Skip to content

Issues: code-423n4/2023-08-dopex-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

188 Open 1,966 Closed
188 Open 1,966 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Incorrect expiration timestamp when swapping tokens bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-898 grade-b Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2217 opened Sep 6, 2023 by code423n4
6
wrong calculation of bondDiscount and weth/rdpx required lead to incorrect amount needed to mint dpxETH bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-481 grade-b Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#2211 opened Sep 6, 2023 by code423n4
8
Bonding WETH discounts can drain WETH reserves of RdpxV2Core contract to zero 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-01 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#2210 opened Sep 6, 2023 by code423n4
5
Gas Optimizations bug Something isn't working G (Gas Optimization) G-01 grade-b sufficient quality report This report is of sufficient quality
#2173 opened Sep 6, 2023 by code423n4
3
Rounding Error in PerpetualAtlanticVaultLP bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-1481 grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#2157 opened Sep 6, 2023 by code423n4
6
The function decreaseAmount can increase the bond amount bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-740 grade-b Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2145 opened Sep 6, 2023 by code423n4
3
Gas Optimizations bug Something isn't working G (Gas Optimization) G-02 grade-b sufficient quality report This report is of sufficient quality
#2134 opened Sep 6, 2023 by code423n4
3
QA Report bug Something isn't working grade-b Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2132 opened Sep 6, 2023 by code423n4
3
The vault allows "free" swaps from WETH to RDPX 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden high quality report This report is of especially high quality M-02 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#2130 opened Sep 6, 2023 by code423n4
7
Gas Optimizations bug Something isn't working G (Gas Optimization) G-03 grade-b sufficient quality report This report is of sufficient quality
#2123 opened Sep 6, 2023 by code423n4
3
DoS for the swap() when token1 in UniV2LiquidityAMO is USDT token bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-797 grade-b Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2119 opened Sep 6, 2023 by code423n4
9
QA Report bug Something isn't working edited-by-warden grade-b Q-08 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2118 opened Sep 6, 2023 by code423n4
4
Malicious user can DOS the funding payment logic of the PerpetualAtlanticVault, meaning LPs lose all yield bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-1798 grade-a Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2099 opened Sep 6, 2023 by code423n4
4
Pausing the bonding of dpxETH can result in bricking critical protocol functionality bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#2094 opened Sep 6, 2023 by code423n4
8
The PerpetualAtlanticVaultLP contract is not a proper implementation of ERC-4626 bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-699 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2091 opened Sep 6, 2023 by code423n4
5
The deposit function of the PerpetualAtlanticVaultLP contract lacks slippage protection bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#2090 opened Sep 6, 2023 by code423n4
7
dpxETH can be severely undercollateralized wrt. ETH, which can result in severe depegging bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-481 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2086 opened Sep 6, 2023 by code423n4
4
PUT option protection is insufficient whenever there's a discount provided on the rDPX collateral for minting dpxETH bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2085 opened Sep 6, 2023 by code423n4
10
Logic for calculating bond discount can result in DOS of dpxETH bonding bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a high quality report This report is of especially high quality primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#2084 opened Sep 6, 2023 by code423n4
12
Improper precision of strike price calculation can result in broken protocol 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-01 high quality report This report is of especially high quality primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#2083 opened Sep 6, 2023 by code423n4
4
QA Report bug Something isn't working grade-b Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2061 opened Sep 6, 2023 by code423n4
3
Gas Optimizations bug Something isn't working G (Gas Optimization) G-04 grade-b sufficient quality report This report is of sufficient quality
#2055 opened Sep 6, 2023 by code423n4
3
RDPX reserve balance can be inflated to apply too much discount when bond bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a high quality report This report is of especially high quality primary issue Highest quality submission among a set of duplicates Q-11 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#2049 opened Sep 5, 2023 by code423n4
9
QA Report bug Something isn't working grade-b Q-12 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#2034 opened Sep 5, 2023 by code423n4
3
Analysis A-01 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#2022 opened Sep 5, 2023 by code423n4
3
ProTip! no:milestone will show everything without a milestone.