From 52e5d3c5b49b36bca9a4208c4147f323a8f01082 Mon Sep 17 00:00:00 2001
From: Evert Kors <evert@hatching.io>
Date: Fri, 16 Sep 2022 16:06:54 +0200
Subject: [PATCH] dedup

---
 057-M/1-report.md => 004-H/057.m.md |  0
 058-M/1-report.md => 004-H/058m.md  |  0
 045-M/1-report.md => 024-H/045-m.md |  0
 072-M/1-report.md => 033-H/072-m.md |  0
 089-H/1-report.md => 033-H/089-h.md |  0
 090-H/1-report.md => 033-H/090-h.md |  0
 096-H/1-report.md => 033-H/096-h.md |  0
 099-H/1-report.md => 033-H/099-h.md |  0
 100-M/1-report.md => 033-H/100-m.md |  0
 114-M/1-report.md => 033-H/114-m.md |  0
 061-M/1-report.md => 035-M/061-m.md |  0
 095-M/1-report.md => 035-M/095-m.md |  0
 041-M/1-report.md => 036-M/041-m.md |  0
 046-H/1-report.md                   | 38 -----------------------------
 047-M/1-report.md                   | 12 ++++-----
 075-M/1-report.md => 052-M/075-m.md |  0
 101-M/1-report.md => 052-M/101-m.md |  0
 109-M/1-report.md                   | 20 ---------------
 040-M/1-report.md => info/040-m.md  |  0
 049-M/1-report.md => info/049.m.md  |  0
 050-M/1-report.md => info/050-m.md  |  0
 051-M/1-report.md => info/051-m.md  |  0
 056-M/1-report.md => info/056-m.md  |  0
 064-M/1-report.md => info/064-m.md  |  0
 068-H/1-report.md => info/068-h.md  |  0
 082-M/1-report.md => info/082-m.md  |  0
 108-M/1-report.md => info/108-m.md  |  0
 110-M/1-report.md => info/110-m.md  |  0
 042-H/1-report.md => low/042-h.md   |  0
 054-M/1-report.md => low/054-m.md   |  0
 112-M/1-report.md => low/112-m.md   |  0
 113-M/1-report.md => low/113-m.md   |  0
 115-M/1-report.md => low/115-m.md   |  0
 116-M/1-report.md => low/116-m.md   |  0
 34 files changed, 6 insertions(+), 64 deletions(-)
 rename 057-M/1-report.md => 004-H/057.m.md (100%)
 rename 058-M/1-report.md => 004-H/058m.md (100%)
 rename 045-M/1-report.md => 024-H/045-m.md (100%)
 rename 072-M/1-report.md => 033-H/072-m.md (100%)
 rename 089-H/1-report.md => 033-H/089-h.md (100%)
 rename 090-H/1-report.md => 033-H/090-h.md (100%)
 rename 096-H/1-report.md => 033-H/096-h.md (100%)
 rename 099-H/1-report.md => 033-H/099-h.md (100%)
 rename 100-M/1-report.md => 033-H/100-m.md (100%)
 rename 114-M/1-report.md => 033-H/114-m.md (100%)
 rename 061-M/1-report.md => 035-M/061-m.md (100%)
 rename 095-M/1-report.md => 035-M/095-m.md (100%)
 rename 041-M/1-report.md => 036-M/041-m.md (100%)
 delete mode 100644 046-H/1-report.md
 rename 075-M/1-report.md => 052-M/075-m.md (100%)
 rename 101-M/1-report.md => 052-M/101-m.md (100%)
 delete mode 100644 109-M/1-report.md
 rename 040-M/1-report.md => info/040-m.md (100%)
 rename 049-M/1-report.md => info/049.m.md (100%)
 rename 050-M/1-report.md => info/050-m.md (100%)
 rename 051-M/1-report.md => info/051-m.md (100%)
 rename 056-M/1-report.md => info/056-m.md (100%)
 rename 064-M/1-report.md => info/064-m.md (100%)
 rename 068-H/1-report.md => info/068-h.md (100%)
 rename 082-M/1-report.md => info/082-m.md (100%)
 rename 108-M/1-report.md => info/108-m.md (100%)
 rename 110-M/1-report.md => info/110-m.md (100%)
 rename 042-H/1-report.md => low/042-h.md (100%)
 rename 054-M/1-report.md => low/054-m.md (100%)
 rename 112-M/1-report.md => low/112-m.md (100%)
 rename 113-M/1-report.md => low/113-m.md (100%)
 rename 115-M/1-report.md => low/115-m.md (100%)
 rename 116-M/1-report.md => low/116-m.md (100%)

diff --git a/057-M/1-report.md b/004-H/057.m.md
similarity index 100%
rename from 057-M/1-report.md
rename to 004-H/057.m.md
diff --git a/058-M/1-report.md b/004-H/058m.md
similarity index 100%
rename from 058-M/1-report.md
rename to 004-H/058m.md
diff --git a/045-M/1-report.md b/024-H/045-m.md
similarity index 100%
rename from 045-M/1-report.md
rename to 024-H/045-m.md
diff --git a/072-M/1-report.md b/033-H/072-m.md
similarity index 100%
rename from 072-M/1-report.md
rename to 033-H/072-m.md
diff --git a/089-H/1-report.md b/033-H/089-h.md
similarity index 100%
rename from 089-H/1-report.md
rename to 033-H/089-h.md
diff --git a/090-H/1-report.md b/033-H/090-h.md
similarity index 100%
rename from 090-H/1-report.md
rename to 033-H/090-h.md
diff --git a/096-H/1-report.md b/033-H/096-h.md
similarity index 100%
rename from 096-H/1-report.md
rename to 033-H/096-h.md
diff --git a/099-H/1-report.md b/033-H/099-h.md
similarity index 100%
rename from 099-H/1-report.md
rename to 033-H/099-h.md
diff --git a/100-M/1-report.md b/033-H/100-m.md
similarity index 100%
rename from 100-M/1-report.md
rename to 033-H/100-m.md
diff --git a/114-M/1-report.md b/033-H/114-m.md
similarity index 100%
rename from 114-M/1-report.md
rename to 033-H/114-m.md
diff --git a/061-M/1-report.md b/035-M/061-m.md
similarity index 100%
rename from 061-M/1-report.md
rename to 035-M/061-m.md
diff --git a/095-M/1-report.md b/035-M/095-m.md
similarity index 100%
rename from 095-M/1-report.md
rename to 035-M/095-m.md
diff --git a/041-M/1-report.md b/036-M/041-m.md
similarity index 100%
rename from 041-M/1-report.md
rename to 036-M/041-m.md
diff --git a/046-H/1-report.md b/046-H/1-report.md
deleted file mode 100644
index bb75686..0000000
--- a/046-H/1-report.md
+++ /dev/null
@@ -1,38 +0,0 @@
-cryptphi
-# AccountManager.liquidate() allows any user to steal any additional token or ETH held in contract 
-
-## Summary
-Any user who liquidates an account will be transferred all tokens or ETH that were sent directly to the account contract.
-
-## Vulnerability Detail
-When a user calls AccountManager.liquidate() , they receive all token assets and ETH held in the account contract which also includes those which were sent directly to the contract so long the account is unhealthy.
-
-This means a user could possibly target accounts that holds extra ETH and/or tokens and they satisfy the account unhealthy condition. 
-
-## Impact
-Loss of contract funds
-
-## Code Snippet
-**Account Sweep**
-```
-function sweepTo(address toAddress) external accountManagerOnly {
-        uint assetsLen = assets.length;
-        for(uint i; i < assetsLen; ++i) {
-            assets[i].safeTransfer(
-                toAddress,
-                assets[i].balanceOf(address(this))
-            );
-            hasAsset[assets[i]] = false;
-        }
-        delete assets;
-        toAddress.safeTransferEth(address(this).balance);
-    }
-```
-Above transfers all assets and eth held in the account contract which may not match the total borrows by the account, allowing any user that calls liquidates and pays the token amount to LToken contract, to walk away with some profits in both eth and erc20 token assets.
-
-## Tool used
-
-Manual Review
-
-## Recommendation
-The sweepTo() function's logic should be that which sends the amount of assets liquidated by the user and not all tokens held by account contract.
diff --git a/047-M/1-report.md b/047-M/1-report.md
index 3c0aabb..7416684 100644
--- a/047-M/1-report.md
+++ b/047-M/1-report.md
@@ -26,13 +26,13 @@ the getPrice logic is implemented as
     }
 ```
 
-note the formula used is 
+note the formula used is
 
 ```
  2 * sqrt(r0 * r1 * p0 * p1) / totalSupply
 ```
 
-but 
+but
 
 ```
  IUniswapV2Pair(pair).totalSupply());
@@ -59,7 +59,7 @@ r1 is token1 -> B,
 
 3. The user borrows a large excessive large number of tokens and never repays back and leaves the bad debt.
 
-4. the user withdraws liquidity, repays the flash loan, and walks away with profit at the cost of the user. 
+4. the user withdraws liquidity, repays the flash loan, and walks away with profit at the cost of the user.
 
 Please check the simulation code before in Python implementation, the price is manipulated from 20 to 500
 
@@ -77,7 +77,7 @@ class Simulation:
         self.total_lp_supply = 10
 
     def get_price(self):
-        
+
         # 2 * sqrt(r0 * r1 * p0 * p1) / totalSupply
 
         return 2 * math.sqrt(
@@ -94,7 +94,7 @@ class Simulation:
     # liquidity = Math.min(amount0.mul(_totalSupply) / _reserve0, amount0.mul(_totalSupply) / _reserve0);
 
     def inflate(self, amount0, amount1):
-    
+
         self.reserve0 += amount0 # transfer amount0 into pair pool
         self.reserve1 += amount1 # transfer amount1 into pair pool.
 
@@ -120,7 +120,7 @@ if __name__ == "__main__":
     print('price after', price)
 ```
 
-the running result is 
+the running result is
 
 ```
 price before 20.0
diff --git a/075-M/1-report.md b/052-M/075-m.md
similarity index 100%
rename from 075-M/1-report.md
rename to 052-M/075-m.md
diff --git a/101-M/1-report.md b/052-M/101-m.md
similarity index 100%
rename from 101-M/1-report.md
rename to 052-M/101-m.md
diff --git a/109-M/1-report.md b/109-M/1-report.md
deleted file mode 100644
index 7dcf94b..0000000
--- a/109-M/1-report.md
+++ /dev/null
@@ -1,20 +0,0 @@
-0xNazgul
-# [NAZ-M2] Protocol Admin is a Single Point of Failure
-
-## Summary
-Protocol admin can arbitrarily and unilaterally update implementations, critical addresses, configure critical parameters and pause/unpause. This presents a critical single point of failure. 
-
-## Vulnerability Detail
-Sentiment protocol uses a custom `Ownable.sol` to implement its single admin. If a protocol admin becomes malicious or compromised, the entire protocol is immediately at risk for all existing/future markets/participants. 
-
-## Impact
-While the updation of many critical parameters emit events, that only lets market participants react after the fact because these changes are not time-delayed.
-
-## Code Snippet
-[`AccountManager.sol#L76`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/core/AccountManager.sol#L76), [`AccountManager.sol#L395`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/core/AccountManager.sol#L395), [`Registry.sol#L74`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/core/Registry.sol#L74), [`Registry.sol#L95`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/core/Registry.sol#L95), [`RiskEngine.sol#L57`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/core/RiskEngine.sol#L57), [`Beacon.sol#L18`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/proxy/Beacon.sol#L18), [`BeaconProxy.sol#L21`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/proxy/BeaconProxy.sol#L21), [`Proxy.sol#L21`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/proxy/Proxy.sol#L21), [`Proxy.sol#L25`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/proxy/Proxy.sol#L25), [`LToken.sol#L116`](https://github.com/sherlock-audit/2022-08-sentiment-0xNazgul/blob/main/protocol/src/tokens/LToken.sol#L116)
-
-## Tool used
-Manual Review
-
-## Recommendation
-The protocol admin should nevertheless be a reasonable threshold multisig (e.g. 4/7, 5/9) with diverse owners and (cold/hardware) wallets until it is backed by token-holder governance, i.e., it should certainly never be an EOA. The highest possible operational security measures should be taken for all multisig owners and wallets. The assignment of roles to and management by different addresses should be enforced at the earliest in the spirit of the Principle of Least Privilege and Principle of Separation of Privilege.
\ No newline at end of file
diff --git a/040-M/1-report.md b/info/040-m.md
similarity index 100%
rename from 040-M/1-report.md
rename to info/040-m.md
diff --git a/049-M/1-report.md b/info/049.m.md
similarity index 100%
rename from 049-M/1-report.md
rename to info/049.m.md
diff --git a/050-M/1-report.md b/info/050-m.md
similarity index 100%
rename from 050-M/1-report.md
rename to info/050-m.md
diff --git a/051-M/1-report.md b/info/051-m.md
similarity index 100%
rename from 051-M/1-report.md
rename to info/051-m.md
diff --git a/056-M/1-report.md b/info/056-m.md
similarity index 100%
rename from 056-M/1-report.md
rename to info/056-m.md
diff --git a/064-M/1-report.md b/info/064-m.md
similarity index 100%
rename from 064-M/1-report.md
rename to info/064-m.md
diff --git a/068-H/1-report.md b/info/068-h.md
similarity index 100%
rename from 068-H/1-report.md
rename to info/068-h.md
diff --git a/082-M/1-report.md b/info/082-m.md
similarity index 100%
rename from 082-M/1-report.md
rename to info/082-m.md
diff --git a/108-M/1-report.md b/info/108-m.md
similarity index 100%
rename from 108-M/1-report.md
rename to info/108-m.md
diff --git a/110-M/1-report.md b/info/110-m.md
similarity index 100%
rename from 110-M/1-report.md
rename to info/110-m.md
diff --git a/042-H/1-report.md b/low/042-h.md
similarity index 100%
rename from 042-H/1-report.md
rename to low/042-h.md
diff --git a/054-M/1-report.md b/low/054-m.md
similarity index 100%
rename from 054-M/1-report.md
rename to low/054-m.md
diff --git a/112-M/1-report.md b/low/112-m.md
similarity index 100%
rename from 112-M/1-report.md
rename to low/112-m.md
diff --git a/113-M/1-report.md b/low/113-m.md
similarity index 100%
rename from 113-M/1-report.md
rename to low/113-m.md
diff --git a/115-M/1-report.md b/low/115-m.md
similarity index 100%
rename from 115-M/1-report.md
rename to low/115-m.md
diff --git a/116-M/1-report.md b/low/116-m.md
similarity index 100%
rename from 116-M/1-report.md
rename to low/116-m.md