sherlock-audit 2024-09-predict-fun-judging issues

sherlock-audit / 2024-09-predict-fun-judging

5 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Nave - Borrowers Will Have The Ability To Extend The Loan Duration As They Like

#291 sherlock-admin2 opened 1 month ago
0
Waydou - ``PredictDotLoan.supportsInterface` is not EIP1155 compliant

#290 sherlock-admin4 opened 1 month ago
0
ivanonchain - Inability to Refinance Loans with 100% Collateralization Due to Insufficient Collateral Check

#289 sherlock-admin3 opened 1 month ago
0
Aycozzynfada - Borrowers can't refinance their loans due improper check

#288 sherlock-admin2 opened 1 month ago
0
0xlucky - Loan with less Collateral amount and more Loan Amount will be created during auction()

#287 sherlock-admin4 opened 1 month ago
1
0xLeveler - batch refinancing in ` refinance` can be DOS'd by users toggling `toggleAutoRefinancingEnabled`

#286 sherlock-admin3 opened 1 month ago
0
mrKaplan - Flawed design on `acceptLoanOfferAndFillOrder`.

#285 sherlock-admin2 opened 1 month ago
0
0xSeverityhunter_ - Mismatch between the Interface and function calls

#284 sherlock-admin4 opened 1 month ago
0
nikhilx0111 - a malicious lender can sell already repaid loan

#283 sherlock-admin3 opened 1 month ago
0
Abhan1041 - Lender cannot use auction functionality if lender called loan when contract is paused

#282 sherlock-admin2 opened 1 month ago
0
PUSH0 - Auctioning a loan can be used to deny a repayment even when there are zero protocol fees

#281 sherlock-admin4 opened 1 month ago
0
y4y - If the protocol is paused, loans can be called, seized, but cannot be auctioned

#280 sherlock-admin3 opened 1 month ago
0
lemonmon - PredictDotLoan::auction() doesn't allow new lenders to specify a minimum interest rate

#279 sherlock-admin2 opened 1 month ago
0
valuevalk - Protocol does not factor for auto-rebasing mechanism of USDB

#278 sherlock-admin4 opened 1 month ago
0
Ikigai - Malicious user can perpetually DoS AUTO-REFINANCER's refinance function

#277 sherlock-admin3 opened 1 month ago
0
vinica_boy - Malicious lenders can perpetually deny borrowers of repaying their loan leading to higher debt

#276 sherlock-admin2 opened 1 month ago
0
LSH.F.GJ - A malicious user can create empty loans with the loan offer which is fully fulfilled

#275 sherlock-admin4 opened 1 month ago
1
Waydou - Mismanagement of Remaining LOAN_TOKEN Balance in Fee Refund Logic in `acceptLoanOfferAndFillOrder`

#274 sherlock-admin3 opened 1 month ago
0
smbv-1923 - Loss of user funds during `refinance()` under certain circumstances.

#273 sherlock-admin2 opened 1 month ago
0
0xlucky - New lender will not be able to call auction() eventhough loan would be 'Called' Status

#272 sherlock-admin4 opened 1 month ago
0
Atharv - Failure to Support Child Markets Due to Hardcoded Parent ID for Collection Calculation

#271 sherlock-admin3 opened 1 month ago
0
Albort - Collateral Under-Collateralization Due to Integer Division

#270 sherlock-admin2 opened 1 month ago
0
nikhilx0111 - function acceptLoanOfferAndFillOrder will revert when a loan amount is fully filled

#269 sherlock-admin4 opened 1 month ago
0
Sickurity - Refinance Batch may DoS due to quadratic memory expansion cost

#268 sherlock-admin3 opened 1 month ago
0
smbv-1923 - Breaking of `Collateralization Ratio At LeastOneHundredPercent` invariant during `auction()`

#267 sherlock-admin2 opened 1 month ago
1
Ironsidesec - hashProposal uses wrong typeshash when hashing the encoded Proposal struct data

#266 sherlock-admin4 opened 1 month ago
1
web3tycoon - `Loans` can mature instantly due to lack of `minimumDuration` check and `variable`

#265 sherlock-admin3 opened 1 month ago
0
ZC002 - Malicious User can frontrun loan/order cancellations

#264 sherlock-admin2 opened 1 month ago
0
smbv-1923 - Breaking of `Collateralization Ratio At LeastOneHundredPercent` invariant during `auction()`

#263 sherlock-admin4 opened 1 month ago
1
Aycozzynfada - Denial of Service in Auction Function Causing Loss of Funds for lenders

#262 sherlock-admin3 opened 1 month ago
0
cryptomoon - protocol is charging protocol fee on principal amount during auction

#261 sherlock-admin2 opened 1 month ago
0
056Security - Refinance and Auto-Refinance can be DoS-ed due to collateralization cap

#260 sherlock-admin4 opened 1 month ago
0
Flare - The `PredictDoLoan` contract is not fully compliant with EIP-1271.

#259 sherlock-admin3 opened 1 month ago
0
Sickurity - The absence of a lower bound for the interest rate of a loan can make debts <5% APY unfavourable for a lender

#258 sherlock-admin2 opened 1 month ago
0
OMEN - Denial of Service via Unfulfilled Asset Transfers

#257 sherlock-admin4 opened 1 month ago
0
Silvermist - The borrower pays interest for the protocol fee

#256 sherlock-admin3 opened 1 month ago
0
eeyore - Seizing collateral in the `call()` function, or in `seize()` without proper delay after `call()` leads to borrower fund loss.

#255 sherlock-admin2 opened 1 month ago
0
eeyore - Borrower will overcollateralize the loan when the last lender fulfills a partially fulfilled borrow request, in a case where the borrow request was initially matched and partially fulfilled with a loan offer.

#254 sherlock-admin4 opened 1 month ago
0
Atharv - Inconsistent Proposal Matching Due to Protocol Fee Basis Points Change

#253 sherlock-admin3 opened 1 month ago
0
kennedy1030 - A borrower cannot take back his collateral if the lender is blocked.

#252 sherlock-admin2 opened 1 month ago
0
Pheonix - Borrowers loan can get stuck if lender becomes usdc blacklisted after giving loan.

#251 sherlock-admin4 opened 1 month ago
0
000000 - A protocol invariant regarding the holding of an ERC20 token can be broken

#250 sherlock-admin3 opened 1 month ago
0
infect3d - Borrower can grief/DoS Refinancer Bots by setting a ERC1155 callback that reverts when executed on-chain but pass when simulated off-chain

#249 sherlock-admin2 opened 1 month ago
0
000000 - Each loan taking up at least 10% of the proposal's loan amount is a protocol invariant that doesn't hold in all cases

#248 sherlock-admin4 opened 1 month ago
1
Ikigai - Lenders vulnerable to forced unfavorable loans due to exploitable salt cancellation mechanism

#247 sherlock-admin3 opened 1 month ago
0
valuevalk - If question gets paused during an auction, the auction will still gain interest rate and potentially expire

#246 sherlock-admin2 opened 1 month ago
0
056Security - Borrower could pay inflated collateral.

#245 sherlock-admin4 opened 1 month ago
0
OMEN - PredictDotLoan.sol Seize Function Vulnerability: Incomplete Debt Recovery Disincentivizes Lenders

#244 sherlock-admin3 opened 1 month ago
0
Sickurity - Malicious user will DOS refinance(batch) by reverting on ERC1155Received()

#243 sherlock-admin2 opened 1 month ago
0
dimulski - Users accrue interest on the protocol fee

#242 sherlock-admin4 opened 1 month ago
0

Previous Next