` function, or in `seize()` without proper delay after `call()` leads to borrower fund loss.
#255
sherlock-admin2
opened
2 days ago
0
Clumsy Fern Parrot - Borrower will overcollateralize the loan when the last lender fulfills a partially fulfilled borrow request, in a case where the borrow request was initially matched and partially fulfilled with a loan offer.
#254
sherlock-admin4
opened
2 days ago
0
Gorgeous Sangria Ant - Inconsistent Proposal Matching Due to Protocol Fee Basis Points Change
#253
sherlock-admin3
opened
2 days ago
0
Fancy Mocha Stork - A borrower cannot take back his collateral if the lender is blocked.
#252
sherlock-admin2
opened
2 days ago
0
Bright Saffron Urchin - Borrowers loan can get stuck if lender becomes usdc blacklisted after giving loan.
#251
sherlock-admin4
opened
2 days ago
0
Plain Red Puma - A protocol invariant regarding the holding of an ERC20 token can be broken
#250
sherlock-admin3
opened
2 days ago
0
Breezy Sapphire Salamander - Borrower can grief/DoS Refinancer Bots by setting a ERC1155 callback that reverts when executed on-chain but pass when simulated off-chain
#249
sherlock-admin2
opened
2 days ago
0
Plain Red Puma - Each loan taking up at least 10% of the proposal's loan amount is a protocol invariant that doesn't hold in all cases
#248
sherlock-admin4
opened
2 days ago
0
Abundant Graphite Hippo - Lenders vulnerable to forced unfavorable loans due to exploitable salt cancellation mechanism
#247
sherlock-admin3
opened
2 days ago
0
Fast Fern Mammoth - If question gets paused during an auction, the auction will still gain interest rate and potentially expire
#246
sherlock-admin2
opened
2 days ago
0
Mammoth Basil Baboon - Borrower could pay inflated collateral.
#245
sherlock-admin4
opened
2 days ago
0
Rough Raisin Guppy - PredictDotLoan.sol Seize Function Vulnerability: Incomplete Debt Recovery Disincentivizes Lenders
#244
sherlock-admin3
opened
2 days ago
0
Energetic Tangelo Starfish - Malicious user will DOS refinance(batch) by reverting on ERC1155Received()
#243
sherlock-admin2
opened
2 days ago
0
Glorious Tawny Jellyfish - Users accrue interest on the protocol fee
#242
sherlock-admin4
opened
2 days ago
0
Previous
Next