Skip to content

Issues: code-423n4/2024-07-reserve-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

25 Open 93 Closed
25 Open 93 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or ⇧ + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€

Issues list

RSR holders could get less staked stRSR than expected bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-b primary issue Highest quality submission among a set of duplicates Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_15_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#113 opened Aug 21, 2024 by howlbot-integration bot
4
QA Report 2nd place bug Something isn't working edited-by-warden grade-a Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#111 opened Aug 21, 2024 by howlbot-integration bot
3
QA Report bug Something isn't working edited-by-warden grade-b Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#110 opened Aug 21, 2024 by howlbot-integration bot
1
QA Report bug Something isn't working grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#109 opened Aug 21, 2024 by howlbot-integration bot
1
QA Report 2nd place bug Something isn't working edited-by-warden grade-a Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#108 opened Aug 21, 2024 by howlbot-integration bot
3
QA Report bug Something isn't working grade-b Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#107 opened Aug 21, 2024 by howlbot-integration bot
1
Throttle rate is applied incorrectly. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_52_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#89 opened Aug 20, 2024 by howlbot-integration bot
7
Fixed#safeMulDiv rounds incorrect when rounding mode is set to ROUND bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates Q-08 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#64 opened Aug 20, 2024 by howlbot-integration bot
4
Auctioning revenue for rToken when issuance is disabled could lead to limited participation and worse pricing bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#62 opened Aug 20, 2024 by howlbot-integration bot
3
rTokenTrader#distributeTokenToBuy could be bypassed during setDistribution by purposefully providing too little gas bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#61 opened Aug 20, 2024 by howlbot-integration bot
5
RToken can manipulate distribution to avoid paying DAO fees 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden insufficient quality report This report is not of sufficient quality M-01 πŸ€–_primary AI based primary recommendation πŸ€–_28_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#53 opened Aug 19, 2024 by c4-bot-6
5
BackingManager getting blocklisted by one token will result in DoS bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-33 grade-b Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation sufficient quality report This report is of sufficient quality
#43 opened Aug 19, 2024 by c4-bot-5
3
Broken assumptions can lead to the inability to seize RSR 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-02 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation πŸ€–_15_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#39 opened Aug 19, 2024 by c4-bot-3
11
The default Governor Anastasius is unable to call resetStakes 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-03 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#36 opened Aug 19, 2024 by c4-bot-3
3
QA Report 1st place bug Something isn't working edited-by-warden grade-a Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation selected for report This submission will be included/highlighted in the audit report
#34 opened Aug 19, 2024 by c4-bot-10
6
Collaterals that become nonfunctional during an auction can DoS an RToken's rebalancing capabilities bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_60_group AI based duplicate group recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#33 opened Aug 19, 2024 by c4-bot-10
5
Dutch auctions can fail to settle if any other collateral in the basket behaves unexpectedly 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-04 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation πŸ€–_60_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#32 opened Aug 19, 2024 by c4-bot-4
11
Dutch auctions are vulnerable to block stuffing on L2s bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation satisfactory satisfies C4 submission criteria; eligible for awards sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#27 opened Aug 19, 2024 by c4-bot-10
12
Users can dodge losses due to StRSR era changes with instant operations 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-05 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation πŸ€–_19_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#21 opened Aug 19, 2024 by c4-bot-9
14
The time available for a canceled withdrawal should not impact future unstaking processes 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-06 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#18 opened Aug 19, 2024 by c4-bot-3
8
The throttle may be incorrectly updated when dissolving or melting rTokens bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-89 edited-by-warden grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation πŸ€–_52_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#15 opened Aug 19, 2024 by c4-bot-10
14
QA Report bug Something isn't working edited-by-warden grade-b Q-12 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#11 opened Aug 17, 2024 by c4-bot-1
1
QA Report 2nd place bug Something isn't working edited-by-warden grade-a Q-11 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation
#10 opened Aug 16, 2024 by c4-bot-7
3
The traceEnd in BackingManager isn't updating correctly 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-07 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation πŸ€–_60_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#6 opened Aug 15, 2024 by c4-bot-7
12
Agreements & Disclosures
#1 opened Jul 27, 2024 by code4rena-id bot
ProTip! Adding no:label will show everything without a label.