12x
Payouts
2x
2nd Places
7x
Top 10
10x
Top 25
All
Sherlock
Cantina
Jan '25
Dec '24
high
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
Nov '24
high
Finding not yet public.
Sep '24
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
Aug '24
high
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
Jul '24
May '24
high
Malicious user can take advantage of auto-accruing WETH in the PrizePool contract on blast to unfairly increase winning odds
medium
after the TWAB limit is reached, back-running a call to `withdraw` with a liquidation of yield is extremely profitable for the liquidator at the expense of all the other users in the vault
medium
An attacker can DOS liquidations once a vault is near the TWAB limit
medium
PUSH0 Opcode is not supported on linea chain
medium
Witnet does not support all the networks the protocol will be deployed on
medium
A malicious user can set their hook to a malicious implementation, so that claimers tx spends all the gas allocated and reverts
Mar '24
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.