Skip to content

Issues: code-423n4/2023-03-mute-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

23 Open 26 Closed
23 Open 26 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

QA Report bug Something isn't working grade-b Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#44 opened Apr 3, 2023 by code423n4
1
Gas Optimizations bug Something isn't working G (Gas Optimization) G-01 grade-b
#43 opened Apr 3, 2023 by code423n4
1
Award is still distributed when there aren't any stakers, allowing users to get reward without staking 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) M-01 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#41 opened Apr 3, 2023 by code423n4
11
QA Report bug Something isn't working grade-b Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#40 opened Apr 3, 2023 by code423n4
2
QA Report bug Something isn't working grade-b Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#38 opened Apr 3, 2023 by code423n4
1
A user can 'borrow' dMute balance for a single block to increase their amplifier APY 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-02 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#36 opened Apr 3, 2023 by code423n4
5
MuteAmplifier.rescueTokens() checks the wrong condition for muteToken 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#32 opened Apr 3, 2023 by code423n4
4
Gas Optimizations bug Something isn't working G (Gas Optimization) G-02 grade-a selected for report This submission will be included/highlighted in the audit report
#31 opened Apr 3, 2023 by code423n4
2
Bond max-buyer might end up buying the max buy of the next epoch 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-01 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#25 opened Apr 3, 2023 by code423n4
4
Attacker can front-run Bond buyer and make them buy it for a lower payout than expected 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working edited-by-warden H-02 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#24 opened Apr 3, 2023 by code423n4
5
An edge case in amplifier allows user to stake after end time, causing reward to be locked in the contract 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-04 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#23 opened Apr 3, 2023 by code423n4
4
MuteBond is susceptible to DOS 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-05 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#22 opened Apr 3, 2023 by code423n4
4
Amplifier users might not get all the LP fees they are entitled to 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-06 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#21 opened Apr 3, 2023 by code423n4
2
MuteAmplifier.sol: multiplier calculation is incorrect which leads to loss of rewards for almost all stakers 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-07 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#19 opened Apr 2, 2023 by code423n4
4
MuteAmplifier.sol: rescueTokens function does not prevent fee tokens from being transferred 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-08 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#18 opened Apr 1, 2023 by code423n4
4
QA Report bug Something isn't working edited-by-warden grade-a Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax selected for report This submission will be included/highlighted in the audit report
#17 opened Apr 1, 2023 by code423n4
2
MuteBond.sol: When maxPayout is lowered the contract can end up DOSed 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-09 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report
#14 opened Mar 31, 2023 by code423n4
3
deposit() might fail to enforce the minimum payout constraint near the end of an epoch. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#8 opened Mar 30, 2023 by code423n4
5
dMute.sol: Attacker can push lock items to victim's array such that redemptions are forever blocked 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") upgraded by judge Original issue severity upgraded from QA/Gas by judge
#6 opened Mar 30, 2023 by code423n4
7
QA Report bug Something isn't working edited-by-warden grade-a Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#5 opened Mar 29, 2023 by code423n4
2
Division-before-multiplication precision loss issue for update() bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax satisfactory satisfies C4 submission criteria; eligible for awards sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#4 opened Mar 29, 2023 by code423n4
10
Gas Optimizations bug Something isn't working edited-by-warden G (Gas Optimization) G-03 grade-a
#2 opened Mar 28, 2023 by code423n4
1
Agreements & Disclosures
#1 opened Mar 22, 2023 by code423n4
ProTip! Add no:assignee to see everything that’s not assigned.