-
Notifications
You must be signed in to change notification settings - Fork 13
Issues: code-423n4/2023-05-maia-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Analysis
analysis
grade-b
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#916
opened Jul 5, 2023 by
CloudEllie
Analysis
analysis
grade-b
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#905
opened Jul 5, 2023 by
code423n4
Although Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-01
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
ERC20Boost.decrementGaugesBoostIndexed
function would require user to remove all of her or his boost from a deprecated gauge at once, such user can instead call ERC20Boost.decrementGaugeBoost
function for multiple times to utilize such deprecated gauge and decrement its userGaugeBoost
for multiple times
2 (Med Risk)
#904
opened Jul 5, 2023 by
code423n4
Analysis
A-01
analysis-advanced
grade-b
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#902
opened Jul 5, 2023 by
code423n4
Slippage controls for calling Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
bHermes
contract's ERC4626DepositOnly.deposit
and ERC4626DepositOnly.mint
functions are missing
2 (Med Risk)
#901
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-01
grade-b
#896
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-02
grade-b
#888
opened Jul 5, 2023 by
code423n4
Analysis
A-02
analysis-advanced
grade-b
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#884
opened Jul 5, 2023 by
code423n4
If a STRATEGY TOKEN is "Toggled off" STRATEGIES will still be able to withdraw but returning of tokens with replenishReserves will be disabled.
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-01
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#882
opened Jul 5, 2023 by
code423n4
Analysis
A-03
analysis-advanced
grade-b
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#880
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-03
grade-b
#879
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-04
grade-b
#878
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-05
grade-b
#877
opened Jul 5, 2023 by
code423n4
RootBridgeAgent.redeemSettlement
can be front-run using RootBridgeAgent.retrySettlement
causing redeem DoS
2 (Med Risk)
#869
opened Jul 5, 2023 by
code423n4
Analysis
A-04
analysis-advanced
grade-a
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#868
opened Jul 5, 2023 by
CloudEllie
Many Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-04
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
create
methods are suspicious of the reorg attack
2 (Med Risk)
#861
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-06
grade-b
#848
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-07
grade-a
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#842
opened Jul 5, 2023 by
code423n4
Analysis
A-05
analysis-advanced
grade-a
satisfactory
satisfies C4 submission criteria; eligible for awards
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#840
opened Jul 5, 2023 by
CloudEllie
QA Report
bug
Something isn't working
edited-by-warden
grade-b
Q-06
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#835
opened Jul 5, 2023 by
code423n4
Analysis
A-06
analysis-advanced
grade-a
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#834
opened Jul 5, 2023 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-08
grade-b
#832
opened Jul 5, 2023 by
code423n4
Previous Next
ProTip!
Add no:assignee to see everything that’s not assigned.