Skip to content
This repository has been archived by the owner on Dec 24, 2023. It is now read-only.

Issues: sherlock-audit/2023-04-ajna-judging

12 Open 101 Closed
12 Open 101 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Chinmay - KickerActions uses wrong check to prevent Kickers from using deposits below LUP for KIckWithDeposit Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#113 opened Jun 22, 2023 by sherlock-admin
13
Chinmay - Wrong Inflator used in calculating HTP to determine accrualIndex in accrueInterest Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#111 opened Jun 22, 2023 by sherlock-admin
2
hyh - Debt write off can be prohibited by HPB depositor by continuously allocating settlement blocking dust deposits in the higher buckets High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#110 opened Jun 22, 2023 by sherlock-admin
5
hyh - LUP is not recalculated after adding kicking penalty to pool's debt, so kick() updates the pool state with an outdated LUP Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#107 opened Jun 22, 2023 by sherlock-admin
2
hyh - Settlement can be called when auction period isn't concluded, allowing HPB depositors to game bad debt settlements High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#106 opened Jun 22, 2023 by sherlock-admin
2
hyh - LenderActions's moveQuoteToken can create a total debt undercoverage Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#88 opened Jun 22, 2023 by sherlock-admin
2
hyh - moveQuoteToken updates pool state using intermediary LUP, biasing pool's interest rate calculations High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#87 opened Jun 22, 2023 by sherlock-admin
2
hyh - kickWithDeposit removes the deposit without HTP pool state check High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#86 opened Jun 22, 2023 by sherlock-admin
2
hyh - Limit index isn't checked in repayDebt, so user control is void Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#85 opened Jun 22, 2023 by sherlock-admin
7
hyh - Due to excessive HTP check moveQuoteToken can be unavailable for big deposits Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#84 opened Jun 22, 2023 by sherlock-admin
2
hyh - Pool's kickWithDeposit misses liquidation debt check High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#82 opened Jun 22, 2023 by sherlock-admin
2
branch_indigo - Lenders lose interests and pay deposit fees due to no slippage control Disagree With Severity The sponsor disputed the severity of this issue Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Will Fix The sponsor confirmed this issue will be fixed
#72 opened Jun 22, 2023 by sherlock-admin
14
ProTip! What’s not been updated in a month: updated:<2024-10-11.