🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟯𝟰🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Anja | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-01 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 4,967 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: unstake() uses delete on stakes[tokenId_] which doesn't clear nested snapshot mappings, allowing stale…
![Audix_hq's tweet card. hyh high RewardsManager doesn't delete old bucket snapshot info on unstaking Summary RewardsManager's unstake() use delete stakes[tokenId_] to clear old stake state, but snapshot is the nes...](https://pbs.twimg.com/card_img/1990091477574139904/roLR_4B4?format=jpg&name=orig)
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟯𝟯 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Isomorph | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-05 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 2,350 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: Users cannot close or add collateral to Lyra vault positions when prices are stale or circuit breakers…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟯𝟮 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Anja | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-04 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 4,967 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: scaledQuoteTokenAmount uses C * p * (1 - BFP) instead of C * p for quote token constraint cases, causing…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟯𝟭 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Isomorph | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-07 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 2,350 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: The withdrawFromGauge function allows any user to withdraw any NFT from any depositor sharing the same…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟯𝟬 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Isomorph | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-09 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 2,350 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: The deposit receipt contracts check liquidity by attempting to swap a fixed 100 tokens regardless of…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟵 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Anja | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-06 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 4,967 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: Proposal slates can contain duplicate IDs to maximize allocated budget, creating malicious top slates that…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟴 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Anja | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-06 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 4,967 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: Proposal slates can contain duplicate IDs to maximize allocated budget, creating malicious top slates that…
🏆𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟳🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Anja | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-07 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 4,967 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: mergeOrRemoveCollateral() allows removing collateral during active auctions without checking auction…
🏆𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟲 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Anja | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-11 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 4,967 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: Deposit, withdraw, and trade functions lack expiration timestamps and minimum output amounts, allowing…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟱 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Union Finance | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-01 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 1,097 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: _cancelVouchInternal() incorrectly applies voucherIndexes array indices to the unrelated vouchees…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟰 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Carapace | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-04 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 2,646 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: Lending pools transitioning to Expired status bypass Late state handling, either leaving capital…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟬𝟭𝟮𝟯 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Carapace | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-11 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 2,646 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: Burning Goldfinch pool token NFTs causes lockCapital() to permanently revert when ownerOf() is…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟮 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Notional Update | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-01 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 3,571 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: Liquidations permanently fail for certain Curve pools because the reentrancy protection calls…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟬𝟭𝟮𝟭 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Notional | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-06 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 3,571 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: The _getTimeWeightedPrimaryBalance function fails to normalize token decimals when valuing…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟮𝟬 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Olympus Update | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-02 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 2,360 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: The withdraw function skims excess wstETH (from oracle arbitrage) to treasury after liquidity…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟭𝟵 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Tokemak | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-08 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 12,840 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: When a destination vault is at a loss (current debt 95 WETH vs basis 100 WETH), a small rebalancing…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟭𝟴 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Real Wagmi | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-02 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 8,120 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: The takeOverDebt() function lacks a nonReentrant modifier, allowing attackers to reenter during…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟭𝟳 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Blueberry Update | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-13 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 1,108 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: BalancerPairOracle queries pool token balances and BPT total supply without checking Balancer…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟭𝟲 🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Notional Update | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-07 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 2,639 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: The pool manipulation check compares spot prices in secondary/primary format (from StableMath)…
🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁 𝗕𝘂𝗴 𝗗𝗶𝗴𝗲𝘀𝘁 - 𝗣𝗧𝟭𝟭𝟱🏆 𝗖𝗼𝗻𝘁𝗲𝘀𝘁: Napier | @sherlockdefi 𝗙𝗶𝗻𝗱𝗶𝗻𝗴 𝗜𝗗: H-01 𝗗𝘂𝗽: 0 𝗣𝗮𝘆𝗼𝘂𝘁: 1,370 𝗕𝘂𝗴 𝗦𝘂𝗺𝗺𝗮𝗿𝘆: The redeemWithYT() function sends the entire accruedInTarget balance calculated from the full YT holdings…
United States トレンド
- 1. LeBron 75.7K posts
- 2. #DWTS 52.4K posts
- 3. #LakeShow 3,684 posts
- 4. Whitney 15.7K posts
- 5. Keyonte George 1,805 posts
- 6. Reaves 7,737 posts
- 7. Peggy 17.5K posts
- 8. Grayson 6,902 posts
- 9. Celebrini 4,500 posts
- 10. Elaine 17.4K posts
- 11. Orioles 6,771 posts
- 12. Jazz 26.6K posts
- 13. #TheFutureIsTeal 1,481 posts
- 14. Taylor Ward 3,438 posts
- 15. Dylan 24.8K posts
- 16. Tatum 15.7K posts
- 17. #WWENXT 16.7K posts
- 18. Winthrop 2,476 posts
- 19. #Lakers 1,581 posts
- 20. Angels 31.6K posts
Something went wrong.
Something went wrong.