High
Solo
Total
Medium
Solo
Total
Total Earnings
#4 All Time
Payouts
1st Places
2nd Places
3rd Places
All
Sherlock
Code4rena
Sep '23
high
`RFPSimpleStrategy` Winning bidder can front-run the `_allocate()` transaction and change the `proposalBid` with `registerRecipient()`.
high
`QVSimpleStrategy._allocate()` does not update `allocator.voiceCredits` as expected, causing the upper limit of `maxVoiceCreditsPerAllocator` to be ineffective.
medium
Wrong implementation of `RFPSimpleStrategy#setMilestones()`
medium
`QVBaseStrategy._qv_allocate()` mistakenly included `_allocator.voiceCreditsCastToRecipient[_recipientId]`, causing `_recipient.totalVotesReceived` to increase.
medium
`distribute()` may be distributed in unexpected proportions due to the lack of guarantee that `distribute()` is executed after all `allocate()`.
medium
`RFPSimpleStrategy` does not work when configured with `useRegistryAnchor == true`
medium
Fee on transfer token is not supported properly.
medium
Wrong implementation of `NOT_ENOUGH_FUNDS` check in `_distribute()`.
medium
`QVSimpleStrategy` cannot fund pools with NATIVE token due to lack of `receive() external payable {}` method.
medium
`QVBaseStrategy.reviewRecipients()`'s voting mechanism lacks a record of the voting target content (the recipient state it targets), resulting in different starting states for votes after the recipient state changes.
Jul '23
high
`settle(address(0))` can result in incorrect `assets` and `shares` due to a miscalculation that mistakenly treats the global account as a local account.
high
New orders should request for a new oracle version at `currentTimestamp` (the next whole hour) instead of the current time (`block.timestamp`)
high
Protocol's fee is claimed by the factory, but there is no way to move tokens out.
medium
`_accumulateFunding()` maker will get the wrong amount of funding fee.
medium
`Liquidation` should not put the market into a worse state (more bad debt).
medium
`OracleVersion latestVersion` of `Oracle.status()` may go backwards when updating to a new oracle provider and result in wrong settlement in `_processPositionLocal()`.
May '23
high
Lack of access control for `mintRebalancer()` and `burnRebalancer()`
high
Uniswap v3 pool token balance proportion does not necessarily correspond to the price, and it is easy to manipulate.
high
`getOwnValuation()` can easily be manipulated to trigger `rebalance()`.
high
Wrong Oracle feed addresses
high
`StableOracleDAI` is improperly implemented.
high
UniV3 Router's `ExactInputParams` must have a deadline set. Leaving it at the default value of 0 will result in a revert.
high
`USSDRebalancer.SellUSSDBuyCollateral()` dose not works as it always reverts at L201
high
Incorrect arithmetic expression will cause `BuyUSSDSellCollateral()` to revert as it attempts to facilitate a swap with a zero amount.
high
Oracle price should be denominated in DAI instead of USD
medium
Using the collateral assets' oracle price at 100% of its value to mint USSD without a fee can be used for arbitrage.
medium
`BuyUSSDSellCollateral()` relies on the settings and assumption about the value of certain collateral
medium
Chainlink's `latestRoundData` might return stale or incorrect results
medium
`BuyUSSDSellCollateral()` may revert due to underflow when DAI depeg
medium
Lack of Redeem Feature
Dec '22
Nov '22
high
Unbounded `_unlockTime` allows the attacker to get a huge `stakedTimeBonus` and dominate the voting
medium
`queue()` should increase `proposalsPassed` instead of `proposalsCreated`
medium
Using `ERC721.transferFrom()` instead of `safeTransferFrom()` may cause the user's NFT to be frozen in a contract that does not support ERC721
Oct '22
high
`increaseLock()` should read `userDeposit[_receiver]` instead of `depositsOf[_msgSender()]`
high
Extend lock period should never result in a decrease of overall rewards (`total length of locked period * shares`)
medium
First user can inflate `pointsPerShare` and cause `_correctPoints()` to revert due to overflow
medium
Front run `distributeRewards()` can steal the newly added rewards
medium
`escrowedReward` will be frozen in the contract if `escrowPool == address(0)` but `escrowPortion > 0`
medium
Expired locks should not continue to earn rewards at the original high multiplier rate
medium
Curve points should be guaranteed to be monotonic increasing
high
Attacker can manipulate the pricePerShare to profit from future users' deposits
medium
Frontrun `deposit()` can cause the depositor to lose all the funds
medium
Lack of sanity checks for new plugin address in `addPlugin()`
medium
When one of the plugins is broken or paused, `deposit()` or `withdraw()` of the whole Vault contract can malfunction
medium
`_withdrawFromPlugin()` will revert when `_withdrawalValues[i] == 0`
Aug '22
high
`UniV2LPOracle` will malfunction if token0 or token1's `decimals != 18`
high
`ChainlinkOracle.sol#getPrice()` The price will be wrong when the token's USD price feed's `decimals != 8`
high
Tokens received from Curve's `remove_liquidity()` should be added to the assets list even if `_min_amounts` are set to `0`
high
A malicious early user/attacker can manipulate the LToken's pricePerShare to take an unfair share of future users' deposits
high
`ERC4626Oracle` Price will be wrong when the ERC4626's `decimals` is different from the underlying token’s decimals
high
`updateState()` should be called in `depositEth()` and `redeemEth()`
medium
Accounts with ETH loans can not be liquidated if LEther's underlying is set to `address(0)`
medium
`Reserves` should not be considered part of the available liquidity while calculating the interest rate
medium
Turning `isCollateralAllowed[token]` from `true` to `false` with `toggleCollateralStatus()` won't disallow the token to be continued used as collateral
medium
Lack of price freshness check in `ChainlinkOracle.sol#getPrice()` allows a stale price to be used
Jun '22
high
Tempus lend method wrongly calculates amount of iPT tokens to mint
high
Unable to redeem from Notional
high
`Redeemer.sol#redeem()` can be called by anyone before maturity, which may lead to loss of user funds
high
[H-05] Not minting iPTs for lenders in several lend functions
high
Pendle Uses Wrong Return Value For `swapExactTokensForTokens()`
medium
Swivel lend method doesn't pull protocol fee from user
high
`zeroswap/UniswapV2Library.sol` Wrong init code hash in `UniswapV2Library.pairFor()` will break `UniswapV2Oracle`, `UniswapV2Router02`, `SushiRoll`
high
`lending-market/NoteInterest.sol` Wrong implementation of `getBorrowRate()`
high
`lending-market/Note.sol` Wrong implementation of access control
high
Stealing Wrapped Manifest in WETH.sol
high
WETH.sol computes the wrong totalSupply()
high
Anyone can set the `baseRatePerYear` after the `updateFrequency` has passed
high
Transferring any amount of the underlying token to the CNote contract will make the contract functions unusable
high
Anyone can create Proposal Unigov Proposal-Store.sol
high
Comptroller uses the wrong address for the WETH contract
high
AccountantDelegate: sweepInterest function will destroy the cnote in the contract.
medium
`zeroswap/UniswapV2Pair.sol` Token reserves per lp token can be manipulated due to lack of `MINIMUM_LIQUIDITY` when minting the first liquidity with `migrator`
high
Maker buy order with no specified NFT tokenIds may get fulfilled in `matchOneToManyOrders` without receiving any NFT
high
Accumulated ETH fees of InfinityExchange cannot be retrieved
medium
Maker order buyer is forced to reimburse the gas cost at any `tx.gasprice`
medium
Protocol fee rate can be arbitrarily modified by the owner and the new rate will apply to all existing orders
medium
InfinityExchange computes gas refunds in a way where the first order's buyer pays less than the later ones
May '22
high
VotingEscrow's merge and withdraw aren't available for approved users
medium
Owner's delegates should be decreased in `_burn()`
medium
Malicious user can populate `rewards` array with tokens of their interest reaching limits of `MAX_REWARD_TOKENS`
medium
Wrong calculation for the new `rewardRate[token]` can cause some of the late users can not get their rewards
medium
Bribe.sol is not meant to handle fee-on-transfer tokens
high
`BathPair.sol#rebalancePair()` can be front run to steal the pending rebalancing amount
high
`BathToken.sol#_deposit()` attacker can mint more shares with re-entrancy from hookable tokens
high
First depositor can break minting of shares
medium
Inconsistent Order Book Accounting When Working With Transfer-On-Fee or Deflationary Tokens
medium
Outstanding Amount Of A Pool Reduced Although Tokens Are Not Repaid
medium
Use `safeTransfer()`/`safeTransferFrom()` instead of `transfer()`/`transferFrom()`
medium
`RubiconMarket.sol#isClosed()` always returns false, making the market can not be stopped as designed
high
[WP-H0] Fake balances can be created for not-yet-existing ERC20 tokens, which allows attackers to set traps to steal funds from future users
medium
Use safeTransferFrom instead of transferFrom for ERC721 transfers
medium
Owner can set the feeRate to be greater than 100% and cause all future calls to `exercise` to revert
medium
Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited
Apr '22
high
The return value `success` of the get function of the INFTOracle interface is not checked
high
Lender is able to seize the collateral by changing the loan parameters
high
Mistake while checking LTV to lender accepted LTV
medium
Reentrancy at _requestLoan allows requesting a loan without supplying collateral
medium
[WP-M8] `CompoundHandler#topUp()` Using the wrong function selector makes native token `topUp()` always revert
medium
[WP-M9] `CEthInterface#repayBorrowBehalf()` reading non-existing returns makes `_repayAnyDebt()` with CEther always revert
medium
[WP-M11] `CEthInterface#mint()` reading non-existing returns makes `topUp()` with native token alway revert
medium
Chainlink's latestRoundData might return stale or incorrect results
medium
`_decimalMultiplier` doesn't account for tokens with decimals higher than 18
medium
`call()` should be used instead of `transfer()` on an `address payable`
high
Existing user’s locked JPEG could be overwritten by new user, causing permanent loss of JPEG funds
high
yVault: First depositor can break minting of shares
high
[WP-H22] Bad debts should not continue to accrue interest
medium
[WP-H9] `_swapUniswapV2` may use an improper `path` which can cause a loss of the majority of the rewardTokens
medium
Chainlink pricer is using a deprecated API
medium
`requiredImprovementRate` can not work as expected when `previousInterestRate` less than 10 due to precision loss
medium
`mintBorrowTicketTo` can be a contract with no `onERC721Received` method, which may cause the BorrowTicket NFT to be frozen and put users' funds at risk
medium
`sendCollateralTo` is unchecked in `closeLoan()`, which can cause user's collateral NFT to be frozen
Mar '22
high
Wrong implementation of `NoYield.sol#emergencyWithdraw()`
high
Wrong returns of `SavingsAccountUtil.depositFromSavingsAccount()` can cause fund loss
high
Aave's share tokens are rebasing breaking current strategy code
high
https://github.com/sublime-finance/sublime-v1/blob/46536a6d25df4264c1b217bd3232af30355dcb95/contracts/PooledCreditLine/LenderPool.sol#L404-L406
medium
`NoYield.sol` Tokens with fee on transfer are not supported
medium
[WP-M10] Lack of access control allow anyone to `withdrawInterest()` for any lender
medium
[WP-H7] Infinite approval to an arbitrary address can be used to steal all the funds from the contract
medium
DexManagerFacet: batchRemoveDex() removes first dex only
medium
cBridge integration fails to send native tokens
medium
Reputation Risks with `contractOwner`
medium
Anyone can get swaps for free given certain conditions in `swap`.
medium
`msg.value` is Sent Multipletimes When Performing a Swap
high
`makePayment()` Lack of access control allows malicious `lender` to retrieve a large portion of the funds earlier, making the borrower suffer fund loss
medium
Anyone can call `closeLoan()` to close the loan
medium
Unsafe implementation of `fundLoan()` allows attacker to steal collateral from an unfunded loan
high
[WP-H0] Wrong implementation of `EIP712MetaTransaction`
high
[WP-H2] `EIP712MetaTransaction.executeMetaTransaction()` failed txs are open to replay attacks
medium
COLLATERAL_MINTER_ROLE can be granted by the deployer of QuantConfig and mint arbitrary amount of tokens
medium
Usage of deprecated Chainlink functions
medium
[WP-M3] `OperateProxy.callFunction()` should check if the `callee` is a contract
medium
[WP-H6] Admin of the upgradeable proxy contract of `Controller.sol` can rug users
high
[WP-H4] Deleting `nft Info` can cause users' `nft.unpaidRewards` to be permanently erased
high
[WP-H14] `LiquidityProviders.sol` The share price of the LP can be manipulated and making future liquidityProviders unable to `removeLiquidity()`
high
[WP-H17] Users will lose a majority or even all of the rewards when the amount of total shares is too large, due to precision loss
high
Wrong formula when add fee `incentivePool` can lead to loss of funds.
medium
[WP-H5] `LiquidityFarming.sol` Unbounded for loops can potentially freeze users' funds in edge cases
medium
A `pauser` can brick the contracts
medium
[WP-H23] Improper `tokenGasPrice` design can overcharge user for the gas cost by a huge margin
medium
Possible frontrun on deposits on LiquidityPool
medium
Sending tokens close to the maximum will fail and user will lose tokens
medium
Incentive Pool can be drained without rebalancing the pool
high
`TimeswapPair.sol#borrow()` Improper implementation allows attacker to increase `pool.state.z` to a large value
high
`TimeswapConvenience.sol#borrowGivenDebt()` Attacker can increase `state.y` to an extremely large value with a dust amount of `assetOut`
high
Manipulation of the Y State Results in Interest Rate Manipulation
high
[WP-H1] Wrong timing of check allows users to withdraw collateral without paying for the debt
medium
`TimeswapPair.sol#mint()` Malicious user/attacker can mint new liquidity with an extremely small amount of `yIncrease` and malfunction the pair with the maturity
Feb '22
high
[WP-H3] `money-market-contracts/oracle#feed_prices()` delayed transaction may disrupt price feeds
medium
[WP-H0] When transferring tokens not in `whitelist` on Ethereum to Terra with `CrossAnchorBridge.depositStable()`, the funds may get frozen
medium
[WP-H2] `money-market-contracts/contracts/market` `claim_rewards` may revert due to `spend_limit` set on `distributor`
medium
[WP-H4] `anchor_basset_reward` pending yields can be stolen
high
An offer made after auction end can be stolen by an auction winner
medium
Primary seller can avoid paying the primary fee
medium
[WP-M5] Royalties can be distribution unfairly among `creatorRecipients` for NFT contracts with non-standard `getRoyalties()` returns
medium
[WP-M6] Inappropriate support of EIP-2981
medium
[WP-H1] Transactions can be replayed when a connectedChain is removed and then reconnected
medium
[WP-H2] When transferring tokens native on SKALE to Ethereum with `TokenManagerERC20.exitToMainERC20()`, the tokens on the schain will be frozen on `TokenManagerERC20`, but they will not receive tokens on Ethereum
medium
[WP-H3] S2S Transfer from the origin schain to another schain with automatic deploy disabled can cause funds to be frozen
high
TurboRouter: deposit(), mint(), createSafeAndDeposit() and createSafeAndDepositAndBoost() functions do not work
medium
[WP-M2] Wrong implementation of `TurboSafe.sol#less()` may cause boosted record value in TurboMaster bigger than actual lead to `BoostCapForVault` and `BoostCapForCollateral` to be permanently occupied
medium
transferBribes could transfer before proposal deadline + Input validation
medium
Wrong slippage check
medium
Changing `bribeVault` in `RewardDistributor.sol` will Lock Current ETH Rewards
medium
[WP-H0] `DEFAULT_ADMIN_ROLE` of `BribeVault` can steal tokens from users' wallets
medium
[WP-H2] Improper control over the versions of distributions' metadata may lead to repeated claims of rewards
high
[WP-H8] `ConvexStakingWrapper.sol#_calcRewardIntegral` Wrong implementation can disrupt rewards calculation and distribution
high
[WP-H13] `MasterChef.sol` Users won't be able to receive the `concur` rewards
high
[WP-H14] `ConvexStakingWrapper`, `StakingRewards` Wrong implementation will send `concur` rewards to the wrong receiver
high
deposit in ConvexStakingWrapper will most certainly revert
medium
`MasterChef.updatePool()` Fails To Update Reward Variables If `block.number >= endBlock`
medium
[WP-M0] `USDMPegRecovery.sol#provide()` Improper design/implementation make it often unable to add liquidity to the `usdm3crv` pool
medium
[WP-H1] Rewards distribution can be disrupted by a early user
medium
[WP-H2] `ConvexStakingWrapper#deposit()` depositors may lose their funds when the `_amount` is huge
medium
[WP-H16] `MasterChef.sol` A `depositor` can deposit an arbitrary amount without no cost
medium
[WP-H28] `StakingRewards.sol#notifyRewardAmount()` Improper reward balance checks can make some users unable to withdraw their rewards
medium
[WP-H29] `StakingRewards.sol` `recoverERC20()` can be used as a backdoor by the `owner` to retrieve `rewardsToken`
medium
[WP-M17] `USDMPegRecovery.sol#withdraw()` withdraw may often fail
Jan '22
medium
Use safeTransfer/safeTransferFrom consistently instead of transfer/transferFrom
medium
Pair creation can be denied
medium
ERC20 return values not checked
medium
`createRJLaunchEvent()` can be called by anyone with 1 Wei of `_token` and stop others from creating RJLaunchEvent with the same token anymore
high
[WP-H0] In the case of Single Asset Entry, new liquidity providers will suffer fund loss due to wrong formula of ΔRo
high
[WP-H2] Transferring `quoteToken` to the exchange pool contract will cause future liquidity providers to lose funds
medium
[WP-H1] The value of LP token can be manipulated by the first minister, which allows the attacker to dilute future liquidity providers' shares
high
[WP-H5] `L1Migrator.sol#migrateETH()` dose not send `bridgeMinter`'s ETH to L2 causing ETH get frozen in the contract
medium
[WP-M0] `MINTER_ROLE` can be granted by the deployer of L2LivepeerToken and mint arbitrary amount of tokens
medium
[WP-M1] `BURNER_ROLE` can burn any amount of L2LivepeerToken from an arbitrary address
medium
[WP-M2] `DEFAULT_ADMIN_ROLE` can approve arbitrary address to spend any amount from the `L1Escrow` contract
medium
[WP-H3] `L1Migrator.sol#migrateETH()` Improper implementation of `L1Migrator` causing `migrateETH()` always reverts, can lead to ETH in `BridgeMinter` getting stuck in the contract
medium
[WP-M4] Unable to use `L2GatewayRouter` to withdraw LPT from L2 to L1, as `L2LPTGateway` does not implement `L2GatewayRouter` expected method
high
Initial pool deposit can be stolen
high
backdoor in `withdrawRedundant`
high
[WP-H24] Wrong design/implementation of permission control allows malicious/compromised Registry or Factory admin to steal funds from users' wallet balances
high
[WP-H27] `IndexTemplate.sol#compensate()` will most certainly fail
high
[WP-H29] `Vault#setController()` owner of the Vault contracts can drain funds from the Vault
high
[WP-H30] A malicious/compromised Registry or Factory admin can drain all the funds from the Vault contracts
high
[WP-H33] `IndexTemplate.sol` Wrong implementation allows lp of the index pool to resume a locked `PayingOut` pool and escape the responsibility for the compensation
high
[WP-H36] Admin of the index pool can `withdrawCredit()` after `applyCover()` to avoid taking loss for the compensation paid for a certain pool
high
[WP-H39] `PoolTemplate.sol#resume()` Wrong implementation of `resume()` will compensate overmuch redeem amount from index pools
medium
[WP-M17] `Vault.sol` Tokens with fee on transfer are not supported
medium
Unbounded iteration over all indexes (2)
high
[WP-H12] `forceUnsponsor()` may open a window for attackers to manipulate the `_totalShares` and freeze users' funds at a certain deposit amount
high
deposit() function is open to reentrancy attacks
high
Vaults with non-UST underlying asset vulnerable to flash loan attack on curve pool
medium
[WP-H0] Late users will take more losses than expected when the underlying contract (`EthAnchor`) suffers investment losses
medium
[WP-H2] `NonUSTStrategy.sol` Improper handling of swap fees allows attacker to steal funds from other users
medium
[WP-M8] `totalUnderlyingMinusSponsored()` may revert on underflow and malfunction the contract
medium
[WP-H9] Centralization Risk: Funds can be frozen when critical key holders lose access to their keys
medium
Vault can't receive deposits if underlying token charges fees on transfer
medium
unsponsor, claimYield and withdraw might fail unexpectadly
high
`TimeswapPair.sol#borrow()` Improper implementation allows attacker to increase `pool.state.z` to a large value
high
`TimeswapConvenience.sol#borrowGivenDebt()` Attacker can increase `state.y` to an extremely large value with a dust amount of `assetOut`
high
Manipulation of the Y State Results in Interest Rate Manipulation
high
[WP-H1] Wrong timing of check allows users to withdraw collateral without paying for the debt
medium
`TimeswapPair.sol#mint()` Malicious user/attacker can mint new liquidity with an extremely small amount of `yIncrease` and malfunction the pair with the maturity
Dec '21
high
A vault can be locked from MarketplaceZap and StakingZap
high
The return value of the _sendForReceiver function is not set, causing the receiver to receive more fees
medium
`NFTXMarketplaceZap.sol#buyAnd***()` should return unused weth/eth back to `msg.sender` instead of `to`
medium
transfer return value is ignored
high
Wrong implementation of `NoYield.sol#emergencyWithdraw()`
high
Wrong returns of `SavingsAccountUtil.depositFromSavingsAccount()` can cause fund loss
high
Aave's share tokens are rebasing breaking current strategy code
high
https://github.com/sublime-finance/sublime-v1/blob/46536a6d25df4264c1b217bd3232af30355dcb95/contracts/PooledCreditLine/LenderPool.sol#L404-L406
medium
`NoYield.sol` Tokens with fee on transfer are not supported
medium
[WP-M10] Lack of access control allow anyone to `withdrawInterest()` for any lender
high
`makePayment()` Lack of access control allows malicious `lender` to retrieve a large portion of the funds earlier, making the borrower suffer fund loss
medium
Anyone can call `closeLoan()` to close the loan
medium
Unsafe implementation of `fundLoan()` allows attacker to steal collateral from an unfunded loan
high
`YearnVault.sol#pull()` will most certainly fail
high
AaveVault does not update TVL on deposit/withdraw
high
Wrong implementation of `performanceFee` can cause users to lose 50% to 100% of their funds
high
`UniV3Vault.sol#collectEarnings()` can be front run
medium
`ChiefTrader.sol` Wrong implementation of `swapExactInput()` and `swapExactOutput()`
Nov '21
high
ts.tokens sometimes calculated incorrectly
high
Wrong calculation of excess depositToken allows stream creator to retrieve `depositTokenFlashloanFeeAmount`, which may cause fund loss to users
high
Improper implementation of `arbitraryCall()` allows protocol gov to steal funds from users' wallets
medium
Storage variable unstreamed can be artificially inflated
medium
LockeERC20 is vulnerable to frontrun attack
high
Timelock can be bypassed
high
`AuctionBurnReserveSkew.getPegDeltaFrequency()` Wrong implementation can result in an improper amount of excess Liquidity Extension balance to be used at the end of an auction
medium
Frontrunning in UniswapHandler calls to UniswapV2Router
medium
`MovingAverage.setSampleMemory()` may broke MovingAverage, making the value of `exchangeRate` in `StabilizerNode.stabilize()` being extremely wrong
medium
theft of system profit
high
`MixinTransfer.sol#transferFrom` Wrong implementation can potentially allows attackers to reverse transfer and cause fund loss to the users
high
Wrong design/implementation of freeTrial allows attacker to steal funds from the protocol
medium
Potential economic attack on UDT grants to the referrer
medium
Malicious user can get infinite free trial by repeatedly refund and repurchase right before the freeTrial ends
medium
Support of different ERC20 tokens
medium
Refund mechanism doesn't take into account that key price can change
high
Early user can break `addLiquidity`
high
Lack of access control allow attacker to `mintFungible()` and `mintSynth()` with other user's wallet balance
high
`mintSynth()` and `burnSynth()` can be front run
high
`Synth` tokens can get over-minted
high
Wrong design/implementation of `addLiquidity()` allows attacker to steal funds from the liquidity pool
high
Wrong design of `swap()` results in unexpected and unfavorable outputs
high
LPs of VaderPoolV2 can manipulate pool reserves to extract funds from the reserve.
medium
Tokens with fee on transfer are not supported
Oct '21
high
`FeePoolV0.sol#distributeMochi()` will unexpectedly flush `treasuryShare`, causing the protocol fee cannot be properly accounted for and collected
high
Anyone can extend withdraw wait period by depositing zero collateral
high
Vault fails to track debt correctly that leads to bad debt
high
`ReferralFeePoolV0.sol#claimRewardAsMochi()` Array out of bound exception
medium
A malicious user can potentially escape liquidation by creating a dust amount position and trigger the liquidation by themself
medium
Unchecked ERC20 transfer calls
medium
Chainlink's `latestRoundData` might return stale or incorrect results
Sep '21
high
`ConcentratedLiquidityPool.burn()` Wrong implementation
high
`ConcentratedLiquidityPoolManager`'s incentives can be stolen
high
`ConcentratedLiquidityPosition.sol#burn()` Wrong implementation allows attackers to steal yield
high
`ConcentratedLiquidityPosition.sol#collect()` Users may get double the amount of yield when they call `collect()` before `burn()`
medium
ConcentratedLiquidityPoolManager.sol#claimReward() and reclaimIncentive() will fail when incentive.token is token0 or token1
medium
Cannot claim reward
high
`HybridPool`'s reserve is converted to "amount" twice
high
Overflow in the `mint` function of `IndexPool` causes LPs' funds to be stolen
high
Index Pool always swap to Zero
high
IndexPool's INIT_POOL_SUPPLY is not fair.
high
`IndexPool.mint` The first liquidity provider is forced to supply assets in the same amount, which may cause a significant amount of fund loss