Skip to content

Issues: code-423n4/2024-02-hydradx-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

66 Open 139 Closed
66 Open 139 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Analysis A-01 analysis-advanced edited-by-warden grade-b sufficient quality report This report is of sufficient quality
#205 opened Mar 1, 2024 by c4-bot-2
3
QA Report bug Something isn't working grade-b insufficient quality report This report is not of sufficient quality Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#203 opened Mar 1, 2024 by c4-bot-2
4
QA Report bug Something isn't working edited-by-warden grade-a Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#197 opened Mar 1, 2024 by c4-bot-10
2
QA Report bug Something isn't working grade-b Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#196 opened Mar 1, 2024 by c4-bot-8
2
QA Report bug Something isn't working grade-a Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#181 opened Mar 1, 2024 by c4-bot-2
2
Users can MAKE EMA-Oracle price outdated with direct transfers to StableSwap 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working grade-a M-01 primary issue Highest quality submission among a set of duplicates 🤖_72_group AI based duplicate group recommendation selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#176 opened Mar 1, 2024 by c4-bot-2
13
Ema-oracle will show an arbitrary asset price, even though the asset was completely removed from the omnipool bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_51_group AI based duplicate group recommendation
#169 opened Mar 1, 2024 by c4-bot-10
5
Analysis A-02 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#168 opened Mar 1, 2024 by c4-bot-9
2
Stableswap will calculate pool share price incorrectly if an asset has greater than 18 decimals, impacting ema oracle entries bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-80 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_80_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards
#165 opened Mar 1, 2024 by c4-bot-10
3
PoolFee of StableSwap can be bypassed allowing for a DOS of all swaps bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_14_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#163 opened Mar 1, 2024 by c4-bot-10
8
It is possible that the tokens in the omnipool cannot be removed bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-180 grade-a insufficient quality report This report is not of sufficient quality Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_26_group AI based duplicate group recommendation
#161 opened Mar 1, 2024 by c4-bot-9
4
Malicious liquidity provider can put pool into highly manipulatable state 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) high quality report This report is of especially high quality M-02 primary issue Highest quality submission among a set of duplicates 🤖_17_group AI based duplicate group recommendation selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#154 opened Mar 1, 2024 by c4-bot-10
10
In stableswap, Incorrect d value might be used in various trading and liquidity calculation, resulting in unfair reserve or share amount during trades bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a insufficient quality report This report is not of sufficient quality QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_87_group AI based duplicate group recommendation
#149 opened Feb 29, 2024 by c4-bot-8
4
Donating 1 Unit of Tokens to a New Pool Could Block Users from Adding Liquidity bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue grade-a high quality report This report is of especially high quality primary issue Highest quality submission among a set of duplicates Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_42_group AI based duplicate group recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#148 opened Feb 29, 2024 by c4-bot-7
13
Missing deadline check in few functions bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-139 grade-a Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_63_group AI based duplicate group recommendation
#147 opened Feb 29, 2024 by c4-bot-9
3
Incorrect asset_fee implementation in omnipool's buy methods, causing users always spending more compared to sell methods bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_43_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#145 opened Feb 29, 2024 by c4-bot-9
7
A malicious user can block remove_token function in Omnipool by holding a tiny amount of shares bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-180 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_26_group AI based duplicate group recommendation
#144 opened Feb 29, 2024 by c4-bot-5
3
Analysis A-03 analysis-advanced edited-by-warden grade-a selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#143 opened Feb 29, 2024 by c4-bot-10
6
[H04] Inefficient Liquidity removal form stableswap can lead to losses and MEV opportunities bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a insufficient quality report This report is not of sufficient quality primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_15_group AI based duplicate group recommendation
#142 opened Feb 29, 2024 by c4-bot-9
5
Various trading and liquidity management methods lack stale transaction protection, risks of invalid/outdated slippage protection values bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_102_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#139 opened Feb 29, 2024 by c4-bot-2
8
MinTradingLimit check can be bypassed in do_add_liquidity_shares() bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_23_group AI based duplicate group recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#138 opened Feb 29, 2024 by c4-bot-6
9
Analysis A-04 analysis-advanced grade-b sufficient quality report This report is of sufficient quality
#136 opened Feb 29, 2024 by c4-bot-4
2
QA Report bug Something isn't working grade-a Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#134 opened Feb 29, 2024 by c4-bot-9
2
Analysis A-05 analysis-advanced grade-b insufficient quality report This report is not of sufficient quality
#130 opened Feb 29, 2024 by c4-bot-3
3
QA Report bug Something isn't working edited-by-warden grade-a Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#122 opened Feb 28, 2024 by c4-bot-1
2
ProTip! Mix and match filters to narrow down what you’re looking for.