Payouts
Top 10
Top 25
Top 50
All
Sherlock
Code4rena
Cantina
Jan '25
Dec '24
Nov '24
Sep '24
medium
Aug '24
high
high
Jul '24
high
`AuraVault::claim` reward calculation does not deduct fees from reward amount, causing DoS or extra rewards lost
medium
`PoolV3#repayCreditAccount()` use incorrect share converting function to calculate profit and loss
medium
Lack of Slippage Control in `AuraVault::deposit` and `AuraVault::mint` Functions Can Lead to Unexpected Financial Losses for Users
medium
Unclaimed Rewards Handling Issue in `AuraVault` Contract Functions (`AuraVault::deposit`, `AuraVault::mint`, `AuraVault::withdraw`, `AuraVault::redeem`)
high
Attacker can DoS users by delegating tokens at `MAX_DELEGATES` limit in `VotingEscrow::_moveTokenDelegates()`
high
Emergency Council will permanently lock user rewards when killing gauges via `Voter::killGaugeTotally`
high
Users will receive incorrect rewards due to outdated total supply caching in `RewardsDistributorV2::_checkpoint_total_supply()`
medium
Users can exploit vote persistence to earn unearned rewards via `Voter::poke`
medium
First Liquidity Provider can DOS the Pool in `Pair::mint()`