-
Notifications
You must be signed in to change notification settings - Fork 0
Issues: code-423n4/2022-10-traderjoe-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-14
grade-a
#480
opened Oct 23, 2022 by
code423n4
User can lose input token amount while receiving no output token amount when swapping for output token that becomes non-existent
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
Q-10
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#475
opened Oct 23, 2022 by
code423n4
Incorrect fee calculation on LBPair (fees collected on swaps are less than what they "should" be)
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
M-07
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#470
opened Oct 23, 2022 by
code423n4
Calling Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
M-06
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
swapAVAXForExactTokens
function while sending excess amount cannot refund such excess amount
2 (Med Risk)
#469
opened Oct 23, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-13
grade-b
#437
opened Oct 23, 2022 by
code423n4
Attacker can keep fees max at no cost
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-05
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#430
opened Oct 23, 2022 by
code423n4
Attacker can steal entire reserves by abusing fee calculation
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-05
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#423
opened Oct 23, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-12
grade-a
#406
opened Oct 23, 2022 by
code423n4
Wrong calculation in function Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-04
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
LBRouter._getAmountsIn
make user lose a lot of tokens when swap through JoePair (most of them will gifted to JoePair freely)
3 (High Risk)
#400
opened Oct 23, 2022 by
code423n4
Wrong implementation of function Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-03
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
LBPair.setFeeParameter
can break the funcionality of LBPair and make user's tokens locked
3 (High Risk)
#384
opened Oct 23, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-11
grade-a
#379
opened Oct 23, 2022 by
code423n4
Incorrect output amount calculation for Trader Joe V1 pools
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-02
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#345
opened Oct 23, 2022 by
code423n4
QA Report
bug
Something isn't working
grade-a
Q-07
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#334
opened Oct 23, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-10
grade-b
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#326
opened Oct 23, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-09
grade-a
#303
opened Oct 23, 2022 by
code423n4
Transfering funds to yourself increases your balance
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-01
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#299
opened Oct 23, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-08
grade-a
#282
opened Oct 23, 2022 by
code423n4
QA Report
bug
Something isn't working
grade-b
Q-05
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#280
opened Oct 22, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
edited-by-warden
G (Gas Optimization)
G-07
grade-a
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#250
opened Oct 22, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-06
grade-b
#190
opened Oct 20, 2022 by
code423n4
QA Report
bug
Something isn't working
grade-a
Q-04
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#186
opened Oct 20, 2022 by
code423n4
Previous Next
ProTip!
Type g p on any issue or pull request to go back to the pull request listing page.