Skip to content

Issues: code-423n4/2023-08-reserve-mitigation-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

34 Open 8 Closed
34 Open 8 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

M-06 MitigationConfirmed mitigation-confirmed MR-M-06 satisfactory satisfies C4 submission criteria; eligible for awards
#41 opened Aug 22, 2023 by code423n4
1
Attacker might disable trading by faking a report violation 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working MR-M-02 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#40 opened Aug 22, 2023 by code423n4
4
M-11 MitigationConfirmed mitigation-confirmed MR-M-11 satisfactory satisfies C4 submission criteria; eligible for awards
#39 opened Aug 22, 2023 by code423n4
1
M-08 MitigationConfirmed mitigation-confirmed MR-M-08 satisfactory satisfies C4 submission criteria; eligible for awards
#38 opened Aug 22, 2023 by code423n4
1
Furnace would melt less than intended 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working MR-M-04 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#37 opened Aug 22, 2023 by code423n4
4
Funds aren't distributed before changing distribution 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working MR-M-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#36 opened Aug 22, 2023 by code423n4
7
M-10 MitigationConfirmed mitigation-confirmed MR-M-10 satisfactory satisfies C4 submission criteria; eligible for awards
#35 opened Aug 22, 2023 by code423n4
1
M-07 MitigationConfirmed mitigation-confirmed MR-M-07 satisfactory satisfies C4 submission criteria; eligible for awards
#34 opened Aug 22, 2023 by code423n4
1
M-09 MitigationConfirmed mitigation-confirmed MR-M-09 satisfactory satisfies C4 submission criteria; eligible for awards
#33 opened Aug 22, 2023 by code423n4
1
M-01 MitigationConfirmed mitigation-confirmed MR-M-01 satisfactory satisfies C4 submission criteria; eligible for awards
#32 opened Aug 22, 2023 by code423n4
1
Protocol might enter a state of doubt, where stakers won't stake in fear that the government would execute a reset bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue grade-a MR-H-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax satisfactory satisfies C4 submission criteria; eligible for awards sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#31 opened Aug 22, 2023 by code423n4
8
H-01 MitigationConfirmed mitigation-confirmed MR-H-01 satisfactory satisfies C4 submission criteria; eligible for awards
#30 opened Aug 22, 2023 by code423n4
1
In case if asset was unregistered right before RevenueTrader.manageTokens was called, then asset is stucked bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax selected for report This submission will be included/highlighted in the audit report
#29 opened Aug 18, 2023 by code423n4
5
M-10 Unmitigated bug Something isn't working MR-M-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax satisfactory satisfies C4 submission criteria; eligible for awards sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") unmitigated
#28 opened Aug 18, 2023 by code423n4
6
M-11 MitigationConfirmed confirmed for report This issue is confirmed for report mitigation-confirmed MR-M-11 satisfactory satisfies C4 submission criteria; eligible for awards
#27 opened Aug 18, 2023 by code423n4
2
M-09 MitigationConfirmed mitigation-confirmed MR-M-09 satisfactory satisfies C4 submission criteria; eligible for awards
#26 opened Aug 18, 2023 by code423n4
1
M-08 MitigationConfirmed mitigation-confirmed MR-M-08 satisfactory satisfies C4 submission criteria; eligible for awards
#25 opened Aug 18, 2023 by code423n4
1
M-07 MitigationConfirmed confirmed for report This issue is confirmed for report mitigation-confirmed MR-M-07 satisfactory satisfies C4 submission criteria; eligible for awards
#24 opened Aug 18, 2023 by code423n4
2
M-06 MitigationConfirmed mitigation-confirmed MR-M-06 satisfactory satisfies C4 submission criteria; eligible for awards
#23 opened Aug 18, 2023 by code423n4
1
M-03 MitigationConfirmed mitigation-confirmed MR-M-03 satisfactory satisfies C4 submission criteria; eligible for awards
#21 opened Aug 18, 2023 by code423n4
1
dutchTradeDisabled[erc20] gives governance an incentive to disable RSR auctions 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working MR-M-02 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#20 opened Aug 18, 2023 by code423n4
6
M-11 MitigationConfirmed mitigation-confirmed MR-M-11 satisfactory satisfies C4 submission criteria; eligible for awards
#18 opened Aug 17, 2023 by code423n4
1
M-10 MitigationConfirmed mitigation-confirmed MR-M-10 satisfactory satisfies C4 submission criteria; eligible for awards
#17 opened Aug 17, 2023 by code423n4
1
M-09 MitigationConfirmed confirmed for report This issue is confirmed for report mitigation-confirmed MR-M-09 satisfactory satisfies C4 submission criteria; eligible for awards
#16 opened Aug 17, 2023 by code423n4
2
M-08 MitigationConfirmed confirmed for report This issue is confirmed for report mitigation-confirmed MR-M-08 satisfactory satisfies C4 submission criteria; eligible for awards
#15 opened Aug 17, 2023 by code423n4
2
ProTip! Find all open issues with in progress development work with linked:pr.