issues
search
zlsecure3
/
review_Aark
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
oracle price can be valid as long as they want
#38
zlsecure3
opened
1 year ago
3
The first depositor of LpManager can have exclusive access to all awards from FuturesManager
#37
zlsecure3
opened
1 year ago
3
centralization issue for the oracle
#36
zlsecure3
opened
1 year ago
3
LpRouter.orderLp has no slippage control
#35
zlsecure3
opened
1 year ago
3
The price will be wrong when the token's USD price feed's decimals != 8
#34
zlsecure3
opened
1 year ago
3
handling of `MarketStatus.FORBIDDEN` is unsound in `FuturesLogic::getDeleverageObject()` function
#33
zlsecure3
opened
1 year ago
3
should assert `maintenanceMarginFraction<initialMarginFraction` in `FuturesManagerStorage::setMarketConfig()` function
#32
zlsecure3
opened
1 year ago
3
`LiquidateCollateralLocalVars.MM` is never used
#31
zlsecure3
opened
1 year ago
3
`globalPendingFundingFee` is never used in `FuturesManager::updateAmplifierAndFundingRates()` function
#30
zlsecure3
opened
1 year ago
3
it could be more readable by factoring out `-1` in `FuturesLogic::_updateUserStatus` function
#29
zlsecure3
opened
1 year ago
3
Malicious user can send 1 wei ETH to bad debt accounts to prevent the account from being subrogated, so that the value of share in InsuranceManager does not drop
#28
zlsecure3
opened
1 year ago
3
decimal of `MAX_LEVERAGE` is treated differently in two different places
#27
zlsecure3
opened
1 year ago
3
observer design is very gas in-efficiency
#26
zlsecure3
opened
1 year ago
3
Incorrect `assetId` and `marketId` Upper Boundary Check
#25
zlsecure3
opened
1 year ago
3
should not return derivable data in `FuturesRouter::getCounter` function
#24
zlsecure3
opened
1 year ago
3
`MAX_VALID_INITIAL_MARGIN_FRACTION` should be 10000 in `MarketConfig` library
#23
zlsecure3
opened
1 year ago
3
`MAX_VALID_FEE_RATE` should be `10000` in `TierConfig::setFeeRate()` function
#22
zlsecure3
opened
1 year ago
3
`MAX_VALID_MAINT_MARGIN_FRACTION/MAX_VALID_LIQUIDATION_BONUS` should be `10000` in `LiquidationConfig` contract
#21
zlsecure3
opened
1 year ago
3
`MAX_VALID_PROTOCOL_REVENUE_RATIO/MAX_VALID_INSURANCE_BONUS` should be 10000 in `ManagerGlobalConfig` contract
#20
zlsecure3
opened
1 year ago
3
`_fee` calculation can be simplified in `LpLogic::updatePaidValue()` function
#19
zlsecure3
opened
1 year ago
3
it's possible that two different tokens assigned the same assetId in `ReserveStorage::setReserveConfig` function
#18
zlsecure3
opened
1 year ago
3
missing require error message for many places
#17
zlsecure3
opened
1 year ago
3
scope of `indexPrice` should be reduced in `CommonManager::_removeCollateral` function
#16
zlsecure3
opened
1 year ago
3
wrong value for `MAX_VALID_ASSET_ID` in `ReserveConfig::setAssetId` function
#15
zlsecure3
opened
1 year ago
3
gas optimization for `UserStatus::setOwnsPosition/setUsingAsCollateral` function
#14
zlsecure3
opened
1 year ago
3
no need to define `SHARE_DECIMAL` for `InsuranceLogic::updateShare` function
#13
zlsecure3
opened
1 year ago
3
`lastDepositTimestamp` is never updated in `InsuranceLogic::updateShare()` function
#12
zlsecure3
opened
1 year ago
3
onlyManager granted too many permissions to `Vault::cumulateProtocolFee` function
#11
zlsecure3
opened
1 year ago
3
missing event for `Observer::setUSD/setWETH/setTierStorage/setReferralStorage` functions
#10
zlsecure3
opened
1 year ago
3
missing update for `liqConfig` in `MarketUpdator::update()` function
#9
zlsecure3
opened
1 year ago
3
could save some gas in `CommonManager::_removeCollateral` function
#8
zlsecure3
opened
1 year ago
3
wrong comment for `sender` in both `LpManager::addCollateral` and `FuturesManager::addCollateral`
#7
zlsecure3
opened
1 year ago
3
should assert `vars.defaultOraclePrice` is not negative in `PriceOracle::_getPriceFeed(uint256 assetId)` function
#6
zlsecure3
opened
1 year ago
3
InsuranceManager, TierStorage, ContractReader missing inheritance
#5
zlsecure3
opened
1 year ago
3
remove unused state variables
#4
zlsecure3
opened
1 year ago
3
state variables that could be declared immutable
#3
zlsecure3
opened
1 year ago
3
code is never used and should be removed
#2
zlsecure3
opened
1 year ago
3
futuresTierConfigs in TierStorage not initialized, But It used in setTierConfigs and getTierConfigs
#1
zlsecure3
opened
1 year ago
3