Payouts
1st Places
3rd Places
Top 10
All
Sherlock
Code4rena
Cantina
Mar '25
Feb '25
Jan '25
high
medium
Dec '24
high
An attacker could potentially drain the entire pool balance, including all user funds, from the `OracleLess` contract.
high
Missing Validation of recipient in `createOrder` Allows Attacker to back-Run Approvals, Resulting in Slippage Manipulation and Complete Fund Loss
high
Order ID Collision in `Bracket.sol` Contract Leads to Overwriting of Bracket Orders
medium
Improper Stale Price Validation in `PythOracle` Contract Valid Data
medium
Incorrect Take-Profit Logic in `checkInRange` for direction = true
Nov '24
Oct '24
high
high
medium
medium
medium
Sep '24
high
high
high
high
medium
medium
Aug '24
Jul '24
May '24
Apr '24
medium
`AccountingManager#totalWithdrawnAmount` should reflect tokens actually transferred to users, instead of expected transfers
medium
Withdrawals in AccountManager are prone to DOS attacks.
medium
First depositor can make subsequent depositor lose all of her or his deposit
medium
`AccountingManager` contract's `previewDeposit`, `previewMint`, `previewWithdraw`, and `previewRedeem` functions are not compliant with EIP-4626 standard
medium
`depositQueue.queue` in `AccountingManager` can be flooded causing a DoS
Feb '24
medium