Skip to content

Issues: code-423n4/2023-07-moonwell-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

120 Open 287 Closed
120 Open 287 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

getUnderlyingPrice() should return 0 when errored bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#404 opened Jul 31, 2023 by code423n4
6
Avoidable Multiplication Overflow Error could prevent execution of compulsory code executions causing DOS bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b low quality report This report is of especially low quality Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#403 opened Jul 31, 2023 by code423n4
4
Analysis A-01 analysis-advanced grade-b
#402 opened Jul 31, 2023 by code423n4
1
QA Report grade-a Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#399 opened Jul 31, 2023 by code423n4
3
QA Report bug Something isn't working grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#398 opened Jul 31, 2023 by code423n4
1
Owner of TemporalGovernor could revoke ownership without unpausing the contract bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a low quality report This report is of especially low quality Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#394 opened Jul 31, 2023 by code423n4
5
QA Report bug Something isn't working grade-b Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#387 opened Jul 31, 2023 by code423n4
1
QA Report bug Something isn't working grade-b Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#382 opened Jul 31, 2023 by code423n4
2
The vulnerability in the scalePrice function is due to the lack of precision protection during division, potentially resulting in rounding errors and inaccurate scaled prices. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates Q-08 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#377 opened Jul 31, 2023 by code423n4
6
Analysis A-02 analysis-advanced grade-a high quality report This report is of especially high quality sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#362 opened Jul 31, 2023 by code423n4
4
_user IS DECLARED AS A PAYABLE ADDRESS, YET NO FUNCTIONALITY IN THE FUNCTION TO HANDLE ETH TRANSFERS bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a low quality report This report is of especially low quality Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#361 opened Jul 31, 2023 by code423n4
5
Analysis A-03 analysis-advanced grade-a
#359 opened Jul 31, 2023 by code423n4
1
QA Report grade-a Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#349 opened Jul 31, 2023 by code423n4
3
BORROWERS CAN AVOID LIQUIDATIONS, IF ERC777 TOKEN IS CONFIGURED AS AN emissionToken 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue low quality report This report is of especially low quality M-01 satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#343 opened Jul 31, 2023 by code423n4
7
missing check for the max/min price in the chainlinkOracle.sol contract 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden low quality report This report is of especially low quality M-02 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#340 opened Jul 31, 2023 by code423n4
6
QA Report bug Something isn't working grade-b Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#339 opened Jul 31, 2023 by code423n4
2
the getPrice() in ` function did not support mTokens with more than 18 decimals bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-270 grade-a Q-11 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#337 opened Jul 31, 2023 by code423n4
4
Missing a Proposal Canceling Functionality bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a low quality report This report is of especially low quality QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#336 opened Jul 31, 2023 by code423n4
5
QA Report bug Something isn't working grade-a Q-13 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#332 opened Jul 31, 2023 by code423n4
2
Analysis A-04 analysis-advanced grade-a
#330 opened Jul 31, 2023 by code423n4
1
QA Report bug Something isn't working high quality report This report is of especially high quality Q-14 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#328 opened Jul 31, 2023 by code423n4
6
No limit on the number of emission configs per MToken in MultiRewardDistributor bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates Q-15 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#326 opened Jul 31, 2023 by code423n4
8
excuteProposal can fail due to Wormhole guardian change 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-03 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#325 opened Jul 31, 2023 by code423n4
6
ChainlinkPriceOracle direct prices can be out of date bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a low quality report This report is of especially low quality QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#323 opened Jul 31, 2023 by code423n4
5
emissionToken cannot be reused bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#321 opened Jul 31, 2023 by code423n4
6
ProTip! Exclude everything labeled bug with -label:bug.