Payouts
Top 25
Top 50
All
Code4rena
Feb '24
high
Malicious user can stake an amount which causes zero curStakeAtRisk on a loss but equal rewardPoints to a fair user on a win
high
A locked fighter can be transferred; leads to game server unable to commit transactions, and unstoppable fighters
high
Non-transferable `GameItems` can be transferred with `GameItems::safeBatchTransferFrom(...)`
Jan '24
high
When borrowers repay USDS, it is sent to the wrong address, allowing anyone to burn Protocol Owned Liquidity and build bad debt for USDS
high
User can evade `liquidation` by depositing the minimum of tokens and gain time to not be liquidated
high
First Liquidity provider can claim all initial pool rewards
medium
Attacker Can Inflate LP Position Value To Create a Bad Debt Loan
medium
Attacker can take advantage of Chainlink price not occuring within it's 60 minute heartbeat to make PriceAggregator calls fail
medium
Adversary can prevent updating price feed addresses by creating poisonous proposals ending in `_confirm`
medium
If there is only one USDS borrower, he can never be liquidated
high
Attack to make ````CurveSubject```` to be a ````HoneyPot````
high
Unrestricted claiming of fees due to missing balance updates in `FeeSplitter`
medium
If a user sets their curve token symbol as the default one plus the next token counter instance it will render the whole default naming functionality obsolete