Skip to content

Issues: code-423n4/2024-04-panoptic-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
26 Open 61 Closed
26 Open 61 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Attacker can mint long position with dust amount to make a loss to protocol bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-313 grade-b Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_352_group AI based duplicate group recommendation
#581 opened Apr 22, 2024 by c4-bot-6
4
Nondeterministic clone can cause issues in case of reorg bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#573 opened Apr 22, 2024 by c4-bot-1
6
Return values of approve() not checked bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#565 opened Apr 22, 2024 by c4-bot-4
2
maxMint() violates EIP-4626 bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-501 grade-b Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_61_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#553 opened Apr 22, 2024 by c4-bot-2
7
Lack of Arbitrum Sequencer Uptime Checks in CollateralTracker Contract bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#546 opened Apr 22, 2024 by c4-bot-8
1
Median is not updated when burning a position, which can result in an inaccurate solvency check bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#540 opened Apr 22, 2024 by c4-bot-9
10
PanopticFactory uses spot price when deploying new pools, resulting in liquidity manipulation when minting 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-01 primary issue Highest quality submission among a set of duplicates 🤖_30_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#537 opened Apr 22, 2024 by c4-bot-7
8
haircutPremia will not cover protocol losses using liquidatee long premiums bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_242_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#534 opened Apr 22, 2024 by c4-bot-6
5
PanopticFactory can be bricked and become unusable bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_16_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#523 opened Apr 22, 2024 by c4-bot-8
5
MaxLimit is not implemented in minting bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-501 grade-b Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_61_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards
#513 opened Apr 22, 2024 by c4-bot-9
4
_validatePositionList() does not check for duplicate tokenIds, allowing attackers to bypass solvency checks 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-02 primary issue Highest quality submission among a set of duplicates 🤖_178_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#498 opened Apr 22, 2024 by c4-bot-3
13
Malicious users will purchase dust amount of options to prevent option sellers from burning their options bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-12 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_312_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#473 opened Apr 22, 2024 by c4-bot-10
6
Slippage checks are disabled in an edge case when minting/burning options; may lead to loss of funds bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-b Q-17 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_302_group AI based duplicate group recommendation
#424 opened Apr 22, 2024 by c4-bot-8
17
wrong implement of " twapFilter" in PanopticMath.sol. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates Q-18 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_239_group AI based duplicate group recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#421 opened Apr 22, 2024 by c4-bot-10
7
DOS would happen in some instances of minting or burning an ITM option bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-435 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_415_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#415 opened Apr 22, 2024 by c4-bot-6
4
Wrong leg chunkKey calculation in haircutPremia function 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden M-08 primary issue Highest quality submission among a set of duplicates 🤖_140_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#374 opened Apr 22, 2024 by c4-bot-7
6
Error in maxMint calculation bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-501 grade-b Q-23 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_61_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#370 opened Apr 22, 2024 by c4-bot-8
8
Withdrawal/redemptions employ a non-user provided hardcoded slippage in their executions bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-365 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_148_group AI based duplicate group recommendation
#331 opened Apr 21, 2024 by c4-bot-5
4
ERC1155::supportsInterface should be virtual bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b Q-28 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#322 opened Apr 21, 2024 by c4-bot-1
2
deposit fails to validate the maximum deposit amount. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-501 grade-b Q-30 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_61_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards
#300 opened Apr 21, 2024 by c4-bot-8
4
Option Sellers can DoS Option Buyers using EOA Accounts from exercising options that are ITM. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_274_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#274 opened Apr 20, 2024 by c4-bot-8
3
Incorrect duration used for the TWAP calculation in PanopticMath.twapFilter() bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-239 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_239_group AI based duplicate group recommendation
#268 opened Apr 20, 2024 by c4-bot-4
4
The returned value for "observe" call in twapFilter doesn't round up for negative tick deltas bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-195 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_195_group AI based duplicate group recommendation
#248 opened Apr 19, 2024 by c4-bot-8
2
No enforcement of a minimum postion size causes that liquidators have no incentive to liquidate small positions bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-313 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_190_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#247 opened Apr 19, 2024 by c4-bot-7
5
twapFilter() would return the wrong prices for negative tick deltas since it doesn't round up for them bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_195_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#195 opened Apr 18, 2024 by c4-bot-9
3
ProTip! Mix and match filters to narrow down what you’re looking for.