-
Notifications
You must be signed in to change notification settings - Fork 4
Issues: code-423n4/2024-04-panoptic-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Attacker can mint long position with dust amount to make a loss to protocol
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-313
grade-b
Q-01
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_352_group
AI based duplicate group recommendation
#581
opened Apr 22, 2024 by
c4-bot-6
Nondeterministic clone can cause issues in case of reorg
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-a
primary issue
Highest quality submission among a set of duplicates
Q-02
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#573
opened Apr 22, 2024 by
c4-bot-1
Return values of Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
approve()
not checked
bug
#565
opened Apr 22, 2024 by
c4-bot-4
maxMint()
violates EIP-4626
bug
#553
opened Apr 22, 2024 by
c4-bot-2
Lack of Arbitrum Sequencer Uptime Checks in CollateralTracker Contract
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#546
opened Apr 22, 2024 by
c4-bot-8
Median is not updated when burning a position, which can result in an inaccurate solvency check
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-a
primary issue
Highest quality submission among a set of duplicates
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#540
opened Apr 22, 2024 by
c4-bot-9
PanopticFactory
uses spot price when deploying new pools, resulting in liquidity manipulation when minting
2 (Med Risk)
#537
opened Apr 22, 2024 by
c4-bot-7
haircutPremia
will not cover protocol losses using liquidatee long premiums
bug
#534
opened Apr 22, 2024 by
c4-bot-6
PanopticFactory
can be bricked and become unusable
bug
#523
opened Apr 22, 2024 by
c4-bot-8
MaxLimit is not implemented in minting
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-501
grade-b
Q-10
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_61_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
#513
opened Apr 22, 2024 by
c4-bot-9
_validatePositionList()
does not check for duplicate tokenIds, allowing attackers to bypass solvency checks
2 (Med Risk)
#498
opened Apr 22, 2024 by
c4-bot-3
Malicious users will purchase dust amount of options to prevent option sellers from burning their options
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
primary issue
Highest quality submission among a set of duplicates
Q-12
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_312_group
AI based duplicate group recommendation
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#473
opened Apr 22, 2024 by
c4-bot-10
Slippage checks are disabled in an edge case when minting/burning options; may lead to loss of funds
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
edited-by-warden
grade-b
Q-17
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_302_group
AI based duplicate group recommendation
#424
opened Apr 22, 2024 by
c4-bot-8
wrong implement of " twapFilter" in PanopticMath.sol.
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-a
primary issue
Highest quality submission among a set of duplicates
Q-18
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_239_group
AI based duplicate group recommendation
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#421
opened Apr 22, 2024 by
c4-bot-10
DOS would happen in some instances of minting or burning an ITM option
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-435
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_415_group
AI based duplicate group recommendation
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#415
opened Apr 22, 2024 by
c4-bot-6
Wrong leg Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
edited-by-warden
M-08
primary issue
Highest quality submission among a set of duplicates
🤖_140_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
chunkKey
calculation in haircutPremia
function
2 (Med Risk)
#374
opened Apr 22, 2024 by
c4-bot-7
Error in Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-501
grade-b
Q-23
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_61_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
maxMint
calculation
bug
#370
opened Apr 22, 2024 by
c4-bot-8
Withdrawal/redemptions employ a non-user provided hardcoded slippage in their executions
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-365
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_148_group
AI based duplicate group recommendation
#331
opened Apr 21, 2024 by
c4-bot-5
ERC1155::supportsInterface
should be virtual
bug
#322
opened Apr 21, 2024 by
c4-bot-1
deposit
fails to validate the maximum deposit amount.
bug
#300
opened Apr 21, 2024 by
c4-bot-8
Option Sellers can DoS Option Buyers using EOA Accounts from exercising options that are ITM.
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
edited-by-warden
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_274_group
AI based duplicate group recommendation
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#274
opened Apr 20, 2024 by
c4-bot-8
Incorrect duration used for the TWAP calculation in Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-239
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_239_group
AI based duplicate group recommendation
PanopticMath.twapFilter()
bug
#268
opened Apr 20, 2024 by
c4-bot-4
The returned value for "observe" call in Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-195
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_195_group
AI based duplicate group recommendation
twapFilter
doesn't round up for negative tick deltas
bug
#248
opened Apr 19, 2024 by
c4-bot-8
No enforcement of a minimum postion size causes that liquidators have no incentive to liquidate small positions
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-313
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_190_group
AI based duplicate group recommendation
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#247
opened Apr 19, 2024 by
c4-bot-7
twapFilter()
would return the wrong prices for negative tick deltas since it doesn't round up for them
bug
#195
opened Apr 18, 2024 by
c4-bot-9
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.