Payouts
3rd Places
Top 10
Top 25
All
Code4rena
Mar '23
Jan '23
Nov '22
Oct '22
Sep '22
Aug '22
Jul '22
Jun '22
medium
Order duration can be set to 0 by Malicious maker
medium
`fillOrder()` and `exercise()` may lock Ether sent to the contract, forever
medium
Putty position tokens may be minted to non ERC721 receivers
medium
Use of Solidity version 0.8.13 which has two known issues applicable to PuttyV2
medium
The contract serves as a flashloan pool without fee
medium
`fee` can change without the consent of users
May '22
medium
Owner can modify the feeRate on existing vaults and steal the strike value on exercise
medium
Vaults steal rebasing tokens' rewards
medium
Vault is Not Compatible with Fee Tokens and Vaults with Such Tokens Could Be Exploited
medium
User's may accidentally overpay in `buyOption()` and the excess will be paid to the vault creator
Apr '22