-
Notifications
You must be signed in to change notification settings - Fork 0
Issues: code-423n4/2022-02-anchor-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
QA Report
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#78
opened Mar 9, 2022 by
code423n4
Negative distribution amounts if times are out of order
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#76
opened Mar 9, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
#74
opened Mar 9, 2022 by
code423n4
Potential lock of rewards in the custody contracts
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
#71
opened Mar 9, 2022 by
code423n4
CrossAnchorBridge
does not handle fee-on-transfer tokens correctly
bug
#68
opened Mar 9, 2022 by
code423n4
QA Report
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#67
opened Mar 9, 2022 by
code423n4
Governance Voting Dis-proportionally Favours Users Who Stake And Vote After A Poll Has Been Created And Had Its Snapshot Taken
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#64
opened Mar 9, 2022 by
code423n4
Updating the hub’s token contract address may lead to incorrect undelegation amount
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
#62
opened Mar 9, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
#60
opened Mar 9, 2022 by
code423n4
QA Report
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#59
opened Mar 9, 2022 by
code423n4
Missing Access Control for FabricateMIRClaim and FabricateANCClaim
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
#58
opened Mar 9, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
#53
opened Mar 9, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
#52
opened Mar 9, 2022 by
code423n4
QA Report
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#51
opened Mar 9, 2022 by
code423n4
[WP-H4] Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
anchor_basset_reward
pending yields can be stolen
2 (Med Risk)
#48
opened Mar 9, 2022 by
code423n4
[WP-H3] Assets can be stolen/lost/compromised directly
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
money-market-contracts/oracle#feed_prices()
delayed transaction may disrupt price feeds
3 (High Risk)
#47
opened Mar 9, 2022 by
code423n4
[WP-H2] Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
money-market-contracts/contracts/market
claim_rewards
may revert due to spend_limit
set on distributor
2 (Med Risk)
#46
opened Mar 9, 2022 by
code423n4
[WP-H0] When transferring tokens not in Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
whitelist
on Ethereum to Terra with CrossAnchorBridge.depositStable()
, the funds may get frozen
2 (Med Risk)
#44
opened Mar 9, 2022 by
code423n4
QA Report
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#43
opened Mar 9, 2022 by
code423n4
Simple interest calculation is not exact
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#41
opened Mar 9, 2022 by
code423n4
Staking tokens can be stolen
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
#37
opened Mar 9, 2022 by
code423n4
Sandwich attack on astroport sweep
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#33
opened Mar 9, 2022 by
code423n4
Unbonding validator random selection can be predicted
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#29
opened Mar 9, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
#26
opened Mar 9, 2022 by
code423n4
QA Report
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#25
opened Mar 9, 2022 by
code423n4
Previous Next
ProTip!
Type g p on any issue or pull request to go back to the pull request listing page.