Skip to content

Issues: code-423n4/2023-12-autonolas-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

53 Open 407 Closed
53 Open 407 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

QA Report bug Something isn't working grade-b Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#454 opened Jan 8, 2024 by c4-bot-8
2
Withdraw amount returned by getLiquidityAmountsAndPositions may be incorrect 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) M-01 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#452 opened Jan 8, 2024 by c4-bot-1
6
Analysis A-01 analysis-advanced grade-a high quality report This report is of especially high quality selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#446 opened Jan 8, 2024 by c4-bot-5
4
Permanent DOS in liquidity_lockbox for under $10 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-01 selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#445 opened Jan 8, 2024 by c4-bot-6
3
LP rewards in liquidity_lockbox can be arbitraged 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden M-02 selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#444 opened Jan 8, 2024 by c4-bot-4
3
Griefing attack on liquidity_lockbox withdrawals due to lack of minimum deposit 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-03 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#443 opened Jan 8, 2024 by c4-bot-10
4
CM can delegatecall to any address and bypass all restrictions 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-02 selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#437 opened Jan 8, 2024 by c4-bot-10
3
Tokenomics.checkpoint() may be called on implementation contract directly bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b insufficient quality report This report is not of sufficient quality Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#436 opened Jan 8, 2024 by c4-bot-6
3
Gas Optimizations bug Something isn't working G (Gas Optimization) G-01 grade-b insufficient quality report This report is not of sufficient quality
#416 opened Jan 8, 2024 by c4-bot-9
2
Gas Optimizations bug Something isn't working edited-by-warden G (Gas Optimization) G-02 grade-b insufficient quality report This report is not of sufficient quality
#412 opened Jan 8, 2024 by c4-bot-1
2
Gas Optimizations bug Something isn't working G (Gas Optimization) G-03 grade-b sufficient quality report This report is of sufficient quality
#411 opened Jan 8, 2024 by c4-bot-1
2
Gas Optimizations bug Something isn't working G (Gas Optimization) G-04 grade-b sufficient quality report This report is of sufficient quality
#405 opened Jan 8, 2024 by c4-bot-2
2
Gas Optimizations bug Something isn't working G (Gas Optimization) G-05 grade-a high quality report This report is of especially high quality selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#399 opened Jan 8, 2024 by c4-bot-8
5
Analysis A-02 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#396 opened Jan 8, 2024 by c4-bot-7
4
QA Report bug Something isn't working grade-a Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#393 opened Jan 8, 2024 by c4-bot-10
4
Analysis A-03 analysis-advanced edited-by-warden grade-b sufficient quality report This report is of sufficient quality
#387 opened Jan 8, 2024 by c4-bot-1
5
Wrong invocation of Whirpools's updateFeesAndRewards will cause it to always revert 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-03 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#386 opened Jan 8, 2024 by c4-bot-1
12
QA Report bug Something isn't working grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#385 opened Jan 8, 2024 by c4-bot-1
3
User or a group of users can manipulate IDF value by donating to multiple components bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b insufficient quality report This report is not of sufficient quality primary issue Highest quality submission among a set of duplicates Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#381 opened Jan 8, 2024 by c4-bot-10
14
Possible DOS when withdrawing liquidity from Solana Lockbox 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-04 selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#377 opened Jan 8, 2024 by c4-bot-2
3
Gas Optimizations bug Something isn't working G (Gas Optimization) G-06 grade-a sufficient quality report This report is of sufficient quality
#374 opened Jan 8, 2024 by c4-bot-2
3
Bonds created in year cross epoch's can lead to lost payouts 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-04 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#373 opened Jan 8, 2024 by c4-bot-5
5
EpochLengths close to 1 year will cause the protocol to be stuck bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax satisfactory satisfies C4 submission criteria; eligible for awards sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#371 opened Jan 8, 2024 by c4-bot-9
10
QA Report bug Something isn't working grade-a Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#370 opened Jan 8, 2024 by c4-bot-3
4
Gas Optimizations bug Something isn't working edited-by-warden G (Gas Optimization) G-07 grade-b sufficient quality report This report is of sufficient quality
#369 opened Jan 8, 2024 by c4-bot-8
4
ProTip! Exclude everything labeled bug with -label:bug.