Payouts
1st Places
3rd Places
Top 10
All
Sherlock
Code4rena
Aug '24
Apr '24
Mar '24
Feb '24
Jan '24
Dec '23
medium
Anyone can pause AuctionHouse in _createAuction
medium
Since buyToken function has no slippage checking, users can get less tokens than expected when they buy tokens directly
medium
CultureIndex.sol#dropTopVotedPiece() - Malicious user can manipulate topVotedPiece to DoS the whole CultureIndex and AuctionHouse
Nov '23
1.37 USDC • 1 total finding • Code4rena • Tricko
#31
Oct '23
Sep '23
Aug '23
Jul '23
677.54 USDC • Code4rena • Tricko
#5
Jun '23
May '23
Apr '23
Mar '23
high
An attacker can manipulate the preDepositvePrice to steal from other users.
high
`WstEth` derivative assumes a ~1=1 peg of stETH to ETH
medium
Possible DoS on `unstake()`
medium
In de-peg scenario, forcing full exit from every derivative & immediately re-entering can cause big losses for depositors
medium
Missing derivative limit and deposit availability checks will revert the whole `stake()` function
Feb '23
Jan '23
Dec '22
Nov '22
Oct '22