24x
Payouts
1x
2nd Places
4x
Top 10
13x
Top 25
All
Sherlock
Code4rena
Cantina
CodeHawks
Mar '26
Jan '26
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
Dec '25
high
Cross-contract reentrancy in liquidation enables conversion of phantom shares to real shares, draining CollateralTracker assets
high
BuilderWallet `init()` is unprotected/re-initializable, enabling takeover and theft of builder fees
medium
Liquidations Can Be Permanently Blocked via `getLiquidationBonus()` Unsigned Underflow (Insolvent-but-Unliquidatable Accounts)
medium
`RiskEngine::_getRequiredCollateralAtTickSinglePosition()` Fails to Accumulate Credits Across Multiple Legs, Leading to Potential Erroneous Liquidations
medium
Division-by-zero in long-leg collateral requirement can block solvency checks and `dispatchFrom` (liquidation/force-exercise) for tickSpacing==1 pools
medium
Wide-Range Short Legs Can Revert Solvency Checks and Block Liquidations (Errors.InvalidTick)
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
medium
Permanent Interest Freeze via Exponential Decay Domain Violation
medium
Undercharging Interest When Borrow Rate Decays to MIN_RATE
medium
Redemptions Can Create a Collateral Deficit When a Free-Debt Borrower Is Underwater
medium
`writeOff()` Can Zero Total Debt When the Written-Off Account Is the Last Borrower
Nov '25
high
Finding not yet public.
Oct '25
Sep '25
Aug '25
high
Finding not yet public.
high
Finding not yet public.
Jul '25
May '25
medium
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
high
Finding not yet public.
medium
Finding not yet public.
high
Finding not yet public.
medium
Finding not yet public.
medium
Finding not yet public.
Apr '25
medium
Finding not yet public.
medium
Finding not yet public.
Mar '25
Feb '25
