Skip to content

Issues: code-423n4/2024-01-opus-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

30 Open 212 Closed
30 Open 212 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Analysis A-01 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#242 opened Feb 6, 2024 by c4-bot-1
5
Analysis A-02 analysis-advanced grade-a sufficient quality report This report is of sufficient quality
#241 opened Feb 6, 2024 by c4-bot-7
2
Analysis A-03 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#237 opened Feb 6, 2024 by c4-bot-4
2
Analysis A-04 analysis-advanced grade-b insufficient quality report This report is not of sufficient quality
#235 opened Feb 6, 2024 by c4-bot-9
2
QA Report bug Something isn't working grade-b Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#221 opened Feb 6, 2024 by c4-bot-7
4
Loss of liquidation compensation assets in absorb 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue M-01 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#214 opened Feb 6, 2024 by c4-bot-5
10
Neglect of Exceptional Redistribution Amounts in withdraw_helper Function 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-01 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#206 opened Feb 6, 2024 by c4-bot-2
6
after shut, no pull redistribution yang will be locked 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-02 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#202 opened Feb 6, 2024 by c4-bot-10
9
convert_to_yang_helper() loss precision 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-02 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#195 opened Feb 6, 2024 by c4-bot-2
1
6
Analysis A-05 analysis-advanced grade-b high quality report This report is of especially high quality
#187 opened Feb 6, 2024 by c4-bot-6
4
ERC4626 inflat issue mitigation is not sufficient 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#179 opened Feb 6, 2024 by c4-bot-9
6
Analysis A-06 analysis-advanced grade-a insufficient quality report This report is not of sufficient quality selected for report This submission will be included/highlighted in the audit report
#178 opened Feb 6, 2024 by c4-bot-2
4
Analysis A-07 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#168 opened Feb 6, 2024 by c4-bot-1
3
Analysis A-08 analysis-advanced grade-b insufficient quality report This report is not of sufficient quality
#166 opened Feb 6, 2024 by c4-bot-5
2
A user can steal from the shrine by forcing redistribution of their trove; due to incorrect logic trove debt will be reset but yangs kept 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#143 opened Feb 6, 2024 by c4-bot-7
6
QA Report bug Something isn't working grade-a Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#138 opened Feb 6, 2024 by c4-bot-1
2
Analysis A-09 analysis-advanced grade-a sufficient quality report This report is of sufficient quality
#132 opened Feb 5, 2024 by c4-bot-10
2
Analysis A-10 analysis-advanced grade-b insufficient quality report This report is not of sufficient quality
#126 opened Feb 5, 2024 by c4-bot-1
3
The provide() function does not reset withdrawal requests, allowing an attacker to bypass risk-free yield tactics protection 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue M-04 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#116 opened Feb 5, 2024 by c4-bot-8
1
11
An attacker could manipulate debt exceptional redistribution because it is allowed to deposit into any trove 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue M-05 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#115 opened Feb 5, 2024 by c4-bot-3
10
QA Report bug Something isn't working edited-by-warden grade-a Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#98 opened Feb 4, 2024 by c4-bot-7
3
QA Report bug Something isn't working grade-a Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#85 opened Feb 4, 2024 by c4-bot-6
7
QA Report bug Something isn't working edited-by-warden grade-b Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#76 opened Feb 3, 2024 by c4-bot-1
2
Multiplier is incorrectly calculated in Controller 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working insufficient quality report This report is not of sufficient quality M-06 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#75 opened Feb 3, 2024 by c4-bot-7
8
Analysis A-11 analysis-advanced edited-by-warden grade-a sufficient quality report This report is of sufficient quality
#57 opened Feb 1, 2024 by c4-bot-5
2
ProTip! Adding no:label will show everything without a label.