ID | Severity | Status | Title 28 Findings | Location |
---|
C-01 | CRITICAL | FIXED | Tick handling in | VAMM.sol SwapLogic.sol LiquidationLogic.sol |
C-02 | CRITICAL | FIXED | Excess number of maker provisions in a single market may lead to a gas bomb in | LiquidationLogic.sol FutureLogic.sol Future.sol |
C-03 | CRITICAL | FIXED | Multiple unsettled futures lead to gas bomb in | |
C-04 | CRITICAL | FIXED | Current rate manipulation in | SwapLogic.sol |
C-05 | CRITICAL | FIXED | Rounding in | SwapLogic.sol |
M-01 | MAJOR | FIXED | Positions during | MarketLogic.sol |
M-02 | MAJOR | ACKNOWLEDGED | Market may be subject to manipulation by an attacker, given sufficient resources and favorable market conditions at the time | |
M-03 | MAJOR | FIXED | In certain cases, when the current rate falls on the LP interval boundary, LP fee delta may become negative | RatePoint.sol |
M-04 | MAJOR | NO ISSUE | If the market rate is set incorrectly at market initiation, trading in such market will be impossible | VAMM.sol |
M-05 | MAJOR | NO ISSUE | Trading is halted if the floating rate oracle packages do not contain a correct cryptographic signature | BaseFloatIndexOracle.sol |
W-01 | WARNING | FIXED | Validate decimals in | CollateralManager.sol |
W-02 | WARNING | FIXED | No functions to delete maker provisions in | FutureStorage.sol |
W-03 | WARNING | FIXED | Missing | CollateralManager.sol |
W-04 | WARNING | FIXED | Withdraw function can be called by a user without | RouterLogic.sol |
W-05 | WARNING | FIXED | Negative bounds for rate in | VAMM.sol CompoundingRateMath.sol LinearRateMath.sol |
W-06 | WARNING | NO ISSUE | Deposits are allowed when there is no ongoing futures in | Router.sol |
W-07 | WARNING | FIXED |
| Router.sol |
W-08 | WARNING | NO ISSUE |
| Router.sol |
W-09 | WARNING | NO ISSUE |
| VAMM.sol |
W-10 | WARNING | NO ISSUE | Lack of validations on the number of intervals in | VAMM.sol" |
I-01 | INFO | NO ISSUE | Freezing futures parameters during | ViewDataProvider.sol |
I-02 | INFO | FIXED | Prb-math library not audited | |
I-03 | INFO | FIXED | Missing events on initialization of contracts | ContractProvider.sol MarketStorage.sol VAMMStorage.sol |
I-04 | INFO | NO ISSUE | Add all interfaces to interface folders | |
I-05 | INFO | FIXED | Missing validations in | CollateralManager.sol |
I-06 | INFO | FIXED | Redundant initialization in | |
I-07 | INFO | FIXED | Similar events in | Router.sol CollateralManager.sol |
I-08 | INFO | FIXED | Mixing of type names | CollateralManager.sol FutureStorage.sol |
Please select finding