-
Notifications
You must be signed in to change notification settings - Fork 1
Issues: code-423n4/2024-03-abracadabra-money-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Gas Optimizations
bug
Something isn't working
edited-by-warden
G (Gas Optimization)
G-01
grade-a
insufficient quality report
This report is not of sufficient quality
#242
opened Mar 12, 2024 by
c4-bot-9
Pool Creation Failure Due to WETH Transfer Compatibility Issue on Some Chains
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-01
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
sufficient quality report
This report is of sufficient quality
#237
opened Mar 12, 2024 by
c4-bot-9
Tokens yeild can not be set to claimable.
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
M-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
sufficient quality report
This report is of sufficient quality
#236
opened Mar 12, 2024 by
c4-bot-10
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-02
grade-b
sufficient quality report
This report is of sufficient quality
#234
opened Mar 12, 2024 by
c4-bot-5
When a trader swaps from a smart contract wallet, anyone could make them lose additional value through the trade.
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
primary issue
Highest quality submission among a set of duplicates
Q-02
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sufficient quality report
This report is of sufficient quality
#232
opened Mar 12, 2024 by
c4-bot-5
Miscalculation in addLiquidity of Router results in unauthorized spending of tokens
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
M-03
primary issue
Highest quality submission among a set of duplicates
🤖_92_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
sufficient quality report
This report is of sufficient quality
#231
opened Mar 12, 2024 by
c4-bot-7
Inconsistent Rounding in Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
Q-03
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
_BASE_TARGET_
and _QUOTE_TARGET_
will deviate away from true targets
bug
#230
opened Mar 12, 2024 by
c4-bot-2
Anyone making use of the MagicLP's TWAP to determine token prices will be exploitable.
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
H-01
primary issue
Highest quality submission among a set of duplicates
🤖_31_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
sufficient quality report
This report is of sufficient quality
#227
opened Mar 12, 2024 by
c4-bot-7
Loss of assumed functionality of the Onboarding contract in a highly-sensitive area
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-04
primary issue
Highest quality submission among a set of duplicates
🤖_58_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
sufficient quality report
This report is of sufficient quality
#226
opened Mar 12, 2024 by
c4-bot-9
A user's tokens could be locked for an extended duration beyond their intention and without their control
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
M-05
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
sufficient quality report
This report is of sufficient quality
#225
opened Mar 12, 2024 by
c4-bot-9
MagicLpAggregator always returns lower than correct answer, leading to arbitrage loss
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-06
primary issue
Highest quality submission among a set of duplicates
🤖_56_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
sufficient quality report
This report is of sufficient quality
#223
opened Mar 12, 2024 by
c4-bot-2
Permanent loss of yield for stakers in reward pools due to precision loss.
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-07
primary issue
Highest quality submission among a set of duplicates
🤖_44_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
#222
opened Mar 12, 2024 by
c4-bot-5
Attacker can amplify a rounding error in MagicLP to break the I invariant and cause malicious pricing
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
H-02
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
sufficient quality report
This report is of sufficient quality
upgraded by judge
Original issue severity upgraded from QA/Gas by judge
#221
opened Mar 12, 2024 by
c4-bot-2
QA Report
bug
Something isn't working
grade-b
Q-04
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sufficient quality report
This report is of sufficient quality
#214
opened Mar 12, 2024 by
c4-bot-5
QA Report
bug
Something isn't working
grade-b
Q-05
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sufficient quality report
This report is of sufficient quality
#212
opened Mar 12, 2024 by
c4-bot-10
Factory::create() is vulnerable to reorg attacks
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-08
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
sufficient quality report
This report is of sufficient quality
#211
opened Mar 12, 2024 by
c4-bot-8
QA Report
bug
Something isn't working
grade-a
Q-06
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sufficient quality report
This report is of sufficient quality
#210
opened Mar 12, 2024 by
c4-bot-2
The Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
Q-07
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
sufficient quality report
This report is of sufficient quality
_rewardPerToken
Function performs mainly internal logic but it is marked public instead of internal exposing it to multiple external calls
bug
#208
opened Mar 12, 2024 by
c4-bot-9
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-03
grade-a
sufficient quality report
This report is of sufficient quality
#204
opened Mar 12, 2024 by
c4-bot-1
QA Report
bug
Something isn't working
grade-a
Q-08
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sufficient quality report
This report is of sufficient quality
#201
opened Mar 12, 2024 by
c4-bot-4
ReardTokens can't be removed
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
Q-09
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
sufficient quality report
This report is of sufficient quality
#199
opened Mar 12, 2024 by
c4-bot-8
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-04
grade-a
insufficient quality report
This report is not of sufficient quality
#176
opened Mar 12, 2024 by
c4-bot-4
QA Report
bug
Something isn't working
edited-by-warden
grade-b
Q-10
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sufficient quality report
This report is of sufficient quality
#173
opened Mar 12, 2024 by
c4-bot-8
Adjusting "_I_" will create a sandwich opportunity because of price changes
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
edited-by-warden
M-09
primary issue
Highest quality submission among a set of duplicates
🤖_36_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor acknowledged
Technically the issue is correct, but we're not going to resolve it for XYZ reasons
sufficient quality report
This report is of sufficient quality
#171
opened Mar 12, 2024 by
c4-bot-7
User are not able to withdraw unlocked that deposited into LLE during contract pausing
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
primary issue
Highest quality submission among a set of duplicates
Q-11
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
🤖_40_group
AI based duplicate group recommendation
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
sufficient quality report
This report is of sufficient quality
#154
opened Mar 12, 2024 by
c4-bot-10
Previous Next
ProTip!
no:milestone will show everything without a milestone.