Issues
- 3
`RepricingToken::checkpointReserves()` - L168: Should use `<=` here, NOT `<`, otherwise it allows for checkpointing pending reserves BEFORE the `reservesVestingDuration` has completely passed.
#60 opened by hats-bug-reporter - 4
`OrigamiOToken::exitToToken()` - L115: Missing return value check for `_transfer()` for oToken, and additionally should use `safeTransfer()` instead.
#61 opened by hats-bug-reporter - 2
`LinearWithKinkInterestRateModel::_setRateParams()` - L89: Should use `>` not `>=` for `(_kinkUtilizationRatio >= PRECISION)`.
#59 opened by hats-bug-reporter - 3
An attacker can bypass the dynamic fees in `lovStEth` vault under certain depeg conditions, and extract value from honest depositors
#62 opened by hats-bug-reporter - 3
- 3
hardcoding aave pool address is a serious aave integration flaw because valid pool addresses can change
#58 opened by hats-bug-reporter - 2
Hardcoded rounding strategy in `DynamicFees::dynamicFeeBps()` rounds against the protocol on lovTokens deposits
#56 opened by hats-bug-reporter - 2
There may be a lesser amount of Aave aTokens than what is tracked in the OrigamiAaveV3BorrowAndLend.
#52 opened by hats-bug-reporter - 4
`OrigamiAbstractLovTokenManager::maxInvest()` does not take into account the `redeemableReservesBuffer()`
#50 opened by hats-bug-reporter - 3
In some cases, the redemption process in the Repricing Token may be reverted.
#55 opened by hats-bug-reporter - 2
Changing `globalInterestRateModel` need to be automatically reflected or trigger borrowers refresh
#57 opened by hats-bug-reporter - 2
It is not possible to rebalance-down the `lovDsr` strategy when the USDC borrows circuit-breaker cap is hit, even when using `forceRebalanceDown()`
#54 opened by hats-bug-reporter - 1
Incorrect thresholds configuration in `OrigamiIdleStrategyManager` will make the two thresholds compete against each other
#53 opened by hats-bug-reporter - 2
The donated debt token can be used for repayment when attempting to rebalance up in the OrigamiLovTokenFlashAndBorrowManager.
#51 opened by hats-bug-reporter - 12
- 6
Adversary can block any `exit` due to `preCheck` reached `cap` by using flash-loan
#27 opened by hats-bug-reporter - 6
In OrigamiAaveV3BorrowAndLend, the ability to recover borrowToken should be restricted
#47 opened by hats-bug-reporter - 4
- 6
`OrigamiWstEthToEthOracle` utilizes Chainlink's stETH/ETH feed which has 24 hour long Heartbeat
#17 opened by hats-bug-reporter - 8
- 1
Some USDC tokens are missing when calculating the global available borrow amount and global utilization ratio.
#46 opened by hats-bug-reporter - 1
When we update the old IdleStrategy, there may be some USDC tokens in that.
#45 opened by hats-bug-reporter - 6
Anyone can manipulate the AL ratio.
#41 opened by hats-bug-reporter - 7
OrigamiDexAggregatorSwapper.sol : unsafe unchecked block would lead to loss of funds
#35 opened by hats-bug-reporter - 2
We can burn more debt than the exact amount when withdrawing in OrigamiLendingClerk.
#15 opened by hats-bug-reporter - 1
- 1
`OrigamiLovTokenFlashAndBorrowManager::forceRebalanceUp()` will revert when attempting to pay a `flashLoanAmount` higher than the current debt
#33 opened by hats-bug-reporter - 2
`OrigamiLendingClerk::borrowMax()` will revert everytime `_availableToBorrow()` returns a higer value than the remaining amount until hitting the circuit-breaker cap
#44 opened by hats-bug-reporter - 1
`OrigamiLendingSupplyManager::maxExit()` does not account for circuit breaker cap when returning the max exit amount
#39 opened by hats-bug-reporter - 1
- 1
The slippage protection in `OrigamiAbstractLovTokenManager::investQuote` rounds against protecting the user because of 'ROUND_DOWN' mode being hardcoded
#16 opened by hats-bug-reporter - 2
Performance Fee calculation potential revenue loss on changing `performanceFee` value
#40 opened by hats-bug-reporter - 1
Insufficient input validation in `LinearWithKinkInterestRateModel::_setRateParams()` allows for steeper slope before the kink
#42 opened by hats-bug-reporter - 3
attacker can take over USDC by calling investWithToken/exitToken more than once
#38 opened by hats-bug-reporter - 2
Dandling approvals in `FlashLoanProvider` contract with Aave pools as spenders
#43 opened by hats-bug-reporter - 2
Incorrect value of `totalDebtRepaid` in the event `RebalanceUp()` when attempting to repay more debt than the remaining one (when `amountRepaid < flashLoanAmount`)
#31 opened by hats-bug-reporter - 3
First depositor can significantly inflate share value and limit vault operability
#36 opened by hats-bug-reporter - 1
Excess amount of debtToken asset is not accounted when rebalanceUp, making the asset untracked
#28 opened by hats-bug-reporter - 1
- 1
- 1
Investment and exit paused must be checked in `investWithToken()` and `exitToToken()`
#22 opened by hats-bug-reporter - 1
`price()`will return the wrong price for asset if the underlying aggregator hits minAnswer
#21 opened by hats-bug-reporter - 1
Unhandled chainlink revert would lock price oracle access in `price()`
#20 opened by hats-bug-reporter - 1
- 2
`OrigamiLovToken::collectPerformanceFees()` can be frontrunned to extract value
#18 opened by hats-bug-reporter - 1
- 2
the otoken contract did not respect users minimum slippage which may cause loss of tokens value
#29 opened by hats-bug-reporter - 2
there is no check for deadline in `investwithToken` function inside origamiOtoken.sol which opens the possibility to theft of funds
#30 opened by hats-bug-reporter - 1
OrigamiDexAggregatorSwapper : absense of slippage protection lead to loss of funds.
#34 opened by hats-bug-reporter - 1
Use of slot0 to get sqrtPriceLimitX96 can lead to price manipulation. #823
#26 opened by hats-bug-reporter