Skip to content

Issues: sherlock-audit/2024-02-perpetual-judging

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

14 Open 138 Closed
14 Open 138 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

ge6a - Loss of funds for trader because whitelisted maker can't be liquidated Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Disputed The sponsor disputed this issue's validity
#140 opened Mar 18, 2024 by sherlock-admin3
15
jokr - Incorrect premium calculation in OracleMaker Disagree With Severity The sponsor disputed the severity of this issue Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#137 opened Mar 18, 2024 by sherlock-admin3
4
nirohgo - Funding Fee Rate is calculated based only on the Oracle Maker's skew but applied across the entire market, which enables an attacker to generate an extreme funding rate for a low cost and leverage that to their benefit Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#133 opened Mar 18, 2024 by sherlock-admin4
83
IllIllI - Borrow fees can be arbitrarily increased without the maker providing any value Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#126 opened Mar 18, 2024 by sherlock-admin3
42
IllIllI - Two Pyth prices can be used in the same transaction to attack the LP pools Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#123 opened Mar 18, 2024 by sherlock-admin3
2
IllIllI - No slippage control on maker LP deposit()/withdraw() Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Disputed The sponsor disputed this issue's validity
#121 opened Mar 18, 2024 by sherlock-admin4
10
IllIllI - Attackers can sandwich their own trades up to the price bands Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#119 opened Mar 18, 2024 by sherlock-admin4
26
IllIllI - SpotHedgeBaseMaker LPs will be able to extract value during a USDT/USDC de-peg Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#118 opened Mar 18, 2024 by sherlock-admin3
1
IllIllI - Withdrawal caps can be bypassed by opening positions against the SpotHedgeBaseMaker Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#117 opened Mar 18, 2024 by sherlock-admin3
2
IllIllI - Price band caps apply to decreasing orders, but not to liquidations Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#116 opened Mar 18, 2024 by sherlock-admin2
30
IllIllI - Attackers can create positions that have no incentive to be liquidated Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#115 opened Mar 18, 2024 by sherlock-admin2
13
ether_sky - There may be excess funds in the PnL pool or bad debt due to the funding fee. Escalation Resolved This issue's escalations have been approved/rejected Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#102 opened Mar 18, 2024 by sherlock-admin3
19
ether_sky - In certain cases, users are unable to settle their orders with the PartialFill trade type. Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#95 opened Mar 18, 2024 by sherlock-admin2
3
PUSH0 - OracleMaker's price with spread does not take into account the new position Escalation Resolved This issue's escalations have been approved/rejected Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Disputed The sponsor disputed this issue's validity Won't Fix The sponsor confirmed this issue will not be fixed
#25 opened Mar 18, 2024 by sherlock-admin4
20
ProTip! Add no:assignee to see everything that’s not assigned.