Payouts
1st Places
3rd Places
Top 10
All
Sherlock
Code4rena
CodeHawks
Mar '25
Feb '25
high
Multiple Delegation by Double Spending Boosts and Lack of Delegation Tracking in BoostController Contract
high
ZENO Token Redemption Returns Negligible USDC Amount Compared to Purchase Price
high
Attackers can get most of RAACToken rewards by withdrawing dust amount from StabilityPool multiple times
high
Treasury Balance Tracking Bypass in FeeCollector
high
Attackers can double voting power and veToken amount by locking and increasing
medium
`MAX_TOTAL_SUPPLY` Bypass in `veRAACToken` via `increase()` Function
medium
Missing StabilityPool Integration in `mintRewards` Function
medium
Treasury Contract Deposit Function Can Be Frontrun To Deny Protocol Operations
medium
Token Accounting Mismatch Between tick() and mintRewards() in RAACMinter
medium
Permanent boost inflation through delegation removal in Boostcontroller.sol
low
Limited veRaac Token Supply Triggers DoS, Hampering Proper Governance Participation.
low
Unauthorized Vote Casting Vulnerability
Jan '25
Dec '24
Nov '24
Sep '24
Aug '24
Jul '24
Jun '24
827.34 USDC • 1 total finding • Sherlock • DenTonylifer
#6
May '24
Apr '24
Mar '24
Feb '24
Jan '24
Dec '23