Payouts
Top 10
Top 25
Top 50
All
Sherlock
Code4rena
CodeHawks
Jul '25
May '25
Apr '25
Mar '25
Feb '25
high
Wrong amount is minted to user when they deposit into the lending pool
high
Delegation Boost Not Usable by Delegatees
high
Incorrect decimal handling in `Auction::buy()` leads to massive overpayment for ZENO tokens
high
RAACNFT mint function receives funds to address(this) but has no way of withdrawing them
high
Users Can Overwrite Existing Locks in veRAACToken Resulting in Permanent Loss of Funds
high
`GaugeController` does not send funds to FeeCollector disrupting fees distribution and causing loss of funds
high
Reward manipulation vulnerability in StabilityPool
high
Incorrect Reward Claim Logic in FeeCollector::claimRewards Causes Denial of Service
high
RToken's transfer function lead to loss of funds due to incorrect math
high
Users can borrow more assets than they have deposited as collateral
high
Attackers can get most of RAACToken rewards by withdrawing dust amount from StabilityPool multiple times
high
NFTs Get Permanently Locked in Stability Pool After Liquidation
high
Any attempt to liquidate a user will fail, because StabilityPool does not hold crvUSD during operational lifecycle
high
Double Usage Index Scaling in StabilityPool Liquidation Inflates Required CRVUSD Balance
high
Ownership Parameter Mismatch in LendingPool’s Vault Withdrawal Logic
high
Treasury Balance Tracking Bypass in FeeCollector
high
Attackers can double voting power and veToken amount by locking and increasing
high
Gauge Voting Misallocation Vulnerability
high
The total voting power of all veRAAC tokens is wrongly assigned
high
Interest Accrual Failure Due to Incorrect Scaling in RToken Implementation
high
Incorrect Debt Token Accounting Due to Multiple Scaling Issues
high
Ineffective Time-Weighted Average Implementation in Fee Distribution
high
Critical Economic Design Flaw in ZENO Zero-Coupon Bond Implementation Leads to Guaranteed User Losses
high
Voting Power Snapshot Missing
high
Stability pool does not consider RToken balance increase when DEToken is withdrawn
high
Users can lose additional collateral by depositing NFTs after grace period expiration
medium
Incorrect accounting in `veRAACToken::emergencyWithdraw` and `veRAACToken::withdraw` due to missing `totalLocked` update
medium
veRaac Token Constraint MAX_TOTAL_SUPPLY Can Be Bypassed. Vulnerability Disrupts Protocol Functionality and Undermines Governance Quorum.
medium
Incorrect utilization rate forces protocol to issue maximum rewards indefinitely
medium
Incorrect DebtToken totalSupply Scaling Breaks Interest Rate Calculations
medium
RToken.transferFrom() Does Not Scale User Balances Due to Stale Liquidity Index
medium
LendingPool deposits do not work with CurveVault due to lack of funds
medium
Users Can Lose Funds and Collateral by Repaying Loans After Liquidation Grace Period Expiry
medium
Liquidation Cannot Be Closed Even With Healthy Position Due To Strict Debt Check
medium
Multiple Critical Calculation And Logic Errors in `RToken::mint/burn` Function
medium
`RToken::calculateDustAmount` are incorrectly calculated, leading to not be able to transfer the accrued dust amount
medium
Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations
medium
Emergency revoke in RAACReleaseOrchestrator will freeze revoked RAAC tokens in orchestrator
medium
`veRAACToken::_updateBoostState` function sets individual user voting power instead of system-wide totals
medium
User may not be able to increase the amount of locked RAAC tokens
medium
Missing Liquidity Rebalancing in Repayments and Liquidations Leading to Inefficient Liquidity Management
medium
Token Accounting Mismatch Between tick() and mintRewards() in RAACMinter
medium
Emergency Withdrawal Remains Active After Cancellation
medium
Incorrect Period Transition Logic in Reward Distribution
medium
[L-1] Inaccurate boost calculations in `veRAACToken` due to wrong input parameter
medium
`RAACReleaseOrchestrator::emergencyRevoke()` fails to update `categoryUsed`, leading to token lockup and incorrect accounting
medium
Incorrect reward calculations in tick function
medium
Cordinated group of attacker can artificially lower quorum threshold during active proposals forcing malicious proposals to pass without true majority support.
medium
RAACToken burns less tokens than expected when feeCollector is unset
medium
Flawed Boost Multiplier Calculation Always Yields Maximum Boost
medium
balanceOf(address(this)) in StabilityPool causes reward distribution to be higher than it should be
medium
Users Cannot Remove Their Own Boost Delegation, Causing Potential Lock-In
medium
The earned yield from the Curve vault can never be utilized when withdrawing or borrowing
medium
Emergency Withdrawals in `FeeCollector` will break Fee Distribution Logic
medium
Inconsistent Fee Collector Address Validation in RAACMinter: Denial of Service for Disabling Fee Collection
medium
When the prime rate is updated by the oracle, the values of the sub-rates are not ajdusted accordingly, which can cause loss of assets for borrowers
medium
Unnecessary Vault Withdrawals Due to Unchecked User Withdrawal Amounts
low
Canceled vote still get voted on and accumulate voting power in Goverance.sol
low
Lack of enforcement of the `MAX_TOTAL_LOCKED_AMOUNT`
low
Unauthorized Vote Casting Vulnerability
low
Impossible to rescue funds from `RToken` contract
low
Incorrect Initialization of minBoost in BaseGauge Constructor Breaks Core Contract Functionality
low
Missing Checkpoint Reset in `veRAACToken::emergencyWithdraw` Function
low
Missing Pause Functionality in veRAACToken Contract Can Be Abused When Emergency Withdrawal Mechanism Is Activated
low
`FeeCollector::updateFeeType` wrong fee share validation leads to impossible update for some fee types
low
Missing Check for Gauge Activation Status in vote :: GaugeController.sol
low
Deposits/Withdrawals can be DOS'ed if crvVault::withdraw produces any losses
low
Lack of incentives for users to call LendingPool::initiateLiquidation allows extensive delay between when health factor dropped below threshold and when grace period starts
low
Auction Price Calculation Fails to Reach Reserve Price Due to Integer Division Truncation
Jan '25
high
Malicious User Can Inflate Rewards, Depleting the Pool for Honest Users.
high
`Pool::transferReserveToAuction` Will Always Revert Due to Incorrect Period
high
Market Rate Calculation Error in LEVERAGE Token Redemption
high
Incorrect Calculation of Token Creation and Redemption Rates Due to BondOracleAdapter
medium
Malicious User Can Grief an Auction by Manipulating Pool Reserves
medium
Unable to Remove Bid Due to USDC Blacklist
medium
The `PreDeposit._deposit()` Logic Will Lock User `BPT` Token Funds in the BalancerRouter
medium
Inaccurate Share Calculations Due to Inclusion of Failed Auctions
medium
Incorrect Precision Adjustment in Token Rate Calculations
Dec '24
high
Incorrect Ether Recipient in Liquidation
high
Updating the `downsideProtected` in the CDS Contract Lacks Access Control
high
Complete loss of USDT funds from the Treasury contract
high
Borrower-Set Strike Price Mechanism Can Lead to Collateral Losses for Users Under Volatile Market Conditions
medium
Loss of User Funds Due to Incorrect LZ Fee Handling in Borrowing and CDS Contracts
medium
The `liquidationType1` function in the borrowLiquidation contract reverts unexpectedly when calculating the yields
medium
`liquidationType2` Requires Admin to Fund Liquidations
medium
Inability to Withdraw ETH/tokens in BorrowLiquidation Contract if `closeThePositionInSynthetix` is Called
medium
Logical Vulnerability in deposit and withdraw Functions of Treasury contract that Allowing Manipulation of `noOfBorrowers` State