Payouts
Top 25
Top 50
All
Sherlock
Code4rena
CodeHawks
Feb '25
high
Users Can Overwrite Existing Locks in veRAACToken Resulting in Permanent Loss of Funds
high
Reward manipulation vulnerability in StabilityPool
high
Ownership Parameter Mismatch in LendingPool’s Vault Withdrawal Logic
high
Treasury Balance Tracking Bypass in FeeCollector
high
Attackers can double voting power and veToken amount by locking and increasing
high
Users can lose additional collateral by depositing NFTs after grace period expiration
medium
Missing Boost Balance and other parameters Update in veRAACToken Functions. Incomplete Boost State Updates Result in Inaccurate Voting Power and Reward Distribution
medium
LendingPool deposits do not work with CurveVault due to lack of funds
medium
Liquidation Cannot Be Closed Even With Healthy Position Due To Strict Debt Check
medium
There is no logic checking for RAACNFT price staleness before minting it
medium
Concurrent Oracle Fulfillments Overwrite House IDs, which leads to Incorrect Pricing
medium
Token Accounting Mismatch Between tick() and mintRewards() in RAACMinter
medium
[L-1] Inaccurate boost calculations in `veRAACToken` due to wrong input parameter
low
Unauthorized Vote Casting Vulnerability
low
Missing Pause Functionality in veRAACToken Contract Can Be Abused When Emergency Withdrawal Mechanism Is Activated
low
Incorrect Timestamp Tracking in RAACHousePrice contract
low
Incorrect Values Returned in ReserveLibrary `withdraw` Function
Jan '25
Nov '24
Sep '24
Aug '24
Jul '24