Skip to content

Issues: code-423n4/2022-10-traderjoe-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

38 Open 481 Closed
38 Open 481 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Gas Optimizations bug Something isn't working G (Gas Optimization) G-14 grade-a
#480 opened Oct 23, 2022 by code423n4
2
QA Report bug Something isn't working grade-b Q-11 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#477 opened Oct 23, 2022 by code423n4
2
User can lose input token amount while receiving no output token amount when swapping for output token that becomes non-existent bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#475 opened Oct 23, 2022 by code423n4
7
Incorrect fee calculation on LBPair (fees collected on swaps are less than what they "should" be) 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-07 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#470 opened Oct 23, 2022 by code423n4
5
Calling swapAVAXForExactTokens function while sending excess amount cannot refund such excess amount 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) M-06 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#469 opened Oct 23, 2022 by code423n4
12
QA Report bug Something isn't working grade-b Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#446 opened Oct 23, 2022 by code423n4
3
Gas Optimizations bug Something isn't working G (Gas Optimization) G-13 grade-b
#437 opened Oct 23, 2022 by code423n4
2
Attacker can keep fees max at no cost 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-05 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#430 opened Oct 23, 2022 by code423n4
10
Attacker can steal entire reserves by abusing fee calculation 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-05 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#423 opened Oct 23, 2022 by code423n4
4
Gas Optimizations bug Something isn't working G (Gas Optimization) G-12 grade-a
#406 opened Oct 23, 2022 by code423n4
2
Wrong calculation in function LBRouter._getAmountsIn make user lose a lot of tokens when swap through JoePair (most of them will gifted to JoePair freely) 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-04 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#400 opened Oct 23, 2022 by code423n4
7
Wrong implementation of function LBPair.setFeeParameter can break the funcionality of LBPair and make user's tokens locked 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-03 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#384 opened Oct 23, 2022 by code423n4
8
Gas Optimizations bug Something isn't working G (Gas Optimization) G-11 grade-a
#379 opened Oct 23, 2022 by code423n4
2
Incorrect output amount calculation for Trader Joe V1 pools 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-02 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#345 opened Oct 23, 2022 by code423n4
10
QA Report bug Something isn't working grade-b Q-08 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#342 opened Oct 23, 2022 by code423n4
3
QA Report bug Something isn't working grade-a Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#334 opened Oct 23, 2022 by code423n4
6
Gas Optimizations bug Something isn't working G (Gas Optimization) G-10 grade-b sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#326 opened Oct 23, 2022 by code423n4
3
QA Report bug Something isn't working grade-a Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#325 opened Oct 23, 2022 by code423n4
9
Gas Optimizations bug Something isn't working G (Gas Optimization) G-09 grade-a
#303 opened Oct 23, 2022 by code423n4
2
Transfering funds to yourself increases your balance 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-01 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#299 opened Oct 23, 2022 by code423n4
10
Gas Optimizations bug Something isn't working G (Gas Optimization) G-08 grade-a
#282 opened Oct 23, 2022 by code423n4
2
QA Report bug Something isn't working grade-b Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#280 opened Oct 22, 2022 by code423n4
3
Gas Optimizations bug Something isn't working edited-by-warden G (Gas Optimization) G-07 grade-a selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#250 opened Oct 22, 2022 by code423n4
5
Gas Optimizations bug Something isn't working G (Gas Optimization) G-06 grade-b
#190 opened Oct 20, 2022 by code423n4
2
QA Report bug Something isn't working grade-a Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#186 opened Oct 20, 2022 by code423n4
3
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.