-
Notifications
You must be signed in to change notification settings - Fork 2
Issues: sherlock-audit/2024-02-perpetual-judging
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
ge6a - Loss of funds for trader because whitelisted maker can't be liquidated
Escalation Resolved
This issue's escalations have been approved/rejected
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Disputed
The sponsor disputed this issue's validity
#140
opened Mar 18, 2024 by
sherlock-admin3
jokr - Incorrect premium calculation in OracleMaker
Disagree With Severity
The sponsor disputed the severity of this issue
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#137
opened Mar 18, 2024 by
sherlock-admin3
nirohgo - Funding Fee Rate is calculated based only on the Oracle Maker's skew but applied across the entire market, which enables an attacker to generate an extreme funding rate for a low cost and leverage that to their benefit
Escalation Resolved
This issue's escalations have been approved/rejected
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#133
opened Mar 18, 2024 by
sherlock-admin4
IllIllI - Borrow fees can be arbitrarily increased without the maker providing any value
Escalation Resolved
This issue's escalations have been approved/rejected
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#126
opened Mar 18, 2024 by
sherlock-admin3
IllIllI - Two Pyth prices can be used in the same transaction to attack the LP pools
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
High
A valid High severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#123
opened Mar 18, 2024 by
sherlock-admin3
IllIllI - No slippage control on maker LP This issue's escalations have been approved/rejected
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Disputed
The sponsor disputed this issue's validity
deposit()
/withdraw()
Escalation Resolved
#121
opened Mar 18, 2024 by
sherlock-admin4
IllIllI - Attackers can sandwich their own trades up to the price bands
Escalation Resolved
This issue's escalations have been approved/rejected
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#119
opened Mar 18, 2024 by
sherlock-admin4
IllIllI - SpotHedgeBaseMaker LPs will be able to extract value during a USDT/USDC de-peg
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#118
opened Mar 18, 2024 by
sherlock-admin3
IllIllI - Withdrawal caps can be bypassed by opening positions against the SpotHedgeBaseMaker
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#117
opened Mar 18, 2024 by
sherlock-admin3
IllIllI - Price band caps apply to decreasing orders, but not to liquidations
Escalation Resolved
This issue's escalations have been approved/rejected
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#116
opened Mar 18, 2024 by
sherlock-admin2
IllIllI - Attackers can create positions that have no incentive to be liquidated
Escalation Resolved
This issue's escalations have been approved/rejected
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#115
opened Mar 18, 2024 by
sherlock-admin2
ether_sky - There may be excess funds in the PnL pool or bad debt due to the funding fee.
Escalation Resolved
This issue's escalations have been approved/rejected
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#102
opened Mar 18, 2024 by
sherlock-admin3
ether_sky - In certain cases, users are unable to settle their orders with the PartialFill trade type.
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#95
opened Mar 18, 2024 by
sherlock-admin2
PUSH0 - OracleMaker's price with spread does not take into account the new position
Escalation Resolved
This issue's escalations have been approved/rejected
Has Duplicates
A valid issue with 1+ other issues describing the same vulnerability
Medium
A valid Medium severity issue
Reward
A payout will be made for this issue
Sponsor Disputed
The sponsor disputed this issue's validity
Won't Fix
The sponsor confirmed this issue will not be fixed
#25
opened Mar 18, 2024 by
sherlock-admin4
ProTip!
Add no:assignee to see everything that’s not assigned.