Skip to content

Issues: code-423n4/2022-09-y2k-finance-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
4 Open 18 Closed
4 Open 18 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

It is possible that receiver and treasury can receive nothing when calling withdraw function due to division being performed before multiplication 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working high quality report This report is of especially high quality resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#378 opened Sep 19, 2022 by code423n4
1
Incorrect handling of pricefeed.decimals() 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working edited-by-warden high quality report This report is of especially high quality resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#195 opened Sep 18, 2022 by code423n4
1
Different Oracle issues can return outdated prices 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#61 opened Sep 16, 2022 by code423n4
3
Vault.sol is not EIP-4626 compliant 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working high quality report This report is of especially high quality resolved Finding has been patched by sponsor (sponsor pls link to PR containing fix) selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#47 opened Sep 16, 2022 by code423n4
1
ProTip! Follow long discussions with comments:>50.