Skip to content

Issues: code-423n4/2024-10-loopfi-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

15 Open 22 Closed
15 Open 22 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or ⇧ + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€

Issues list

Change in cooldown should not affect users' withdrawal wait time. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-b Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation πŸ€–_09_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#38 opened Nov 18, 2024 by howlbot-integration bot
4
Issue is not fixed: Token array not sorted in PoolAction.transferAndJoin bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation sufficient quality report This report is of sufficient quality
#37 opened Nov 18, 2024 by howlbot-integration bot
4
QA Report bug Something isn't working grade-b Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#34 opened Oct 19, 2024 by howlbot-integration bot
1
Eth may be transferred from treasury contract bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-15 grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_11_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#33 opened Oct 19, 2024 by howlbot-integration bot
2
Invalid handling of flash loan fees in PositionAction::onCreditFlashLoan, forcing it to always revert 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden M-01 primary issue Highest quality submission among a set of duplicates πŸ€–_14_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#27 opened Oct 19, 2024 by howlbot-integration bot
5
Invalid handling of risdual amount in PositionAction::onCreditFlashLoan, forcing it to revert 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-02 primary issue Highest quality submission among a set of duplicates πŸ€–_14_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#26 opened Oct 19, 2024 by howlbot-integration bot
6
Rewards might be lost due to the error that _updateRewardIndex() might advance lastBalance without advancing index for a token. 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-01 primary issue Highest quality submission among a set of duplicates πŸ€–_06_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#25 opened Oct 19, 2024 by howlbot-integration bot
1
5
Incompatibility Between Solidity Version Pragma and Custom Error Syntax in Locking.sol bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#24 opened Oct 19, 2024 by howlbot-integration bot
3
Some residual recipients would now have their residues stuck in SwapAction after swap bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#18 opened Oct 19, 2024 by howlbot-integration bot
3
PositionAction4626.sol#_onWithdraw should withdraw from position CDPVault position instead of address(this). 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#13 opened Oct 18, 2024 by c4-bot-10
2
SwapAction.sol#transferAndSwap is still payable though direct ETH is not supported anymore. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax πŸ€–_primary AI based primary recommendation πŸ€–_07_group AI based duplicate group recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#12 opened Oct 18, 2024 by c4-bot-8
2
PositionActionPendle.sol#_onWithdraw does not have slippage parameter minOut set. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-04 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation πŸ€–_41_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#10 opened Oct 18, 2024 by c4-bot-8
2
PositionAction.sol#onCreditFlashLoan may end up with stuck funds for EXACT_IN primary swaps. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-05 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation πŸ€–_14_group AI based duplicate group recommendation selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#3 opened Oct 18, 2024 by c4-bot-10
6
CDPVault.sol#liquidatePositionBadDebt() does correctly handle profit and loss 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-02 primary issue Highest quality submission among a set of duplicates πŸ€–_primary AI based primary recommendation πŸ€–_27_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#2 opened Oct 18, 2024 by c4-bot-8
1
8
Agreements & Disclosures
#1 opened Oct 9, 2024 by code4rena-id bot
ProTip! Type g i on any issue or pull request to go back to the issue listing page.