This repository has been archived by the owner on Apr 28, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 14
Issues: sherlock-audit/2023-10-real-wagmi-judging
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
detectiveking - Borrower collateral that they are owed can get stuck in Vault and not sent back to them after calling This issue's escalations have been approved/rejected
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
repay
Escalation Resolved
#122
opened Oct 23, 2023 by
sherlock-admin2
HHK - Wrong A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
accLoanRatePerSeconds
in repay()
can lead to underflow
Has Duplicates
#119
opened Oct 23, 2023 by
sherlock-admin
talfao - No slippage protection during repayment due to dynamic slippage params and easily influenced The sponsor disputed the severity of this issue
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
slot0()
Disagree With Severity
#109
opened Oct 23, 2023 by
sherlock-admin
HHK - A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Won't Fix
The sponsor confirmed this issue will not be fixed
computePoolAddress()
will not work on ZkSync Era
Has Duplicates
#104
opened Oct 23, 2023 by
sherlock-admin2
seeques - Incorrect calculations of borrowingCollateral leads to DoS for positions in the current tick range due to underflow
Escalation Resolved
This issue's escalations have been approved/rejected
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#86
opened Oct 23, 2023 by
sherlock-admin2
0x52 - Blacklisted creditor can block all repayment besides emergency closure
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#83
opened Oct 23, 2023 by
sherlock-admin
0x52 - Adversary can overwrite function selector in _patchAmountAndCall due to inline assembly lack of overflow protection
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#82
opened Oct 23, 2023 by
sherlock-admin2
0x52 - Creditor can maliciously burn UniV3 position to permanently lock funds
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#78
opened Oct 23, 2023 by
sherlock-admin2
0x52 - Adversary can reenter takeOverDebt() during liquidation to steal vault funds
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#76
opened Oct 23, 2023 by
sherlock-admin2
AuditorPraise - old borrowing key is used instead of A valid issue with 1+ other issues describing the same vulnerability
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
newBorrowingKey
when adding old loans to the newBorrowing in LiquidityBorrowingManager.takeOverDebt()
Has Duplicates
#53
opened Oct 23, 2023 by
sherlock-admin
HHK - No deadline and slippage check on This issue's escalations have been approved/rejected
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
takeOverDebt()
can lead to unexpected results
Escalation Resolved
#51
opened Oct 23, 2023 by
sherlock-admin
0xDetermination - DoS of lenders and gas griefing by packing tokenIdToBorrowingKeys arrays
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#15
opened Oct 23, 2023 by
sherlock-admin
ProTip!
Type g p on any issue or pull request to go back to the pull request listing page.