Payouts
1st Places
2nd Places
3rd Places
All
Sherlock
Code4rena
Cantina
Hats Finance
Jan '25
high
high
high
medium
Dec '24
medium
Oct '24
Jul '24
Jun '24
May '24
medium
Mar '24
high
high
medium
medium
medium
Oct '23
high
Attacker can drain all ETH from AuctionDemo when block.timestamp == auctionEndTime
medium
Auction winner can prevent payments via `safeTransferFrom` callback
medium
Artist signatures can be forged to impersonate the artist behind a collection
medium
Auction payout goes to AuctionDemo contract owner, not the token owner
Sep '23
Aug '23
Jun '23
May '23
Apr '23
Mar '23
Jan '23
Dec '22
Nov '22
high
GiantLP with a transferHookProcessor cant be burned, users' funds will be stuck in the Giant Pool
high
Incorrect accounting in SyndicateRewardsProcessor results in any LP token holder being able to steal other LP tokens holder's ETH from the fees and MEV vault.
high
Possibly reentrancy attacks in `_distributeETHRewardsToUserForToken` function
Oct '22
Sep '22
Aug '22
Jul '22
May '22
Apr '22