Issues
- 7
- 7
Chainlink price feed is not sufficiently validated and can return stale price
#655 opened by code423n4 - 9
Governance NFT holder, whose NFT was minted before `Trading._handleOpenFees` function is called, can lose deserved rewards after `Trading._handleOpenFees` function is called
#649 opened by code423n4 - 2
Upgraded Q -> M from #351 [1674418158719]
#667 opened by c4-judge - 2
Upgraded Q -> M from #97 [1674422838137]
#672 opened by c4-judge - 2
Upgraded Q -> M from #658 [1674423108320]
#674 opened by c4-judge - 2
Upgraded Q -> M from #32 [1671721748112]
#666 opened by c4-judge - 2
- 2
Might lose manager forever
#656 opened by code423n4 - 2
Upgraded Q -> M from #445 [1674423223201]
#675 opened by c4-judge - 1
Unchecked setters
#634 opened by code423n4 - 2
Ignored return value from "IERC20.transferFrom()"
#636 opened by code423n4 - 2
- 3
Upgraded Q -> M from #113 [1674422768939]
#671 opened by c4-judge - 1
Lack of access control
#627 opened by code423n4 - 2
Truncate of values can be avoided
#629 opened by code423n4 - 5
Compromised or malicious owner of `Trading` contract can set fees to be bigger than 100% for blocking users from taking important trading actions, such as initiating closing position
#641 opened by code423n4 - 9
Access to Chainlink price feeds can be blocked to DOS important trading function calls
#653 opened by code423n4 - 6
Distribute has transfer of assets that should use a contract before and after balance
#645 opened by code423n4 - 9
Distribute is open to rewards manipulation
#646 opened by code423n4 - 4
Error in trade accumulated interest calculation
#628 opened by code423n4 - 10
- 2
ERC20 approvals may need to be set to 0 beforehand
#632 opened by code423n4 - 1
- 2
- 2
TradingLibrary#verifyPrice doesn't check if data is fresh which can lead to costly downtime
#647 opened by code423n4 - 2
Lack of validation on price feeds
#654 opened by code423n4 - 3
- 3
- 6
- 3
- 3
- 2
Upgraded Q -> M from #254 [1674418824740]
#669 opened by c4-judge - 2
Upgraded Q -> M from #164 [1674419095024]
#670 opened by c4-judge - 2
Upgraded Q -> M from #658 [1674423084300]
#673 opened by c4-judge - 7
Compromised or malicious owner of `GovNFT` contract can call `_bridgeMint` function on Chain A to block a Governance NFT's holder from bridging such NFT from Chain B to Chain A
#633 opened by code423n4 - 4
`GovNFT` contract's owner can stop Governance NFT holders from receiving more rewards from trades' DAO fees, and such reward amounts can remain in `Trading` contract without belonging to anyone
#638 opened by code423n4 - 5
Contract Owner Possesses Too Many Privileges
#648 opened by code423n4 - 2
Upgraded Q -> M from #268 [1674418407759]
#668 opened by c4-judge - 2
Gas Optimizations
#635 opened by code423n4 - 2
Gas Optimizations
#650 opened by code423n4 - 2
- 4
IERC20.transfer does not support all ERC20 token
#631 opened by code423n4 - 1
integer overflow or underflow
#661 opened by code423n4 - 1
reentrancy
#665 opened by code423n4 - 4
Upgraded Q -> M from #50 [1674461707004]
#676 opened by c4-judge - 5
Gas Optimizations
#663 opened by code423n4 - 6
- 4
- 5