sherlock-audit 2024-09-predict-fun-judging issues

sherlock-audit / 2024-09-predict-fun-judging

5 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

dany.armstrong90 - `PredictDotLoan.acceptLoanOfferAndFillOrder()` function is vulnerable for the front-run attack.

#241 sherlock-admin3 opened 1 month ago
0
Sickurity - Malicios user can block borrowers repay using blocklist in USDC

#240 sherlock-admin2 opened 1 month ago
0
valuevalk - Call() function should not be supported during emergency pause.

#239 sherlock-admin4 opened 1 month ago
0
cryptomoon - charging protocol fee on principal amount during refinancing will cause loss to borrowers

#238 sherlock-admin3 opened 1 month ago
0
0xBhumii - Potential Transaction Manipulation by Lender-Miners Leading to Unfair `Collateral Seizure`

#237 sherlock-admin2 opened 1 month ago
0
Ikigai - Lenders at risk of unwanted loans due to faulty Proposal cancellation implementation

#236 sherlock-admin4 opened 1 month ago
0
nikhilx0111 - the function calculatecollateralamount is flawed

#235 sherlock-admin3 opened 1 month ago
0
OMEN - PredictDotLoan.sol Auction Function Vulnerability: Protocol Fees Disincentivize Lender Participation

#234 sherlock-admin2 opened 1 month ago
0
0xBhumii - Precision Loss in Debt Calculation

#233 sherlock-admin4 opened 1 month ago
0
Ikigai - Borrowers can exploit market price changes to profit without initial capital

#232 sherlock-admin3 opened 1 month ago
0
valuevalk - The Protocol is not strictly compliant with EIP721

#231 sherlock-admin2 opened 1 month ago
0
ginlee - Missing whenNotPaused Modifier Will Allow Unauthorized Execution of seize, call, and cancel Functions During Paused State

#230 sherlock-admin4 opened 1 month ago
0
vinica_boy - Time sensitive acceptLoanOfferAndFillOrder() function can be DoS-ed

#229 sherlock-admin3 opened 1 month ago
0
Atharv - Overflow in Debt Calculation Prevents Loan Repayment, Leading to Loss of Collateral

#228 sherlock-admin2 opened 1 month ago
0
Midgar - Protocol fee rounds down in disfavour of the protocol

#227 sherlock-admin4 opened 1 month ago
0
Pheonix - Gas Griefing and Selective Denial is possible by implementing a malicious callback.

#226 sherlock-admin3 opened 1 month ago
0
404Notfound - Lender will suffer potential loss due to incorrect loan duration

#225 sherlock-admin2 opened 1 month ago
0
iamnmt - A position with a blacklisted lender can not be auctioned

#224 sherlock-admin4 opened 1 month ago
0
web3tycoon - CTF tokens can be drained from the Contract

#223 sherlock-admin3 opened 1 month ago
0
valuevalk - Missing cancellation delay, which leads to users not being able to cancel a proposal as they can be front-run and have their unwanted proposal matched or accepted

#222 sherlock-admin2 opened 1 month ago
0
bughuntoor - Borrower might unexpectedly take an incredibly overcollateralized loan.

#221 sherlock-admin4 opened 1 month ago
0
0xBhumii - Mismatch Between Documentation and Implementation of call() Function

#220 sherlock-admin3 opened 1 month ago
0
PNS - After `call` and `repay`, the lender loses part of the fee

#219 sherlock-admin2 opened 1 month ago
0
0xShoonya - Incorrect encoding of `questionId` field in `hashProposal` function breaks `EIP-712` compatibility

#218 sherlock-admin4 opened 1 month ago
0
kuprum - Loan market disruption via instant arbitrage in `acceptLoanOfferAndFillOrder`

#217 sherlock-admin3 opened 1 month ago
0
Abhan1041 - Refinancing of loan can be turned into loss instead of benefit to the borrower

#216 sherlock-admin2 opened 1 month ago
0
0xBhumii - Potential Cross-Chain Replay Attack on Proposal Signatures

#215 sherlock-admin4 opened 1 month ago
0
valuevalk - If Lender gets blacklisted for USDC it will DoS borrower from repaying, which will lock up the collateral CTF tokens.

#214 sherlock-admin3 opened 1 month ago
0
OMEN - malicious borrower can get the whole collateral without paying the interest

#213 sherlock-admin2 opened 1 month ago
0
newspacexyz - Reverting in acceptLoanOfferAndFillOrder() due to feeRateBps >= 10000

#212 sherlock-admin4 opened 1 month ago
0
cryptomoon - Excess collateral will be taken from borrowRequest even when it's not needed

#211 sherlock-admin3 opened 1 month ago
0
Ikigai - Lender can prevent Borrower from refinancing by calling the loan while it has not yet matured

#210 sherlock-admin2 opened 1 month ago
0
PNS - Admin invalidates all proposals in the system by changing unrelated protocol parameters

#209 sherlock-admin4 opened 1 month ago
0
phoenixv110 - The Protocol Fee should round off in the favour of the protocol

#208 sherlock-admin3 opened 1 month ago
0
0rpse - Borrowers might not be able to repay loan due to USDC blacklisting

#207 sherlock-admin2 opened 1 month ago
0
sheep - Lack of Support for fee-on-transfer tokens e.g USDC, USDB

#206 sherlock-admin4 opened 1 month ago
0
nikhilx0111 - protocol fee calculation rounds down to zero

#205 sherlock-admin3 opened 1 month ago
0
hard1k - ``call`` function in ``PredictDotLoan`` can create unfavourable situations for the users of the protocol.

#204 sherlock-admin2 opened 1 month ago
0
TessKimy - Borrowers can suffer from refinance feature due to missing multi position refinance toggle on/off handling

#203 sherlock-admin4 opened 1 month ago
0
0xnbvc - # M1 - Unfair refinancing of auctioned loans allows defaulted borrowers to escape high-interest penalties and forces new lenders into defaulted loans

#202 sherlock-admin3 opened 1 month ago
0
0xLeveler - Protocol will not get fees on some proposals due to rounding down

#201 sherlock-admin2 opened 1 month ago
0
tobi0x18 - An incorrect fee calculation may result in the application of two different fee rates

#200 sherlock-admin4 opened 1 month ago
1
tobi0x18 - Improper update of fulfillment of `borrowRequest` in the `matchProposals()` function will lead to unfair loans

#199 sherlock-admin3 opened 1 month ago
0
Pheonix - An attacker can potentially consume all loan proposals at relatively low cost

#198 sherlock-admin2 opened 1 month ago
1
infect3d - Wrong type used for `questionId` in proposal EIP-712 typeHash, making it non-compliant with EIP712

#197 sherlock-admin4 opened 1 month ago
0
0xRstStn - Loans with low collateral ratio cannot be refinanced

#196 sherlock-admin3 opened 1 month ago
0
TessKimy - Refinance feature can be DoSed which causes loss of funds for borrowers

#195 sherlock-admin2 opened 1 month ago
0
ShawnAudit - Didn't specific data type result in more gas consuming.

#194 sherlock-admin4 opened 1 month ago
0
web3tycoon - `Lenders` can be rugged pulled through `acceptLoanOfferAndFillOrder()`.

#193 sherlock-admin3 opened 1 month ago
0
kennedy1030 - The `matchProposals` function increases the collateral ratio of the borrowing request

#192 sherlock-admin2 opened 1 month ago
0

Previous Next