-
Notifications
You must be signed in to change notification settings - Fork 1
Issues: code-423n4/2022-09-y2k-finance-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
It is possible that receiver and treasury can receive nothing when calling Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
high quality report
This report is of especially high quality
resolved
Finding has been patched by sponsor (sponsor pls link to PR containing fix)
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
withdraw
function due to division being performed before multiplication
2 (Med Risk)
#378
opened Sep 19, 2022 by
code423n4
Incorrect handling of pricefeed.decimals()
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
edited-by-warden
high quality report
This report is of especially high quality
resolved
Finding has been patched by sponsor (sponsor pls link to PR containing fix)
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#195
opened Sep 18, 2022 by
code423n4
Different Oracle issues can return outdated prices
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
resolved
Finding has been patched by sponsor (sponsor pls link to PR containing fix)
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#61
opened Sep 16, 2022 by
code423n4
Vault.sol is not EIP-4626 compliant
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
high quality report
This report is of especially high quality
resolved
Finding has been patched by sponsor (sponsor pls link to PR containing fix)
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#47
opened Sep 16, 2022 by
code423n4
ProTip!
Follow long discussions with comments:>50.