Skip to content
This repository has been archived by the owner on Apr 28, 2024. It is now read-only.

Issues: sherlock-audit/2023-10-real-wagmi-judging

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

detectiveking - Borrower collateral that they are owed can get stuck in Vault and not sent back to them after calling repay Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#122 opened Oct 23, 2023 by sherlock-admin2
HHK - Wrong accLoanRatePerSeconds in repay() can lead to underflow Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#119 opened Oct 23, 2023 by sherlock-admin
talfao - No slippage protection during repayment due to dynamic slippage params and easily influenced slot0() Disagree With Severity The sponsor disputed the severity of this issue Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#109 opened Oct 23, 2023 by sherlock-admin
HHK - computePoolAddress() will not work on ZkSync Era Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Won't Fix The sponsor confirmed this issue will not be fixed
#104 opened Oct 23, 2023 by sherlock-admin2
seeques - Incorrect calculations of borrowingCollateral leads to DoS for positions in the current tick range due to underflow Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#86 opened Oct 23, 2023 by sherlock-admin2
0x52 - Blacklisted creditor can block all repayment besides emergency closure Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#83 opened Oct 23, 2023 by sherlock-admin
0x52 - Adversary can overwrite function selector in _patchAmountAndCall due to inline assembly lack of overflow protection Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#82 opened Oct 23, 2023 by sherlock-admin2
0x52 - Creditor can maliciously burn UniV3 position to permanently lock funds Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#78 opened Oct 23, 2023 by sherlock-admin2
0x52 - Adversary can reenter takeOverDebt() during liquidation to steal vault funds High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#76 opened Oct 23, 2023 by sherlock-admin2
AuditorPraise - old borrowing key is used instead of newBorrowingKey when adding old loans to the newBorrowing in LiquidityBorrowingManager.takeOverDebt() Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#53 opened Oct 23, 2023 by sherlock-admin
HHK - No deadline and slippage check on takeOverDebt() can lead to unexpected results Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#51 opened Oct 23, 2023 by sherlock-admin
0xDetermination - DoS of lenders and gas griefing by packing tokenIdToBorrowingKeys arrays Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#15 opened Oct 23, 2023 by sherlock-admin
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.