Skip to content

Issues: code-423n4/2024-03-revert-lend-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

109 Open 411 Closed
109 Open 411 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Any user can become approved to steal tokens from LeverageTransformer contract bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a insufficient quality report This report is not of sufficient quality Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_17_group AI based duplicate group recommendation sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#520 opened Mar 15, 2024 by c4-bot-6
14
Gas Optimizations bug Something isn't working G (Gas Optimization) G-01 grade-a sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#519 opened Mar 15, 2024 by c4-bot-6
3
Analysis A-01 analysis-advanced grade-a sufficient quality report This report is of sufficient quality
#517 opened Mar 15, 2024 by c4-bot-6
2
Gas Optimizations bug Something isn't working G (Gas Optimization) G-02 grade-a high quality report This report is of especially high quality selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#514 opened Mar 15, 2024 by c4-bot-3
4
No access control to check caller of leverage functions in LeverageTransformer contract is approved vault bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-366 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_17_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#513 opened Mar 15, 2024 by c4-bot-4
6
Gas Optimizations bug Something isn't working G (Gas Optimization) G-03 grade-b sufficient quality report This report is of sufficient quality
#509 opened Mar 15, 2024 by c4-bot-9
2
Gas Optimizations bug Something isn't working G (Gas Optimization) G-04 grade-a sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#508 opened Mar 15, 2024 by c4-bot-9
4
QA Report bug Something isn't working grade-b Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#507 opened Mar 15, 2024 by c4-bot-6
7
Analysis A-02 analysis-advanced edited-by-warden grade-b insufficient quality report This report is not of sufficient quality
#505 opened Mar 15, 2024 by c4-bot-5
7
Analysis A-03 analysis-advanced grade-a sufficient quality report This report is of sufficient quality
#495 opened Mar 15, 2024 by c4-bot-7
3
QA Report bug Something isn't working grade-b Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#473 opened Mar 15, 2024 by c4-bot-8
5
An attacker can easily bypass the collateral value limit factor checks 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-01 primary issue Highest quality submission among a set of duplicates 🤖_133_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#466 opened Mar 15, 2024 by c4-bot-3
8
Protocol can be repeatedly gas griefed in AutoRange external call 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-02 primary issue Highest quality submission among a set of duplicates 🤖_29_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#459 opened Mar 15, 2024 by c4-bot-7
13
Gas Optimizations bug Something isn't working G (Gas Optimization) G-05 grade-b sufficient quality report This report is of sufficient quality
#456 opened Mar 15, 2024 by c4-bot-7
2
No minLoanSize means liquidators will have no incentive to liquidate small positions 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden M-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#455 opened Mar 15, 2024 by c4-bot-4
7
Lack of Slippage Protection in withdraw/redeem Function of the Vault bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-281 grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_143_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#452 opened Mar 15, 2024 by c4-bot-1
6
No slippage check during withdraw/deposit bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-281 grade-b Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_143_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#451 opened Mar 15, 2024 by c4-bot-2
6
Settling a loan in full when deleveraging always reverts bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-172 grade-b insufficient quality report This report is not of sufficient quality Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_172_group AI based duplicate group recommendation
#449 opened Mar 15, 2024 by c4-bot-6
4
Analysis A-04 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#442 opened Mar 15, 2024 by c4-bot-5
6
Gas Optimizations bug Something isn't working edited-by-warden G (Gas Optimization) G-06 grade-b insufficient quality report This report is not of sufficient quality
#439 opened Mar 15, 2024 by c4-bot-5
6
Due to interest rates update method, Interest-Free Loans are possible and the Cost of DoS are reduced 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-04 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#435 opened Mar 15, 2024 by c4-bot-4
13
Depositing assets doesn't contain a slippage check bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-281 grade-a Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_143_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#434 opened Mar 15, 2024 by c4-bot-8
5
setReserveFactor fails to update global interest before updating reserve factor 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-05 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#427 opened Mar 15, 2024 by c4-bot-8
6
Daily limit invariant can break when setting limits without daily limit updates bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-367 grade-a insufficient quality report This report is not of sufficient quality QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_78_group AI based duplicate group recommendation
#424 opened Mar 15, 2024 by c4-bot-4
6
Users can lend and borrow above allowed limitations 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-06 primary issue Highest quality submission among a set of duplicates 🤖_78_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#415 opened Mar 15, 2024 by c4-bot-3
6
ProTip! Add no:assignee to see everything that’s not assigned.