Skip to content

Issues: code-423n4/2022-02-anchor-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

QA Report bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#78 opened Mar 9, 2022 by code423n4
Negative distribution amounts if times are out of order bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#76 opened Mar 9, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization)
#74 opened Mar 9, 2022 by code423n4
Potential lock of rewards in the custody contracts 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
#71 opened Mar 9, 2022 by code423n4
CrossAnchorBridge does not handle fee-on-transfer tokens correctly bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#68 opened Mar 9, 2022 by code423n4
QA Report bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#67 opened Mar 9, 2022 by code423n4
Governance Voting Dis-proportionally Favours Users Who Stake And Vote After A Poll Has Been Created And Had Its Snapshot Taken 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#64 opened Mar 9, 2022 by code423n4
Updating the hub’s token contract address may lead to incorrect undelegation amount 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working
#62 opened Mar 9, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization)
#60 opened Mar 9, 2022 by code423n4
QA Report bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#59 opened Mar 9, 2022 by code423n4
Missing Access Control for FabricateMIRClaim and FabricateANCClaim 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working
#58 opened Mar 9, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization)
#53 opened Mar 9, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization)
#52 opened Mar 9, 2022 by code423n4
QA Report bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#51 opened Mar 9, 2022 by code423n4
[WP-H4] anchor_basset_reward pending yields can be stolen 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working
#48 opened Mar 9, 2022 by code423n4
[WP-H3] money-market-contracts/oracle#feed_prices() delayed transaction may disrupt price feeds 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
#47 opened Mar 9, 2022 by code423n4
[WP-H2] money-market-contracts/contracts/market claim_rewards may revert due to spend_limit set on distributor 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working
#46 opened Mar 9, 2022 by code423n4
[WP-H0] When transferring tokens not in whitelist on Ethereum to Terra with CrossAnchorBridge.depositStable(), the funds may get frozen 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
#44 opened Mar 9, 2022 by code423n4
QA Report bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#43 opened Mar 9, 2022 by code423n4
Simple interest calculation is not exact 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#41 opened Mar 9, 2022 by code423n4
Staking tokens can be stolen 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working
#37 opened Mar 9, 2022 by code423n4
Sandwich attack on astroport sweep 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#33 opened Mar 9, 2022 by code423n4
Unbonding validator random selection can be predicted 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#29 opened Mar 9, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization)
#26 opened Mar 9, 2022 by code423n4
QA Report bug Something isn't working QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#25 opened Mar 9, 2022 by code423n4
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.