Skip to content
This repository has been archived by the owner on Apr 28, 2024. It is now read-only.

Issues: sherlock-audit/2023-10-real-wagmi-judging

12 Open 184 Closed
12 Open 184 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

detectiveking - Borrower collateral that they are owed can get stuck in Vault and not sent back to them after calling repay Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#122 opened Oct 23, 2023 by sherlock-admin2
@fann95
24
HHK - Wrong accLoanRatePerSeconds in repay() can lead to underflow Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#119 opened Oct 23, 2023 by sherlock-admin
@fann95
16
talfao - No slippage protection during repayment due to dynamic slippage params and easily influenced slot0() Disagree With Severity The sponsor disputed the severity of this issue Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#109 opened Oct 23, 2023 by sherlock-admin
@fann95
6
HHK - computePoolAddress() will not work on ZkSync Era Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Won't Fix The sponsor confirmed this issue will not be fixed
#104 opened Oct 23, 2023 by sherlock-admin2
@fann95
3
seeques - Incorrect calculations of borrowingCollateral leads to DoS for positions in the current tick range due to underflow Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#86 opened Oct 23, 2023 by sherlock-admin2
@fann95
14
0x52 - Blacklisted creditor can block all repayment besides emergency closure Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#83 opened Oct 23, 2023 by sherlock-admin
@fann95
2
0x52 - Adversary can overwrite function selector in _patchAmountAndCall due to inline assembly lack of overflow protection Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#82 opened Oct 23, 2023 by sherlock-admin2
@fann95
4
0x52 - Creditor can maliciously burn UniV3 position to permanently lock funds Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#78 opened Oct 23, 2023 by sherlock-admin2
@fann95
2
0x52 - Adversary can reenter takeOverDebt() during liquidation to steal vault funds High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#76 opened Oct 23, 2023 by sherlock-admin2
@fann95
3
AuditorPraise - old borrowing key is used instead of newBorrowingKey when adding old loans to the newBorrowing in LiquidityBorrowingManager.takeOverDebt() Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#53 opened Oct 23, 2023 by sherlock-admin
@fann95
3
HHK - No deadline and slippage check on takeOverDebt() can lead to unexpected results Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#51 opened Oct 23, 2023 by sherlock-admin
@fann95
26
0xDetermination - DoS of lenders and gas griefing by packing tokenIdToBorrowingKeys arrays Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#15 opened Oct 23, 2023 by sherlock-admin
@fann95
2
ProTip! Find all open issues with in progress development work with linked:pr.