Skip to content
This repository has been archived by the owner on Jan 12, 2025. It is now read-only.

Issues: sherlock-audit/2024-06-magicsea-judging

16 Open 709 Closed
16 Open 709 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

ZanyBonzy - Lack of support for fee on transfer, rebasing and tokens with balance modifications outside of transfers. Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix
#545 opened Jul 15, 2024 by sherlock-admin3
17
iamnmt - Unclaimed rewards when emergency withdrawing are not redistributed in MasterChef and MlumStaking Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#460 opened Jul 15, 2024 by sherlock-admin2
30
Yashar - Attacker can manipulate the lockDuration of other users positions Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#378 opened Jul 15, 2024 by sherlock-admin4
4
minhquanym - Inconsistent check in harvestPositionsTo() function Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#329 opened Jul 15, 2024 by sherlock-admin3
4
ChinmayF - Voting and bribe rewards can be hijacked during emergency unlock by already existing positions Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#290 opened Jul 15, 2024 by sherlock-admin4
34
santipu_ - Attacker can block all votes to a specific pool by triggering an overflow error Escalation Resolved This issue's escalations have been approved/rejected High A High severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#237 opened Jul 15, 2024 by sherlock-admin2
51
BlockBusters - Rewards might get stuck when approved actor renews a position Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#207 opened Jul 15, 2024 by sherlock-admin2
4
dimulski - Adding genuine BribeRewarder contract instances to a pool in order to incentivize users can be DOSed Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#190 opened Jul 15, 2024 by sherlock-admin3
3
ChinmayF - Funds unutilized for rewards may get stranded in BribeRewarder Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A High severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#172 opened Jul 15, 2024 by sherlock-admin3
2
cocacola - Voting does not take into account end of staking lock period Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A High severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#166 opened Jul 15, 2024 by sherlock-admin3
18
ChinmayF - Voters will lose all bribe rewards forever if they do not claim their rewards after the last bribing period Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A High severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#164 opened Jul 15, 2024 by sherlock-admin4
36
robertodf - MlumStaking::addToPosition should assing the amount multiplier based on the new lock duration instead of initial lock duration. Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#138 opened Jul 15, 2024 by sherlock-admin2
4
PUSH0 - Wrong call order for setTopPoolIdsWithWeights, resulting in wrong distribution of rewards Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A High severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#107 opened Jul 15, 2024 by sherlock-admin4
3
PUSH0 - New staking positions still gets the full reward amount as with old stakings, diluting rewards for old stakers Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A Medium severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#74 opened Jul 15, 2024 by sherlock-admin4
2
jsmi - A voter lose bribe rewards if another voter voted before claim. Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A High severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#52 opened Jul 15, 2024 by sherlock-admin3
11
jennifer37 - Non-functional vote() if there is one bribe rewarder for this pool Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A High severity issue. Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#39 opened Jul 15, 2024 by sherlock-admin2
4
ProTip! What’s not been updated in a month: updated:<2024-12-15.