Alchemix V3
Reports by Severity
Critical
#57774 [SC-Critical] Redemption Earmark Mechanism Can Be Permanently Blocked via Single-Block Earmark Calls
#58793 [SC-Critical] Repayment Fee Overpayment from Global Collateral Pool
#57093 [SC-Critical] Potential Locked Funds Due to Partial Redeem Shortfall and miss calculation, lead to user loss their myt token forever.
#58276 [SC-Critical] Uncapped `feeInYield` in `_resolveRepaymentFee` allows for collateral theft from other depositors
#58518 [SC-Critical] Liquidation will steal Repayment Fee from Innocent Users Funds
#57122 [SC-Critical] Mismatch Between Capped Fee and Returned Fee in `_resolveRepaymentFee`
#58531 [SC-Critical] QueryGraph function Zero-Return Bug causing Tracking Earmarking Failure Over Progressive Block Intervals
#58288 [SC-Critical] Incorrect Fee Payment Logic Leads to Underpayment
#58306 [SC-Critical] Repayment Fee Not Adjusted for Insufficient Collateral
#57360 [SC-Critical] Unreconciled repayment fee transfer enables MYT overpayment and TVL inflation
#56435 [SC-Critical] AlchemistV3: repayment‑only liquidation pays liquidator from pool (fee leak) → theft of unclaimed yield
#58688 [SC-Critical] `AlchemistV3::_liquidate` can steal other users’ collateral
#58320 [SC-Critical] Incorrect Fee Return Value in _resolveRepaymentFee Enables Fund Theft Under Extreme Conditions
#58683 [SC-Critical] There is an issue in earmarked debt eeduction in the repay() can causes a permanent fund freeze
#58447 [SC-Critical] Unfair Collateral Loss Through Socialized Redemption Costs
#58573 [SC-Critical] AlchemistV3 Repayment Fee Cross-Account Theft Vulnerability
#58413 [SC-Critical] Attacker/user can prevent Earmark from updating the earnmarkweight causing the transmuter action to repay det gradually to fail for all users
#56732 [SC-Critical] Incorrect boundary condition in queryGraph leads to systematic under-earmarking and transmuter redemption fund loss
#56385 [SC-Critical] Repayment fee can be paid from the pool even when the account has no collateral left
#57590 [SC-Critical] Double-counted Transmuter cover in `redeem()` allows overstated redemptions and potential over-withdraw/over-borrow
#58724 [SC-Critical] Partial Redemption Burns Full Position — Accounting Desynchronization and Potential Underpayment in Transmuter.claimRedemption()
#56794 [SC-Critical] Liquidators can be overpaid due to accounting error
#58507 [SC-Critical] Repayment fee after forceRepay could result in socialized loss during global undercollateralization
#56965 [SC-Critical] AlchemistV3 handling of added Transmuter coverage includes an error that enables an attacker to cause protocol insolvency
#56519 [SC-Critical] Unchecked repayment fee transfer in `_liquidate` pays liquidators from other users’ collateral
#58280 [SC-Critical] Repayment's fee is charged from other users causing the contract to fail when the myt total balance of a user cannot cover the fee
#57053 [SC-Critical] Integer Division Precision Loss in normalizeDebtTokensToUnderlying Leads to Permanent Collateral Locking
#57662 [SC-Critical] portion of users alAsset amount that staked in transmuter can be lost forever when `amount > cumulativeEarmarked`
#58626 [SC-Critical] Repayment Fee Overpayment in Liquidation Repay-Only Path
#58163 [SC-Critical] Total loss of user Funds in claim redemption
#58757 [SC-Critical] Forgotten cover in _earmark() causes systematic over-earmarking and temporary freezing of user collateral
#58125 [SC-Critical] Repayment Fee Overpayment from Pooled Collateral
#58443 [SC-Critical] Incorrect Consumption of Yield Cover in redeem, Leading to Reuse of Accrued Yield
#58772 [SC-Critical] `_resolveRepaymentFee` overpays liquidators when collateral is gone, letting attackers drain MYT
#58323 [SC-Critical] The Alchemist::burn function experiences precision loss, resulting in the avoidance of protocol fees
#57582 [SC-Critical] Calling _earmark one block apart skips the block's earmark value
#58689 [SC-Critical] Incorrect deduction logic in `AlchemistV3::redeem()` may lead to insufficient contract collateral
#56702 [SC-Critical] `claimRedemption` would not return all alAsset that is not get converted to MYT in some case
#58270 [SC-Critical] incorrect handling of debt cover in redeem can affect early liquidation and incorrectly sync accounts
#57916 [SC-Critical] Repay removes earmark, meant to be reducing debt while collateral is still reduced
#56491 [SC-Critical] User Collateral Loss Triggered by setMinimumCollateralization Update
#57617 [SC-Critical] Protocol-paid repayment fee transfer allows draining of protocol MYT (yield)
#57973 [SC-Critical] repay doesnt set lastTransmuterTokenBalance leading to the same balance covering earmark twice
#58301 [SC-Critical] Accounting Issue in Liquidation Logic After Force Repay we charge repayment fee even if collateral balanc cannot account for it
#58036 [SC-Critical] Incorrect Fee Deduction May Drain Collateral Pool When Account Balance Is Insufficient
#57852 [SC-Critical] Old borrowers steal from new borrowers after redemptions are claimed
#57066 [SC-Critical] A malicious actor can keep calling `poke` at every block to prevent collateral earmarking exposing transmuter users to delayed redemptions and loss of funds
#58564 [SC-Critical] Earmarked funds fail to accumulate when _earmark is called in consecutive blocks
#58544 [SC-Critical] it is possible to underflow on `_sync` making positions bricked forever
#56365 [SC-Critical] Liquidation Fee Overdraft Drains Pooled Collateral
#56622 [SC-Critical] Repayment Fee Overpays Liquidators Using Pooled Collateral After _forceRepay
#56740 [SC-Critical] Unbounded Liquidation Fee Allows Theft of Shared Collateral
#57330 [SC-Critical] _resolveRepaymentFee returns initial fee when fee is greater collateral balance
#58338 [SC-Critical] AlchemistV3 Repayment Fee Can Exceed Remaining Collateral Leading to Position Insolvency
#56798 [SC-Critical] Flash-Vote Exploit Drains All Funds via AlchemistAllocator
#58131 [SC-Critical] Rounding Errors in Debt-to-Collateral Conversions Allow Attackers to Drain Protocol Assets
#58101 [SC-Critical] Repayment-only liquidation overpays fee from pooled collateral
#57101 [SC-Critical] Same-block earmark early-exit leaves stale transmuter balance, causing under-earmarking
#58127 [SC-Critical] Users can invoke the poke() function whenever the lastEarmarkDebtBlock is exactly one block behind the current block.number which lead to affecting users earmarked debt
#58399 [SC-Critical] Precision Loss in badDebtRatio Calculation Causes Overpayment and DOS
#57138 [SC-Critical] Protocol subsidizes repayment fees during liquidation
#57441 [SC-Critical] Repay-Only Fee Drain in AlchemistV3
#56555 [SC-Critical] User can avoid Bad Debt ratio scaling when claiming redeem, leading to protocol insolvency
#57587 [SC-Critical] _earmark() reduction of transmuterDifference does not always account for the full transmuter balance diff which can cause permanent earmark to accrue in Alchemist
#58234 [SC-Critical] There is a problem related ot Repayment Fee Overpayment can lead to Protocol Insolvency
#58464 [SC-Critical] Repayment fee paid from protocol funds when user collateral is depleted
#58138 [SC-Critical] Liquidator fees could surpass the user remaining collateral resulting in protocol insolvency
High
#58755 [SC-High] Users position that are synced at certain times overestimate collateralBalance of the position
#56571 [SC-High] Inflated claim payouts from double-counted MYT after liquidation
#57036 [SC-High] Unconditional Debt Reduction Before Protocol Fee Check in Force Repayment
#57041 [SC-High] Deallocation Accounting Mismatch Between Vault and Adapter
#58004 [SC-High] Protocol Insolvency from `cumulativeEarmarked` During `_forceRepay()`
#58526 [SC-High] Missing accounting update in liquidation functions leads to permanent DOS on deposits
#58466 [SC-High] Liquidation Fee Payment Failure Due to Redundant wrong Collateral Check
#58471 [SC-High] Accounting error in `_forceRepay`/`_doLiquidation` overstates TVL, enabling under-scaled redemptions and potential insolvency
#58474 [SC-High] Liquidator will bypass liquidation fees affecting protocol revenue
#56827 [SC-High] Missing Global Earmark Reduction in _forceRepay
#57633 [SC-High] Block-gated _earmark() call in redeem() nullifies prefunded Transmuter cover on the first redemption of each block, leading to collateral overpayment and potential protocol insolvency
#57288 [SC-High] Flawed rounding logic in TokeAutoEth deallocate function causes permanent freezing of funds
#57172 [SC-High] Missing _mytSharesDeposited Decrements in Liquidation Flows Causes Accounting Divergence
#58450 [SC-High] Missing Transmuter Balance Update After Redemption Blocks Future Earmarking and Underfunds Redemptions
#57308 [SC-High] AlchemistV3 does not update `_mytSharesDeposited` when performing liquidation, causing global accounting and liquidation logic mismatch
#56402 [SC-High] `killSwitch` leaves vault assets stranded and blocks withdrawals
#58113 [SC-High] StargateEthPoolStrategy.realAssets return false real assets
#58394 [SC-High] MEV opportunity because no slippage protection in TokeAutoEthStrategy
#57510 [SC-High] Stale Locked Collateral Tracking During Price Appreciation Causes Disproportionate Redemption Losses
#57345 [SC-High] Missing cumulativeEarmarked Decrement in _forceRepay Breaks Earmarking Invariant Leading to Unfair Redemption Burden Distribution
#58547 [SC-High] Mismatched Accounting and Transfer for Capped Fees
#58337 [SC-High] Incorrect Handling of cumulativeEarmarked in _forceRepay leads to inflated survival accumulator.
#57745 [SC-High] Syn fails to update the rawLocked valuation leading to a loss of fund for users with rawlock > 0 when total lock become 0.
#58572 [SC-High] Liquidation of account ``collateral`` doesn't subtract ``_mytSharesDeposited`` which creates bad debt in the system and causes ``insolvency``.
#58409 [SC-High] ## [HIGH] Arithmetic Underflow in `MYTStrategy.sol`'s `deallocate()` Check Prevents Yield Withdrawal
#57954 [SC-High] Lackf of tracking of excess cover in `_earmark` function leads to permanent loss of cover value and stuck user positions.
#57460 [SC-High] Protocol fails to subtract fee from total locked when burning and repaying
#58425 [SC-High] Missing slippage protection when depositing to TokeAuto strategies
#57559 [SC-High] Missing `_mytSharesDeposited` Decrement in Liquidation Paths Enables Theft of Unclaimed Yield and Protocol Insolvency
#58387 [SC-High] Liquidator Fee in the _doliquidation Function Withheld When Collateral Is Exhausted Leading to Seized Fee Trapped in Protocol
#57447 [SC-High] Untracked MYT outflows inflate TVL causing liquidation suppression
#57148 [SC-High] `_mytSharesDeposited` variable is not correctly updated during liquidations, leading to wrong assumptions and incorrect bad debt calculation in the Transmuter.
#58763 [SC-High] Accounting is broken when redeem() is bypassed due to Transmuter balance
#58398 [SC-High] No Slippage Protection on Large Allocation Deposits
#57751 [SC-High] There is a problem related to forced liquidation branch and this creates issue thatk cna drains protocol backing
#56727 [SC-High] Underlying increase in forced repayments leads to insolvency
#56673 [SC-High] Zero-cost fee farming via forced earmarked repayment
#58736 [SC-High] Missing TVL Accounting in _forceRepay and _doLiquidation Leads to Protocol Insolvency
#58274 [SC-High] Liquidation fee logic in `_doLiquidation` strands liquidator rewards when balance is exhausted, freezing funds
#56714 [SC-High] Accounting Invariant Violation in _forceRepay Leads to Protocol Insolvency
#57730 [SC-High] Liquidation Does Not Decrease mytSharesDeposited
#56363 [SC-High] `_mytSharesDeposited` not correctly updated in all cases, leading to incorrect protocol collateralization and reduced liquidation incentives
#56395 [SC-High] Accounting desync in liquidation outflows leads to artificial deposit cap exhaustion and denial-of-Service on recapitalization
#58236 [SC-High] Accounting mismatch: `_forceRepay`/`_doLiquidation` fail to decrement `_mytSharesDeposited`, locking deposit capacity and overstating collateral
#58098 [SC-High] There is a problem from ledger TVL sesync inliquidations cause a under-liquidation and systemic insolvency risk
#56824 [SC-High] Missing update to _mytSharesDeposited during liquidation
#58354 [SC-High] `_forceRepay` does not decrement `_mytSharesDeposited`, causing a temporal blocking of new deposits
#58771 [SC-High] Incorrect Tracking of Total Deposited Yield Tokens (_mytSharesDeposited) in Liquidation and Force Repayment Paths
#56552 [SC-High] Liquidation fee misrouting in AlchemistV3._doLiquidation() leads to theft of unclaimed yield (liquidator fee stranded)
#57530 [SC-High] Stale TVL Accounting in Liquidations Leads to Protocol Insolvency
#57668 [SC-High] Missing collateral tracking update during liquidation leads to inflated total value calculation and delayed under-collateralization protection
#58192 [SC-High] TokeAutoEth Strategy Tokens Locked When AutoPool(router) Enforces maxDeposit Cap
#57129 [SC-High] Missing _mytSharesDeposited Decrement in Liquidation Functions Causes Permanent TVL Inflation
#58358 [SC-High] Mismatched CollateralWeight and rawLocked Causes Incorrect Collateral Removal in Sync
#57941 [SC-High] Incorrect handling of deallocate return val causes any interest gains in a strategy to become unclaimable and permanently locked
#58269 [SC-High] Liquidator Fee Not Paid When Fee Equals Surplus
#56672 [SC-High] Inconsistent MYT share accounting leads to under-liquidation and solvency risk
#57907 [SC-High] Incorrect forced-repayment accounting allows debt forgiveness and frees locked collateral (systemic loss)
#57585 [SC-High] AlchemistV3 does not properly update CDP collateralBalance when redemptions exceed _totalLocked which enables some CDPs to over-withdraw collateral on account of others
#58347 [SC-High] Accounting Drift Due to Missing `_mytSharesDeposited` Decrements During Liquidation
#57930 [SC-High] Allocation tracking underflow in strategy deallocation Leads to protocol insolvency
#56817 [SC-High] ForceRepay doesn't decrement _mytSharesDeposited, inflating TVL
#58112 [SC-High] A malicious user can avoid getting penalized upon a Transmuter redemption by depositing and withdrawing collateral in the Alchemist
#58628 [SC-High] Attackers Can Avoid Redemption Losses By Temporarily Burning and Re-Borrowing The Debt
#57088 [SC-High] Unscaled collateral accounting in redeem lets users withdraw more than intended
#57726 [SC-High] AlchemistV3: MYT TVL accounting drift on liquidation/forceRepay blocks deposits via depositCap (Medium — Smart contract unable to operate due to lack of token funds)
#58396 [SC-High] Total locked is not cleared proportionally to the total debt, this forces the collateral weight to become incorrect and new users transmuter redeem repayment will repay more debt fo...
#57950 [SC-High] Unit Mismatch in _addDebt() Collateralization Check Allows Unbacked Debt Issuance and Protocol Insolvency
#57963 [SC-High] Incorrect _mytSharesDeposited Accounting in liquidate() Allows Theft of User Funds via Corrupted Bad Debt Ratio
#58070 [SC-High] Forced-repay accounting lets borrowers erase debt without paying equivalent assets (protocol deficit / insolvency)
#57632 [SC-High] Inflated TVL in _mytSharesDeposited hides protocol insolvency
#57970 [SC-High] _forceRepay Leaves `cumulativeEarmarked` Stale
#58435 [SC-High] Systemic Accounting Bug Leads to Protocol Insolvency
#57793 [SC-High] `cumulativeEarmarked` variable is not updated in `_forceRepay` function, breaking core internal logic and leading to user funds being stuck.
#57102 [SC-High] TVL Overstatement from _mytSharesDeposited Desync Enables Softened Liquidations & No‑Haircut Over‑Redemptions (Transmuter)
#58086 [SC-High] Mis-accounting of MYT outflows inflates TVL, distorts collateralization, and can DoS deposits/liquidations
#58442 [SC-High] Liquidation Breaks Core Accounting Invariant: Missing cumulativeEarmarked Update in _forceRepay() Causes Permanent State Drift
#57995 [SC-High] Missing Slippage Protection in TokeAutoUSDStrategy Allocation Function Leads to Permanent Value Loss
#56678 [SC-High] Missing Internal MYT Shares Accounting in Liquidation Functions Causes Deposit Blocking and Protocol Insolvency Risk Through Inflated TVL Calculations
#57464 [SC-High] Incorrect accounting in stargate strategy causes protocol insolvency and user liquidations
#58369 [SC-High] Missing _mytSharesDeposited Decrements in _forceRepay/_doLiquidation Leads to Smart Contract Unable to Operate Due to Lack of Token Funds
#57152 [SC-High] Assets Permanently Locked Due to KillSwitch Flag
#58792 [SC-High] the cumulativeEarmark does not decrease in _forceRepay which lead to transfer more collateral from users even when all earmark debt cleared which breaks the alchemix v3 core logic
#58019 [SC-High] Flawed killSwitch Implementation in MYTStrategy Leads to Permanent Loss of Funds
#57860 [SC-High] Incorrect `_mytSharesDeposited` accounting inflates collateral and underreports bad debt, enabling insolvency
#57861 [SC-High] Missing Slippage Protection in Tokemak Autopool Allocation Functions Leads to Direct Theft of User Funds
#58452 [SC-High] MYTStrategy Allocation underflow in deallocate() when allocation + profits exceed old allocation
#57197 [SC-High] Incorrect _totalLocked Reduction
#57604 [SC-High] Nominal accounting mismatch in Moonwell strategies leads to permanent locking of all generated yield
#57212 [SC-High] _totalLocked is not properly decremented in the redeem function causing system insolvency.
#58324 [SC-High] Incorrect Return Value in _deallocate Function Leads to Permanent Fund Locking in MYTStrategy Implementations
#58363 [SC-High] Accounting Corruption in Liquidations Due to Missing Global Counter Update
#57972 [SC-High] liquidation doesn't update _mytSharesDeposited
#58472 [SC-High] Liquidator Base Fee Seized but Not Paid Due to Post‑Deduction Balance Check
#56815 [SC-High] Missing `_mytSharesDeposited` Decrements in Internal Outflows cause TVL Inflation & Deposit DoS
#56359 [SC-High] Permanent Deposit Freeze After _forceRepay() Misaccounts Freed Shares
#58615 [SC-High] _mytSharesDeposited didn't get updated after _forceRepay && _doLiquidation called
#58275 [SC-High] account.rawLocked not clear even when debt is clear
#57725 [SC-High] # `AlchemistV::liquidate` is not updating the `_mytSharesDeposited` which makes it inflated and can cause deposits DoS and liquidations malfunction that may cause protocol insolvency.
#58794 [SC-High] Hardcoded 0 amount as the minSharesOut to depositMax(...) function call does not provide slippage protection
#57506 [SC-High] force repay don't update cumulativeEarmarked variable
#56936 [SC-High] Missing `_mytSharesDeposited` decrements on repay/liquidation → TVL drift, false over‑collateralization, and deposit‑cap DoS
#56389 [SC-High] `_mytSharesDeposited` is not updated on liquidation outflows which could lead to solvency illusion and misreported global ratios
#58519 [SC-High] Double Counting of Collateral Due to `_mytSharesDeposited` not being updated during liquidations
#57760 [SC-High] MytStrategy._allocate/_deallocate doesnt account for profit and loss
#56776 [SC-High] TVL Manipulation via Missing _mytSharesDeposited Decrement in Liquidations
#57553 [SC-High] _mytSharesDeposited is not updated in liquidations which breaks bad debt ratio/alchemistCR calculations and causes failures in bad debt handling and liquidation handling
#58067 [SC-High] Asymmetric deallocation in TokeAutoEthStrategy leads to permanent WETH funds stuck in strategy
#58754 [SC-High] Missing `_mytSharesDeposited` decrements in `AlchemistV3` `_forceRepay`/`_doLiquidation`
#58177 [SC-High] Transmuter::claimRedemption cant update _mytSharesDeposited leading to permanent underlying value state inside Alchemist
#57787 [SC-High] asset can be transferred to strategies even when the killSwitch enabled without posibility to use this funds for allocation
#57189 [SC-High] AlchemistCurator contract not implement setForceDeallocatePenalty
#56845 [SC-High] The deposit will be reverted because `_mytSharesDeposited` references an outdated value
#57918 [SC-High] Incorrect `totalLocked` Collateral Accounting in AlchemistV3
#58658 [SC-High] cumulativeEarmarked not updated
#56809 [SC-High] Vulnerable redemption survival ratio in _sync allows theft of alTokens
#56442 [SC-High] Inflated `_totalLocked` because vault yield accrual would skew `_collateralWeight` calculation
#58035 [SC-High] killSwitch early-return in strategy causes vault-to-adapter asset leakage, mis-accounting, and deallocation DOS
#56956 [SC-High] Lack of slippage control in Tokemak strategies can make MYT suffer losses on allocation
#58010 [SC-High] Slippage tolerance not enforced in TokeAutoUSDStrategy
#56560 [SC-High] Liquidation base fee transfer is gated by a condition that’s usually false
#57883 [SC-High] _mytSharesDeposited Updates in Liquidation Functions Leads to Critical TVL Inflation
#58129 [SC-High] Missing _mytSharesDeposited Update in _forceRepay() Causes Accounting Inconsistency which can DOS deposit and Liquidation
#57544 [SC-High] `_mytSharesDeposited` is not reduced upon fee transfers to protocol
#58116 [SC-High] TVL Accounting Mismatch Leading to Protocol Insolvency
#58260 [SC-High] Inconsistent collateral accounting where Force-Repay/Liquidation transfer out MYT without adjusting TVL
#57740 [SC-High] EulerETH strategy will have WETH locked in the strategy contract
#58215 [SC-High] Funds Can Become Permanently Stuck in Adapter When Kill Switch is Enabled
#58346 [SC-High] _forceRepay() fails to decrement cumulativeEarmarked, breaking earmark invariant and skewing redemptions
#58196 [SC-High] AaveV3ARBUSDCStrategy strategy will have its reward stuck in Aave USDC
#57369 [SC-High] Deallocation may revert due to an underflow
#56516 [SC-High] allocate assets in killSwitch mode can lead to assets stuck on contract
#57825 [SC-High] Forced repay cover enables double-counted debt reduction in redeem
#56923 [SC-High] Missing cumulativeEarmarked Update in _forceRepay Causes Incorrect Debt Accounting in AlchemistV3
#57678 [SC-High] Liquidation fee is deducted from user but not paid to liquidator
#58150 [SC-High] Missing Slippage Protection in `TokeAutoUSDStrategy::_allocate` Leads to Direct Theft of User Funds via MEV Sandwich Attacks
#58266 [SC-High] Partial liquidation strands base fee due to post-seizure balance check
#58782 [SC-High] Rewards earned by EulerARBUSDCStrategy will not be withdrawable from Euler pool on Arbitrum
#57692 [SC-High] AlchemistV3 Liquidation Fee Loss Vulnerability
#58524 [SC-High] When liquidating, there are cases where the Fee is not paid to the liquidator.
#56757 [SC-High] Incorrect leftover-collateral check blocks liquidator fee payment leading broken incentives & delayed deleveraging
#58742 [SC-High] Liquidators will not earn fees in some cases
#58759 [SC-High] Yield Stuck in Adapter Contracts Forever
#58781 [SC-High] _totalLocked Accounting Mismatch Leading to Token Balance Deficit in AlchemistV3
#58780 [SC-High] WETH Yield will be locked on AaveWETH pool on Arbitrum
#57680 [SC-High] PeapodsETHStrategy unable to withdraw yield from price share increase
#57476 [SC-High] _forceRepay() fails to decrement global cumulativeEarmarked
#58522 [SC-High] Earmark consumes excess cover, inflating cumulativeEarmarked
#56975 [SC-High] Liquidation Fee Trapping in AlchemistV3
#58383 [SC-High] Due to `cumulativeEarmarked` not being updated in `Alchemix::_forceRepay` user funds are locked longer due to slower debt decay and Calculation of System Collaterization Rate is Inc...
#58769 [SC-High] `_forceRepay` fails to decrement global `cumulativeEarmarked`, causing redemption accounting desynchronization and potential protocol-wide redemption halt
#58799 [SC-High] `_forceRepay` does not reduce `cumulativeEarmarked` which leads to wrong accounting: users debts are incorrectly higher which can cause wrongful liquidations
#57704 [SC-High] Missing Global State Update in _forceRepay Leads to Permanent Freezing of Unclaimed Yield
#57023 [SC-High] Global earmark not reduced in _forceRepay lets redeem() over-burn global debt (cross-account leakage, protocol insolvency)
#58635 [SC-High] ``cumulativeEarmarked`` is not subtracted in ``_forceRepay()``.
#57532 [SC-High] Assets are not accounted for when the contract is in killSwitch mode
#57849 [SC-High] Funds gets stuck even when killswitch is enabled
#58723 [SC-High] `cumulativeEarmarked` is not updated at `_forceRepay`
#58534 [SC-High] Zero Slippage Protection in Toke strategies Allocation
#58702 [SC-High] No slippage provided in Auto strategy implementation will open room for MEV attacks
#56902 [SC-High] Strategy Adapter `AaveV3OPUSDCStrategy` would not work well with aToken rebasing mechanism
#58287 [SC-High] _mytSharesDeposited is not updated on some token transfer
#58768 [SC-High] `_mytSharesDeposited is not updated during liquidations, breaking core accounting
#56791 [SC-High] Missing `_mytSharesDeposited` Decrements in Token Transfers
#58207 [SC-High] AlchemistV3 _mytSharesDeposited Not Reduced When Repaid Collateral Sent to Transmuter
#57378 [SC-High] Impossible to withdraw yield from strategies
#58530 [SC-High] Protocol insolvency via stale `_totalLocked`: zeroed `_totalLocked` prevents `_collateralWeight` update in `redeem()` leading to missed collateral haircut
#58061 [SC-High] Incorrect collateral and fee Check in _doLiquidation Allows Liquidator to loose fee.
#57196 [SC-High] Artificially inflated `_mytSharesDeposited` in `AlchemixV3.sol` deflates bad debt ratio in `Transmuter.sol`
#58502 [SC-High] Deposit cap denial of service due to stale _mytSharesDeposited during liquidation
#58491 [SC-High] _mytSharesDeposited Not Reduced on Liquidation, leading to Deposit Cap Bypass and potential insovency
#56628 [SC-High] `_liquidate` does not update `_mytSharesDeposited` that is reduced by fees
#58395 [SC-High] Repayment fee exit leaves `_mytSharesDeposited` inflated, hiding protocol insolvency
#57533 [SC-High] Inaccurate TVL Calculation Prevents Liquidations, Leading to Protocol Insolvency Risk
#58606 [SC-High] Missing collateral accounting in liquidation leads to inflated bad debt calculations
#56545 [SC-High] Force Repayment Leaves Stale Global Earmarks, Freezing Transmuter Redemptions
#56719 [SC-High] The function _forcerepay reduces debt before clamp, creating unbacked loan forgiveness and protocol insolvency
#57977 [SC-High] Inconsistent rawLocked State of a user after subdebt Leads to Irrecoverable User Collateral Loss
Medium
#56751 [SC-Medium] StargateEthPoolStrategy deallocate function redeem less weth than expected
#56692 [SC-Medium] `ZeroXSwapVerifier` verification will always revert due to wrong hardcoded execution function selectors
#57096 [SC-Medium] The implementation of TokeAutoEth::_allocate is incorrect
#56839 [SC-Medium] Moonwell Strategies Fail to Check Compound Error Codes Causing Silent Allocation Failures
#57311 [SC-Medium] Moonwell allocation and deallocation can fail silently, causing incorrect state updates and loss of yield
#57331 [SC-Medium] Conditional ETH Wrapping Logic Causes Withdrawal DoS in MoonwellWETH and StargateETH Strategies
#58741 [SC-Medium] Action function signatures to 0x Settler are wrong
#58231 [SC-Medium] Attacker can stop protocol from allocating assets to the AutoETH vaults
#57167 [SC-Medium] Missing `claim` Function in Euler and Morpho strategies Leads to Loss of Yield Rewards
#58273 [SC-Medium] Incorrect Hardcoded 0x Settler Function Selectors
#56859 [SC-Medium] LP/underlying mismatch in `StargateEthPoolStrategy::_deallocate` causes withdrawal DoS
#58336 [SC-Medium] Additive Update to Survival Accumulator Causing Overflow
#58707 [SC-Medium] Moonwell strategy _allocate() does not revert when mint fails which can result in a sudden drop in Myt share price and consequently sever under-collateralization
#56873 [SC-Medium] Incorrect ETH Wrapping Condition in MoonwellWETHStrategy._deallocate() Leads to Temporary Freezing of Funds
#56522 [SC-Medium] `TokeAutoUSDStrategy::_allocate()` and `TokeAutoEthStrategy::_allocate()` may suffer a denial-of-service (DoS) due to token amount mismatch in `AutopilotRouter::depositMax()`
#58456 [SC-Medium] Account Can Enter Unliquidatable State with Residual Debt
#58645 [SC-Medium] Incorrect WETH Wrapping Amount in `MoonwellWETHStrategy._deallocate()` Wraps `ethRedeemed` Instead of `amount`
#57957 [SC-Medium] Loss of EulerETH vault yields for Euler WETH Strategy
#57788 [SC-Medium] Missing `_claimRewards()` Implementation in AaveV3ARBUSDCStrategy Leads to Permanent Loss of Aave Incentive Rewards
#58203 [SC-Medium] Moonwell Strategies Silent Failure Due to Unchecked mint() and redeemUnderlying() Return Values
#56855 [SC-Medium] Liquidations Fail With Arithmetic Underflow When Forced Repayment Exhausts Collateral
#58093 [SC-Medium] MORPHO reward in `MorphoYearnOGWETH` will be lost or stuck
#58006 [SC-Medium] `MoonwellUSDCStrategy._allocate` ignores Compound-style mint failures and corrupts vault accounting
#58773 [SC-Medium] In Stargate Incorrect Allocation Cap Accounting Leading to Unnecessary DoS
#58449 [SC-Medium] TokeAutoEth Strategy Balance-Approval Mismatch DOS
#57867 [SC-Medium] ZeroXSwapVerifier erroneously rejects Uniswap v3 swaps due to an an incorrect selector
#58605 [SC-Medium] Missing _claimRewards in AaveV3ARBUSDCStrategy leads to permanent freezing of accrued Aave incentives
#57752 [SC-Medium] Aave and Euler incentives for MYT will be lost due to unimplemented `_claimRewards` function
#58081 [SC-Medium] Missing check in function `AlchemistV3::setMinimumCollateralization` could lead to set `minimumCollateralization > globalMinimumCollateralization`.
#58291 [SC-Medium] Unlike setters collateralization functions, AlchemistV3::initialize doesnt enforce collateralization invariants allowing to break them
#58168 [SC-Medium] Safe Position Liquidation Vulnerability in AlchemistV3 When minimumCollateralization Equals collateralizationLowerBound
#58616 [SC-Medium] Liquidation can revert due to 0 amount fee withdraw
#56800 [SC-Medium] Minimum collateral change lets liquidators seize compliant accounts
#57335 [SC-Medium] Zero min-out ERC-4626 deposits cause under-mint and permanent allocation loss
#58728 [SC-Medium] When the strategy is at a loss, the assets cannot be withdrawn
#57511 [SC-Medium] Protocol could atleast be taking a part of the protocol fee
#58611 [SC-Medium] Double-counting of earmarked debt repayments as cover leads to user funds being stuck and protocol insolvency.
#58515 [SC-Medium] A liquidated position can end the liquidation process still below `collateralizationLowerBound`, allowing for double liquidation of positions.
#57272 [SC-Medium] Silent Failures on Moonwell Deposit are not catched by strategy
#58787 [SC-Medium] When allocation amount is greater than the maxDeposit of TokeAutoETh.sol, the remaining is stuck in TokeAutoEth.sol
#58087 [SC-Medium] MoonwellUSDCStrategy ignores redeemUnderlying error codes → temporary freezing of funds (withdrawals revert)
#58730 [SC-Medium] An attacker can prevent any TokenAuto strategy allocation by making a donation to the vault of as little as 1 wei of underlying token
#58181 [SC-Medium] A griefer can cause a permanent DoS in TokeAutoETH/TokeAutoUSDCStrategy::allocate.
#56775 [SC-Medium] Permanent freezing of funds from precision/dust + strict deallocation check
#58209 [SC-Medium] Lack of Slippage Protection in Transmuter.claimRedemption and AlchemistV3.withdraw Leads to User Yield Losses
#56878 [SC-Medium] The permissionedCalls check can be bypass
#57017 [SC-Medium] `AaveV3ARBWETHStrategy`cant claim AAVE incentive
#57770 [SC-Medium] Admin Can Bypass `permissionedCalls` Protection Using Multicall
#58751 [SC-Medium] `setMinimumCollateralization` allows for increasing the current `minimumCollateralization` , instantly exposing users to risk of liquidation
#58185 [SC-Medium] Incorrect _survivalAccumulator accounting logic after _earmarkWeight reaches 128 breaks core system invariants and can lead to protocol insolvency
#56706 [SC-Medium] StargateEthPoolStrategy Incomplete ETH Wrapping Causes Withdrawal DoS
#57526 [SC-Medium] `StargateEthPoolStrategy` rounding mismatch freezes `VaultV2` allocations
#57565 [SC-Medium] The amount of dust will be permanently locked in `StargateEthPoolStrategy`
#58022 [SC-Medium] Accounting Mismatch and Fund Stuck Due to Dust ETH on StargateEthPoolStrategy
#58427 [SC-Medium] `StargateEthPoolStrategy::_allocate()` and `_deallocate()` Inconsistent Dust Handling Causes ETH to be Permanently Locked in Strategy Contract
#58105 [SC-Medium] ZeroXSwapVerifier decodes execute payload with wrong ABI (bytes vs bytes[]) → temporary freezing of funds
#57183 [SC-Medium] Missing Incentive Rewards Claiming in Multiple Strategy Contracts
#57812 [SC-Medium] No function to claim Aave Incentives
#58239 [SC-Medium] Missing Aave incentives rewards claiming mechanism leads to permanent loss of protocol royalties
#58130 [SC-Medium] Asymmetric Validation in Collateralization Setters Allows Protocol Misconfiguration Breaking All Borrowing
#58080 [SC-Medium] Aave V3 strategies fail to claim OP/ARB liquidity mining rewards, causing permanent loss of yield
#56927 [SC-Medium] setMinimumCollateralization function also needs a another check
#56982 [SC-Medium] Incorrect function selectors used in ZeroXSwapVerifier
#58722 [SC-Medium] TokenAuto strategy allocation uses maxDeposit which may allocate less than requested, leaving any excess funds permanently locked
#58115 [SC-Medium] Incorrect WETH deposit amount prevents deposited ETH through `receive` function to cover strategy loss.
#58639 [SC-Medium] ``Off by One`` issue in the ``_forceRepay()`` function causes protocol to lose funds in the form of ``protocol fee``.
#58403 [SC-Medium] Missing Checks for Transaction Return Values in Moonwell Strategies
#57227 [SC-Medium] Unchecked Return Codes in MoonwellUSDCStrategy Leading to Stuck Funds
#56960 [SC-Medium] Missing Slippage Protection During Redemption Execution, lead to loss of token for user.
#58492 [SC-Medium] Unbounded Deposit Exposure in TokeAutoEthStrategy::_allocate()
#58313 [SC-Medium] Incorrect allocation accounting and dust handling in `StargateEthPoolStrategy` causes systematic loss, cap mis-accounting, and deallocation reverts
#57646 [SC-Medium] ABI Signature Mismatch in ZeroXSwapVerifier Causes Complete Failure to Verify Legitimate 0x Settler Transactions
#57483 [SC-Medium] Fees could be skipped when there is not enough collateral
#57771 [SC-Medium] Fee not collected in _forceRepay when should
#58718 [SC-Medium] In _forceRepay Protocol Fee Collection Leads to Theft of Unclaimed Yield
#56846 [SC-Medium] Liquidation will return because of insufficient funds
#56737 [SC-Medium] The return value of mint is not checked
#58334 [SC-Medium] Incorrect Function Selectors
#58033 [SC-Medium] Unimplemented `_claimRewards()` Function Results in Permanent Freezing of Aave Incentive Rewards
#57545 [SC-Medium] Stargate ETH Strategy Rounding Bug
Low
#57964 [SC-Low] Improper validation of absoluteCap and relativeCap enables excessive fund allocation in AlchemistAllocator.
#56893 [SC-Low] Pending admin cannot accept ownership in AlchemistCurator
#58642 [SC-Low] Cap Bypass in `AlchemistAllocator.deallocate()` Allows Over-Deallocation Beyond Computed Limits
#58051 [SC-Low] Incorrect Access Control in acceptAdminOwnership()
#58666 [SC-Low] Recipient/owner not enforced in action verifiers enables theft of swap proceeds
#56383 [SC-Low] The `AlchemistCurator::acceptAdminOwnership` can't be called by the pending admin and if the function is called without pending admin the admin rigths will be lost
#57546 [SC-Low] `MoonwellUSDCStrategy` fail to claim its reward from Moonwell Comptroller
#57473 [SC-Low] Inverted Comparison Operator Allows Operators Admin-Level Allocation Privileges
#56947 [SC-Low] Flawed Access Control in AlchemistCurator Admin Transfer Pattern Leads to Risk of Permanent Loss of Control
#57862 [SC-Low] Incorrect `balanceBefore` reading order in `MorphoYearnOGWETHStrategy::_deallocate` function leads to wrong event emission
#57983 [SC-Low] Direct Asset Drain via `ZeroXSwapVerifier` Bypass and `MYTStrategy` Unlimited `Permit2` Approvals
#58512 [SC-Low] MYTStrategy `isValidSignature` is implemented wrong and will not work
#56517 [SC-Low] ZeroXSwapVerifier validates struct but executes external actions, enabling direct fund theft
#58462 [SC-Low] Incorrect post-withdraw balance measurement causes false loss reporting and mis-accounting in `MorphoYearnOGWETHStrategy._deallocate`
#58424 [SC-Low] MorphoYearnOGWETH Strategy - Balance Check Order Bug
#58672 [SC-Low] Incorrect Balance Check Sequence
#56633 [SC-Low] Access Control Flaw in acceptAdminOwnership() Prevents Secure Admin Transfer Leading to Potential Permanent Loss of Curator Control
#58190 [SC-Low] Operator Has No Allocation Restrictions in [`AlchemistAllocator`](https://github.com/alchemix-finance/v3-poc/blob/a192ab313c81ba3ab621d9ca1ee000110fbdd1e9/src/AlchemistAllocator.sol#...
#58310 [SC-Low] Strategy `FluidARBUSDCStrategy` cant claim fluid token reward
#56882 [SC-Low] Missing Cap Enforcement in AlchemistAllocator Allows Operators to Bypass Risk Controls
#58120 [SC-Low] Incorrect balance measurement in MorphoYearnOGWETH strategy leads to incorrect deallocation loss registering
#58590 [SC-Low] Incorrect balance-read ordering in MorphoYearnOGWETHStrategy._deallocate
#58579 [SC-Low] Inconsistent Admin Management Implementation in AlchemistCurator.sol
#58749 [SC-Low] Incorrect balance snapshot
#58078 [SC-Low] Access Control Bypass in ZeroXSwapVerifier - Missing Owner Validation
#57625 [SC-Low] Incorrect Cover Accounting in _earmark Leads to Earmarking Failure and Value Leakage
#58400 [SC-Low] Alchemist allocator does not actually enforce caps
#58607 [SC-Low] Incorrect access control in admin ownership transfer allows only current admin to accept ownership instead of pending admin
#57599 [SC-Low] Protocol wrongly withdraws before checking balance of withdraw
#57079 [SC-Low] [H-1] MorphoYearnOGWETH Strategy: Incorrect Balance Measurement Order in _deallocate() Causes DoS on Withdrawals with Any Loss
#57514 [SC-Low] Calldata verification bypass in 0x preflight logic enables arbitrary from/recipient manipulation and direct fund theft
#58648 [SC-Low] Incorrect wethBalanceBefore read causes broken loss detection in deallocation
#57534 [SC-Low] Small debt positions cannot be liquidated due to zero amount checks on token vaults
#58345 [SC-Low] Operators in `AlchemistAllocator.sol` can allocate higher than DAO defined limits
#57621 [SC-Low] Improper reward claiming in TokeAutoEthStrategy sends TOKE tokens to wrong address causing permanent freezing of unclaimed yield
#58709 [SC-Low] Naive 0x fill parsing lets attackers spoof token and amount checks
#58362 [SC-Low] Users will lose TokeMak rewards earned in TokeAutoEthStrategy
#57127 [SC-Low] Pending admin should call the function instead of admin
#58480 [SC-Low] Missing recipient and token binding in verifySwapCalldata leads to unauthorized fund transfers
#58516 [SC-Low] Inverted Min/Max Logic in AlchemistAllocator Operator Cap Calculation
#58604 [SC-Low] Verification bypass in `_verifyExecuteMetaTxnCalldata` enables arbitrary 0x actions to pass checks and execute in the `ZeroXSwapVerifier.sol` contract
#56343 [SC-Low] MorphoYearnOGWETH _deallocate function always emits StrategyDeallocationLoss due to flawed balance measurement
#58497 [SC-Low] The amount of WETH redeemed is not calculated properly in MorphoYearnOGWETH
#58329 [SC-Low] Incorrect Balance Measurement in `MorphoYearnOGWETH._deallocate()` Leads to Temporary Freezing of Funds via Spurious Loss Events
#58778 [SC-Low] ZeroXSwapVerifier implements incorrect data extraction logic enabling verification bypass in future strategy integrations
#58348 [SC-Low] ZeroXSwapVerifier accepts malicious 0x calldata (recipient not bound, minOut ignored, transferFrom misused) -> attacker can route strategy/vault funds to self (Direct theft)
#58416 [SC-Low] Unclaimed Extra Rewards in Tokemak Integration Lead to Permanent Freezing of Yield
#58422 [SC-Low] MorphoYearn OG WETH strategy always emits deallocation-loss event due to zero delta calculation
#57746 [SC-Low] Broken contract ownership logic at AlchemistV3.sol
#58143 [SC-Low] Unused Cap Enforcement Variables (adjusted)
#56836 [SC-Low] Ownership Transfer Failure in `AlchemistCurator` Prevents Future DAO Governance or Recovery
#57975 [SC-Low] Broken admin rotation in acceptAdminOwnership() causes permanent governance lockout
#56625 [SC-Low] Broken ownership transfer logic in AlchemistCurator permanently freezes contract operations
#57989 [SC-Low] Broken isValidSignature leads to fund freezing
#58088 [SC-Low] Inadequate enforcement of global cap enables cumulative over‑allocation
#58089 [SC-Low] Arithmetic underflow revert in `_deallocate`
#57837 [SC-Low] `MoonwellWETHStrategy` cant claim reward from Moonwell Comptroller
#58002 [SC-Low] Missing submitRemoveStrategy Function
#58149 [SC-Low] MorphoYearnOGWETH incorrectly reports loss and triggers StrategyDeallocationLoss event
#57169 [SC-Low] ZeroXSwapVerifier Policy Bypass via RFQ fillData Prefix (Token & Amount Spoof)
#58636 [SC-Low] Broken Two-Step Admin Transfer Prevents Legitimate Admin Succession in AlchemistCurator
#58189 [SC-Low] Two-step mechanism to transfer ownership is broken due to incorrect access control
#58259 [SC-Low] Broken operator logic inside AlchemistCurator
#58386 [SC-Low] Rewards claimed during deallocation remain stranded on strategy and unaccounted
#57665 [SC-Low] Incorrect Balance Measurement in `_deallocate` function of `MorphoYearnOGWETHStrategy`
#57697 [SC-Low] Missing Recipient & `from` Checks in ZeroXSwapVerifier Enable Direct Asset Theft
#57866 [SC-Low] Failure to verify the recipient's address can result in the theft of purchased tokens
#58578 [SC-Low] ZeroXSwapVerifier allows attackers to drain strategy tokens via crafted calldata
#58575 [SC-Low] Operator Limit Bypass
#58506 [SC-Low] Adjusted Cap Limits Are Never Enforced
#58797 [SC-Low] The `TokeAuto` strategies implementation does not accurately report the actual assets held by the strategy
#58796 [SC-Low] Incorrect balance snapshot in _deallocate() causes wethRedeemed always = 0
#57749 [SC-Low] ZeroXSwapVerifier misses critical sender/recipient/minOut validations, allowing malicious 0x calldata to drain funds (Critical — Direct theft)
#57090 [SC-Low] Ownership Transfer Failure in `AlchemistCurator` Prevents Future DAO Governance or Recovery
#56583 [SC-Low] Wrong 2 step transferAdminOwnerShip logic and insufficient checks in AlchemistCurator.sol leads to permanent admin ownership loss
#58257 [SC-Low] In TokeAutoETH deallocate can be DOSed if the vault incuring losses
#56830 [SC-Low] Broken admin Ownership transfer Logic, acceptAdminOwnership() requires current admin instead of pending Admin, Blocking Role Claim.
#58513 [SC-Low] Broken Access Control in AlchemistCurator.acceptAdminOwnership() Prevents Admin Transfer
#56911 [SC-Low] Incorrectly implemented two-step admin ownership transfer mechanism prevents new admin to accept role
#57328 [SC-Low] Once `tokeLockDuration` is the opposite of zero in `TokeAutoEthStrategy`, accumulated rewards in `accToke` can be stuck
#57316 [SC-Low] Allocation Cap Enforcement Missing & DeadCode
#56582 [SC-Low] AlchemistCurator::removeStrategy is unable to remove strategies from vaults due to wrong logic implementation
#56832 [SC-Low] AlchemistCurator contract doesn't allow to remove strategies from the MYT morpho V2 vault.
#57806 [SC-Low] Staking Graph argument bounds are incorrectly defined
#58393 [SC-Low] Wrong order in balance querying instructions in MorphoYearnOGWETHStrategy::_deallocate function leads to always emit StrategyDeallocationLoss event
#58352 [SC-Low] Assets Become Permanently Stuck in TokeAutoEth Strategy Due to Strict Balance Check
#58542 [SC-Low] [Low] Logic Error in MorphoYearnOGWETHStrategy._deallocate(): `wethRedeemed` Always Zero → All Deallocations Emit `StrategyDeallocationLoss`
#58357 [SC-Low] Permanent Freezing of TokeAutoEth strategy rewards in MYT Vault
#57057 [SC-Low] Wrong order of balance checks in MorphoYearnOGWETHStrategy
#57251 [SC-Low] Curator Cannot Remove Adapter Due to Timelock Requirement
#56887 [SC-Low] Incorrect balance tracking in MorphoYearnOGWETHStrategy _deallocate function leads to wrong loss event emission(Resend))
#56324 [SC-Low] Missing ```from==owner ```check in transferFrom verifier → direct theft of user funds
#58743 [SC-Low] ZeroXSwapVerifier Recipient Validation Bypass
#57114 [SC-Low] Inherited `setAdmin` function allows to bypass two-step admin ownership transfer mechanism
#58198 [SC-Low] Broken Two-Step Admin Transfer Pattern
#56418 [SC-Low] Two step owner transfer is broken and can lead to unforseen damages
#57622 [SC-Low] Lack of claimed reward handling in MYT strategies will keep all external token rewards stuck forever
#56465 [SC-Low] `getTotalDeposited` doesn't reflect the correct total deposited
#57439 [SC-Low] Incorrect `badDebtRatio` rounding in `Transmuter::claimRedemption()` may cause funds to become permanently stuck
#58210 [SC-Low] Incorrect balance measurement in deallocation disables loss detection in MorphoYearnOGWETH.
#58423 [SC-Low] Pending Admin Cannot Accept Ownership Transfer in `AlchemistCurator`
#58249 [SC-Low] Broken Two-Step Admin Handover in AlchemistCurator
#57394 [SC-Low] `acceptAdminOwnership()` only allows the current admin to finalise transfers
#58124 [SC-Low] Direct Theft of Funds via Malicious actions[] in execute() Call Due to Incorrect Calldata Verification
#58627 [SC-Low] Incorrect delta calculation in _deallocate() causes wethRedeemed to always be zero.
#56498 [SC-Low] Reserve Drainage Due to Incorrect Balance Measurement
#58322 [SC-Low] Incorrect Emit Due to Wrong Ordering of wethBalanceBefore Calculation
#58360 [SC-Low] Round-down calculation in `convertToShares()` leads to deallocation failure in TokeAutoEth strategy
#58408 [SC-Low] Underflow account.rawLocked on _subDebt due to rounding inconsistency
#58410 [SC-Low] Tokemak Strategy Deallocation Causes TOKE Token Lockup
#58419 [SC-Low] AlchemistCurator two-step ownership transfer mis-implemented
#58469 [SC-Low] Pending Admin Cannot Accept Ownership
#56689 [SC-Low] Reward token TOKE is stuck in MYT
#58555 [SC-Low] `AlchemistCurator` 2-step ownership transfer is implemented incorrectly
#58428 [SC-Low] TOKE reward loss when calling deallocate
#58376 [SC-Low] claimRewards() function permanently locks earned Toke reward token on Morpho VaultV2
#58527 [SC-Low] Complete loss of all reward value on TokeAutoEthStrategy _claimRewards
#56451 [SC-Low] `AlchemistAllocator::allocate()` and `deallocate()` do not enforce cap checks as intended
#57644 [SC-Low] Unenforced cap logic in AlchemistAllocator allows not controlled allocations
#58325 [SC-Low] Operator Can Shift vault Funds to Risky Strategies Without Oversight, leading to potential loss of user funds.
#58714 [SC-Low] Pending Admin cannot accept Ownership in `AlchemistCurator.sol`
#58734 [SC-Low] Broken strategy realAssets calculation
#56983 [SC-Low] Tokemak rewards sent to MYT vault contract (not strategy) -> rewards stranded
#58056 [SC-Low] The Auto ETH and USDC staking rewards will stuck in vault
#57067 [SC-Low] Overstated Per-Account Locked Collateral Due to Global Clamp in _subDebt
#56332 [SC-Low] Pending Admin Cannot Accept Ownership
#57479 [SC-Low] Logical bug in `AlchemistCurator::acceptAdminOwnership`, asking to current admin to accept ownership.
#58007 [SC-Low] `pendingAdmin` cannot call `acceptAdminOwnership()` to accept admin role
#58333 [SC-Low] Incorrect onlyAdmin Modifier in acceptAdminOwnership
#57024 [SC-Low] `wethBalanceBefore` is computed after withdrawal in `_deallocate` function in MorphoYearnOGWETHStrategy contract, leading to systematic StrategyDeallocationLoss event emission.
#56909 [SC-Low] Incorrect balance snapshot in strategy deallocation causes false loss events and masks real shortfalls
#56529 [SC-Low] Incorrect token balance calculation in MorphoYearnOGWETHStrategy.sol::_deallocate() leads to wrong event emitted every time
#57926 [SC-Low] The conditional 'StrategyDeallocationLoss' event in `MorphoYearnOGWETHStrategy::_deallocate` gets logged all the time due a misplacement in variable declaration
#56961 [SC-Low] Incorrect balance snapshot check in `_deallocate()` logs false deallocation loss in MorphoYearnOGWETH strategy
#56962 [SC-Low] Balance Check Logic Error in _deallocate() Function Leads to Broken Loss Detection and False Event Emissions
#57777 [SC-Low] ZeroX swap verifier bypass enables direct theft of user funds
#58079 [SC-Low] Missing from validation in ZeroXSwapVerifier.verifySwapCalldata() enables direct theft of approved funds
#58289 [SC-Low] Missing addresses Verification in ZeroXSwapVerifier
#57516 [SC-Low] Arbitrary External Call in ZeroXSwapVerifier Leads to Theft of Unclaimed Yield
#58418 [SC-Low] `verifySwapCalldata` cant verify the output token of the swap
#58705 [SC-Low] Mismatch between emitted protocol fee and actual fee paid in _forceRepay due to strict inequality check
#58040 [SC-Low] removeStrategy() is Non-Functional
#57346 [SC-Low] AlchemistAllocator Compares Incompatible Units (Asset Wei vs WAD Percentage)
#57982 [SC-Low] Permanently stuck rewards in the Vault
#58473 [SC-Low] Wrong redeemed amount calculation in MorphoYearnOGWETH strategy
#58110 [SC-Low] MorphoYearnOGWETHStrategy will always report strategy loss
#57637 [SC-Low] acceptAdminOwnership doesn't allow expected user approval
#56709 [SC-Low] ZeroXSwapVerifier Missing Source Validation
#58133 [SC-Low] TOKE Rewards Permanently Locked in Strategy adapter
#58488 [SC-Low] TokeAutoUSDStrategy claims rewards to itself automatically when deallocate is called but since reward token is Tokemak the rewards remain permanently locked
#58520 [SC-Low] Pending admin cannot accept ownership
#57123 [SC-Low] Incorrect 2 step ownership in AlchemistCurator
#56602 [SC-Low] Function takes incorrect modifier
#58077 [SC-Low] Reward tokens are incorrectly claimed to strategy contract during deallocation leads to permanent token loss
#58244 [SC-Low] Incorrect balance check order in `MorphoYearnOGWETH` strategy leads to false deallocation loss events
Insight
#56494 [SC-Insight] Gas Optimization: Redundant External Calls in Strategy _deallocate Functions
#58667 [SC-Insight] Permit2 is approved the wrong asset which leads to loss of funds or failing swaps
#58719 [SC-Insight] [INSIGHT] Gas Optimization: Save gas by using the cached fee amount in burn() and repay() in `Alchemist.sol`
#56336 [SC-Insight] `StargateEthPoolStrategy::_deallocate` would emit false deallocating loss event in some cases
#58739 [SC-Insight] Decimals mismatch causes 1e12 under-reporting in strategy returns, letting allocations silently exceed per-strategy and global caps
#56346 [SC-Insight] Redundant calculation of feeAmount in repay function
#57448 [SC-Insight] Unnecessary computation of lockedCollateral in `_addDebt()` and `_subDebt()`
#58094 [SC-Insight] AutopoolETH vault slippage during LP token liquidation leads to temporary fund freezing
#57522 [SC-Insight] useCurrent flag ignored in preview functions in Moonwell strategies
#58326 [SC-Insight] The value of the burned Peapods share token may exceed expectations
#56368 [SC-Insight] `AlchemistTokenVault::deposit()` should use `safeTransferFrom()` instead of `transferFrom()`; `AlchemistTokenVault::withdraw()` should use `safeTransfer()` instead of `transfer()`
#56621 [SC-Insight] Broken withdrawal logic in AaveV3ARBUSDCStrategy permanently locks user funds
#56806 [SC-Insight] Broken withdrawal logic in AaveV3ARBWETHStrategy permanently locks user funds
#57969 [SC-Insight] Lack of incentive to liquidate small positions can cause the system to accumulate bad debt
#56348 [SC-Insight] Incorrect APY calculation in MYTStrategy::_approxAPY() causes underreported yields
#58762 [SC-Insight] Manipulation of `feeInUnderlying` through front-running during liquidations on Ethereum
#56658 [SC-Insight] Transmuter's tokenURI does not revert for nonexistent tokenIds
#57816 [SC-Insight] Critical Incentive Failure in calculateLiquidation Leads to Protocol Insolvency Risk During Global Bad Debt
#56528 [SC-Insight] Unbounded `slippageBPS` Can Freeze Withdrawals
#56326 [SC-Insight] Variable could be immutable
#56350 [SC-Insight] Implementation contract AlchemistV3 not locked (_disableInitializers() missing)
#56462 [SC-Insight] Unused Mapping Causes Unnecessary Storage Gas Consumption
#58076 [SC-Insight] Fix unit mismatch in _doLiquidation: collateralInUnderlying -> collateralInDebt
#58735 [SC-Insight] ``calculateLiquidation`` reverts due to divide by ``ZERO`` if ``targetCollateralization = FIXED_POINT_SCALAR``
#57563 [SC-Insight] Reward tokens being permanently frozen in TokeAutoUSDStrategy
#56328 [SC-Insight] Redundant require statement in EulerUSDCStrategy _deallocate function leads to unnecessary gas consumption
#56801 [SC-Insight] Function burn could be gas optimized
#56406 [SC-Insight] `getEstimatedYield` never updates after snapshots
#56730 [SC-Insight] Transmuter `tokenURI()` is not EIP-721 compliance
#58552 [SC-Insight] Single transfer instead of multiple saves gas
#57791 [SC-Insight] Receipt Token Misconfiguration in Aave Strategies
#56572 [SC-Insight] Aave V3 lending pool is immutable in Aave strategies
#56949 [SC-Insight] Uncapped collateral transfer in redemption leads to accounting discrepancy enabling theft of user funds
#58703 [SC-Insight] Cached interest rate calculation in PeapodsETH strategy leads to inaccurate APR/APY estimates
#58146 [SC-Insight] Whitelist can be disabled repeatedly, contradicting intended program behavior.
#56895 [SC-Insight] Function approveMint is vulnerable to race conditions
#57291 [SC-Insight] Hardcoded Slippage in MYT Strategy
#56561 [SC-Insight] Fee amount is recomputed multiple times when the initial value has already been cached
#57923 [SC-Insight] Redundant Synthetic Transfers in claimRedemption When amountNottransmuted is Zero
#56427 [SC-Insight] src/utils/PermissionedProxy.sol::setPermissionedCall incomplete event emission because it doesnt include value argument for signature
#56347 [SC-Insight] burn contains redundant calculations
#56518 [SC-Insight] `claimWithdrawalQueue` discards claimed amount
#58356 [SC-Insight] The Alchemist TokeAuto Strategies doesn't use recommended best practice by TokeAuto.
#57606 [SC-Insight] Attacker can DoS deposits by hitting the deposit cap
#57028 [SC-Insight] Wrong amount variable in Repay event
#57832 [SC-Insight] Cap Logic Error in AlchemistAllocator
#57208 [SC-Insight] It is possible to prevent lowering the deposit cap by front-running
Reports by Type
Smart Contract
#58755 [SC-High] Users position that are synced at certain times overestimate collateralBalance of the position
#57964 [SC-Low] Improper validation of absoluteCap and relativeCap enables excessive fund allocation in AlchemistAllocator.
#56494 [SC-Insight] Gas Optimization: Redundant External Calls in Strategy _deallocate Functions
#56893 [SC-Low] Pending admin cannot accept ownership in AlchemistCurator
#58642 [SC-Low] Cap Bypass in `AlchemistAllocator.deallocate()` Allows Over-Deallocation Beyond Computed Limits
#58051 [SC-Low] Incorrect Access Control in acceptAdminOwnership()
#58666 [SC-Low] Recipient/owner not enforced in action verifiers enables theft of swap proceeds
#58667 [SC-Insight] Permit2 is approved the wrong asset which leads to loss of funds or failing swaps
#56383 [SC-Low] The `AlchemistCurator::acceptAdminOwnership` can't be called by the pending admin and if the function is called without pending admin the admin rigths will be lost
#57774 [SC-Critical] Redemption Earmark Mechanism Can Be Permanently Blocked via Single-Block Earmark Calls
#58793 [SC-Critical] Repayment Fee Overpayment from Global Collateral Pool
#57093 [SC-Critical] Potential Locked Funds Due to Partial Redeem Shortfall and miss calculation, lead to user loss their myt token forever.
#57546 [SC-Low] `MoonwellUSDCStrategy` fail to claim its reward from Moonwell Comptroller
#57473 [SC-Low] Inverted Comparison Operator Allows Operators Admin-Level Allocation Privileges
#56571 [SC-High] Inflated claim payouts from double-counted MYT after liquidation
#56947 [SC-Low] Flawed Access Control in AlchemistCurator Admin Transfer Pattern Leads to Risk of Permanent Loss of Control
#57862 [SC-Low] Incorrect `balanceBefore` reading order in `MorphoYearnOGWETHStrategy::_deallocate` function leads to wrong event emission
#57983 [SC-Low] Direct Asset Drain via `ZeroXSwapVerifier` Bypass and `MYTStrategy` Unlimited `Permit2` Approvals
#56751 [SC-Medium] StargateEthPoolStrategy deallocate function redeem less weth than expected
#57036 [SC-High] Unconditional Debt Reduction Before Protocol Fee Check in Force Repayment
#57041 [SC-High] Deallocation Accounting Mismatch Between Vault and Adapter
#58512 [SC-Low] MYTStrategy `isValidSignature` is implemented wrong and will not work
#58004 [SC-High] Protocol Insolvency from `cumulativeEarmarked` During `_forceRepay()`
#58276 [SC-Critical] Uncapped `feeInYield` in `_resolveRepaymentFee` allows for collateral theft from other depositors
#56517 [SC-Low] ZeroXSwapVerifier validates struct but executes external actions, enabling direct fund theft
#58462 [SC-Low] Incorrect post-withdraw balance measurement causes false loss reporting and mis-accounting in `MorphoYearnOGWETHStrategy._deallocate`
#58526 [SC-High] Missing accounting update in liquidation functions leads to permanent DOS on deposits
#58466 [SC-High] Liquidation Fee Payment Failure Due to Redundant wrong Collateral Check
#58518 [SC-Critical] Liquidation will steal Repayment Fee from Innocent Users Funds
#56692 [SC-Medium] `ZeroXSwapVerifier` verification will always revert due to wrong hardcoded execution function selectors
#58471 [SC-High] Accounting error in `_forceRepay`/`_doLiquidation` overstates TVL, enabling under-scaled redemptions and potential insolvency
#58474 [SC-High] Liquidator will bypass liquidation fees affecting protocol revenue
#57096 [SC-Medium] The implementation of TokeAutoEth::_allocate is incorrect
#58424 [SC-Low] MorphoYearnOGWETH Strategy - Balance Check Order Bug
#56839 [SC-Medium] Moonwell Strategies Fail to Check Compound Error Codes Causing Silent Allocation Failures
#56827 [SC-High] Missing Global Earmark Reduction in _forceRepay
#57122 [SC-Critical] Mismatch Between Capped Fee and Returned Fee in `_resolveRepaymentFee`
#58672 [SC-Low] Incorrect Balance Check Sequence
#57633 [SC-High] Block-gated _earmark() call in redeem() nullifies prefunded Transmuter cover on the first redemption of each block, leading to collateral overpayment and potential protocol insolvency
#57288 [SC-High] Flawed rounding logic in TokeAutoEth deallocate function causes permanent freezing of funds
#57172 [SC-High] Missing _mytSharesDeposited Decrements in Liquidation Flows Causes Accounting Divergence
#58450 [SC-High] Missing Transmuter Balance Update After Redemption Blocks Future Earmarking and Underfunds Redemptions
#57308 [SC-High] AlchemistV3 does not update `_mytSharesDeposited` when performing liquidation, causing global accounting and liquidation logic mismatch
#57311 [SC-Medium] Moonwell allocation and deallocation can fail silently, causing incorrect state updates and loss of yield
#56402 [SC-High] `killSwitch` leaves vault assets stranded and blocks withdrawals
#58531 [SC-Critical] QueryGraph function Zero-Return Bug causing Tracking Earmarking Failure Over Progressive Block Intervals
#57331 [SC-Medium] Conditional ETH Wrapping Logic Causes Withdrawal DoS in MoonwellWETH and StargateETH Strategies
#58113 [SC-High] StargateEthPoolStrategy.realAssets return false real assets
#58288 [SC-Critical] Incorrect Fee Payment Logic Leads to Underpayment
#58306 [SC-Critical] Repayment Fee Not Adjusted for Insufficient Collateral
#58394 [SC-High] MEV opportunity because no slippage protection in TokeAutoEthStrategy
#56633 [SC-Low] Access Control Flaw in acceptAdminOwnership() Prevents Secure Admin Transfer Leading to Potential Permanent Loss of Curator Control
#58190 [SC-Low] Operator Has No Allocation Restrictions in [`AlchemistAllocator`](https://github.com/alchemix-finance/v3-poc/blob/a192ab313c81ba3ab621d9ca1ee000110fbdd1e9/src/AlchemistAllocator.sol#...
#58310 [SC-Low] Strategy `FluidARBUSDCStrategy` cant claim fluid token reward
#57510 [SC-High] Stale Locked Collateral Tracking During Price Appreciation Causes Disproportionate Redemption Losses
#57345 [SC-High] Missing cumulativeEarmarked Decrement in _forceRepay Breaks Earmarking Invariant Leading to Unfair Redemption Burden Distribution
#58547 [SC-High] Mismatched Accounting and Transfer for Capped Fees
#58337 [SC-High] Incorrect Handling of cumulativeEarmarked in _forceRepay leads to inflated survival accumulator.
#57745 [SC-High] Syn fails to update the rawLocked valuation leading to a loss of fund for users with rawlock > 0 when total lock become 0.
#58572 [SC-High] Liquidation of account ``collateral`` doesn't subtract ``_mytSharesDeposited`` which creates bad debt in the system and causes ``insolvency``.
#57360 [SC-Critical] Unreconciled repayment fee transfer enables MYT overpayment and TVL inflation
#56882 [SC-Low] Missing Cap Enforcement in AlchemistAllocator Allows Operators to Bypass Risk Controls
#58409 [SC-High] ## [HIGH] Arithmetic Underflow in `MYTStrategy.sol`'s `deallocate()` Check Prevents Yield Withdrawal
#56435 [SC-Critical] AlchemistV3: repayment‑only liquidation pays liquidator from pool (fee leak) → theft of unclaimed yield
#57954 [SC-High] Lackf of tracking of excess cover in `_earmark` function leads to permanent loss of cover value and stuck user positions.
#57460 [SC-High] Protocol fails to subtract fee from total locked when burning and repaying
#58688 [SC-Critical] `AlchemistV3::_liquidate` can steal other users’ collateral
#58320 [SC-Critical] Incorrect Fee Return Value in _resolveRepaymentFee Enables Fund Theft Under Extreme Conditions
#58425 [SC-High] Missing slippage protection when depositing to TokeAuto strategies
#58120 [SC-Low] Incorrect balance measurement in MorphoYearnOGWETH strategy leads to incorrect deallocation loss registering
#58741 [SC-Medium] Action function signatures to 0x Settler are wrong
#58231 [SC-Medium] Attacker can stop protocol from allocating assets to the AutoETH vaults
#58683 [SC-Critical] There is an issue in earmarked debt eeduction in the repay() can causes a permanent fund freeze
#58447 [SC-Critical] Unfair Collateral Loss Through Socialized Redemption Costs
#57559 [SC-High] Missing `_mytSharesDeposited` Decrement in Liquidation Paths Enables Theft of Unclaimed Yield and Protocol Insolvency
#58387 [SC-High] Liquidator Fee in the _doliquidation Function Withheld When Collateral Is Exhausted Leading to Seized Fee Trapped in Protocol
#57447 [SC-High] Untracked MYT outflows inflate TVL causing liquidation suppression
#58590 [SC-Low] Incorrect balance-read ordering in MorphoYearnOGWETHStrategy._deallocate
#58579 [SC-Low] Inconsistent Admin Management Implementation in AlchemistCurator.sol
#58749 [SC-Low] Incorrect balance snapshot
#57167 [SC-Medium] Missing `claim` Function in Euler and Morpho strategies Leads to Loss of Yield Rewards
#57148 [SC-High] `_mytSharesDeposited` variable is not correctly updated during liquidations, leading to wrong assumptions and incorrect bad debt calculation in the Transmuter.
#58763 [SC-High] Accounting is broken when redeem() is bypassed due to Transmuter balance
#58273 [SC-Medium] Incorrect Hardcoded 0x Settler Function Selectors
#58573 [SC-Critical] AlchemistV3 Repayment Fee Cross-Account Theft Vulnerability
#58398 [SC-High] No Slippage Protection on Large Allocation Deposits
#57751 [SC-High] There is a problem related to forced liquidation branch and this creates issue thatk cna drains protocol backing
#58413 [SC-Critical] Attacker/user can prevent Earmark from updating the earnmarkweight causing the transmuter action to repay det gradually to fail for all users
#56727 [SC-High] Underlying increase in forced repayments leads to insolvency
#58078 [SC-Low] Access Control Bypass in ZeroXSwapVerifier - Missing Owner Validation
#57625 [SC-Low] Incorrect Cover Accounting in _earmark Leads to Earmarking Failure and Value Leakage
#56673 [SC-High] Zero-cost fee farming via forced earmarked repayment
#58400 [SC-Low] Alchemist allocator does not actually enforce caps
#58607 [SC-Low] Incorrect access control in admin ownership transfer allows only current admin to accept ownership instead of pending admin
#56732 [SC-Critical] Incorrect boundary condition in queryGraph leads to systematic under-earmarking and transmuter redemption fund loss
#56385 [SC-Critical] Repayment fee can be paid from the pool even when the account has no collateral left
#57599 [SC-Low] Protocol wrongly withdraws before checking balance of withdraw
#58736 [SC-High] Missing TVL Accounting in _forceRepay and _doLiquidation Leads to Protocol Insolvency
#58274 [SC-High] Liquidation fee logic in `_doLiquidation` strands liquidator rewards when balance is exhausted, freezing funds
#56714 [SC-High] Accounting Invariant Violation in _forceRepay Leads to Protocol Insolvency
#58719 [SC-Insight] [INSIGHT] Gas Optimization: Save gas by using the cached fee amount in burn() and repay() in `Alchemist.sol`
#57730 [SC-High] Liquidation Does Not Decrease mytSharesDeposited
#56859 [SC-Medium] LP/underlying mismatch in `StargateEthPoolStrategy::_deallocate` causes withdrawal DoS
#57079 [SC-Low] [H-1] MorphoYearnOGWETH Strategy: Incorrect Balance Measurement Order in _deallocate() Causes DoS on Withdrawals with Any Loss
#57590 [SC-Critical] Double-counted Transmuter cover in `redeem()` allows overstated redemptions and potential over-withdraw/over-borrow
#57514 [SC-Low] Calldata verification bypass in 0x preflight logic enables arbitrary from/recipient manipulation and direct fund theft
#56363 [SC-High] `_mytSharesDeposited` not correctly updated in all cases, leading to incorrect protocol collateralization and reduced liquidation incentives
#56395 [SC-High] Accounting desync in liquidation outflows leads to artificial deposit cap exhaustion and denial-of-Service on recapitalization
#58236 [SC-High] Accounting mismatch: `_forceRepay`/`_doLiquidation` fail to decrement `_mytSharesDeposited`, locking deposit capacity and overstating collateral
#58724 [SC-Critical] Partial Redemption Burns Full Position — Accounting Desynchronization and Potential Underpayment in Transmuter.claimRedemption()
#58098 [SC-High] There is a problem from ledger TVL sesync inliquidations cause a under-liquidation and systemic insolvency risk
#56824 [SC-High] Missing update to _mytSharesDeposited during liquidation
#58648 [SC-Low] Incorrect wethBalanceBefore read causes broken loss detection in deallocation
#58336 [SC-Medium] Additive Update to Survival Accumulator Causing Overflow
#58354 [SC-High] `_forceRepay` does not decrement `_mytSharesDeposited`, causing a temporal blocking of new deposits
#58771 [SC-High] Incorrect Tracking of Total Deposited Yield Tokens (_mytSharesDeposited) in Liquidation and Force Repayment Paths
#56552 [SC-High] Liquidation fee misrouting in AlchemistV3._doLiquidation() leads to theft of unclaimed yield (liquidator fee stranded)
#57530 [SC-High] Stale TVL Accounting in Liquidations Leads to Protocol Insolvency
#56336 [SC-Insight] `StargateEthPoolStrategy::_deallocate` would emit false deallocating loss event in some cases
#58707 [SC-Medium] Moonwell strategy _allocate() does not revert when mint fails which can result in a sudden drop in Myt share price and consequently sever under-collateralization
#57534 [SC-Low] Small debt positions cannot be liquidated due to zero amount checks on token vaults
#58739 [SC-Insight] Decimals mismatch causes 1e12 under-reporting in strategy returns, letting allocations silently exceed per-strategy and global caps
#58345 [SC-Low] Operators in `AlchemistAllocator.sol` can allocate higher than DAO defined limits
#56794 [SC-Critical] Liquidators can be overpaid due to accounting error
#57668 [SC-High] Missing collateral tracking update during liquidation leads to inflated total value calculation and delayed under-collateralization protection
#57621 [SC-Low] Improper reward claiming in TokeAutoEthStrategy sends TOKE tokens to wrong address causing permanent freezing of unclaimed yield
#58709 [SC-Low] Naive 0x fill parsing lets attackers spoof token and amount checks
#56873 [SC-Medium] Incorrect ETH Wrapping Condition in MoonwellWETHStrategy._deallocate() Leads to Temporary Freezing of Funds
#56346 [SC-Insight] Redundant calculation of feeAmount in repay function
#58362 [SC-Low] Users will lose TokeMak rewards earned in TokeAutoEthStrategy
#58192 [SC-High] TokeAutoEth Strategy Tokens Locked When AutoPool(router) Enforces maxDeposit Cap
#57127 [SC-Low] Pending admin should call the function instead of admin
#57129 [SC-High] Missing _mytSharesDeposited Decrement in Liquidation Functions Causes Permanent TVL Inflation
#58507 [SC-Critical] Repayment fee after forceRepay could result in socialized loss during global undercollateralization
#56965 [SC-Critical] AlchemistV3 handling of added Transmuter coverage includes an error that enables an attacker to cause protocol insolvency
#58480 [SC-Low] Missing recipient and token binding in verifySwapCalldata leads to unauthorized fund transfers
#58516 [SC-Low] Inverted Min/Max Logic in AlchemistAllocator Operator Cap Calculation
#58358 [SC-High] Mismatched CollateralWeight and rawLocked Causes Incorrect Collateral Removal in Sync
#56522 [SC-Medium] `TokeAutoUSDStrategy::_allocate()` and `TokeAutoEthStrategy::_allocate()` may suffer a denial-of-service (DoS) due to token amount mismatch in `AutopilotRouter::depositMax()`
#58604 [SC-Low] Verification bypass in `_verifyExecuteMetaTxnCalldata` enables arbitrary 0x actions to pass checks and execute in the `ZeroXSwapVerifier.sol` contract
#57941 [SC-High] Incorrect handling of deallocate return val causes any interest gains in a strategy to become unclaimable and permanently locked
#56519 [SC-Critical] Unchecked repayment fee transfer in `_liquidate` pays liquidators from other users’ collateral
#58280 [SC-Critical] Repayment's fee is charged from other users causing the contract to fail when the myt total balance of a user cannot cover the fee
#57053 [SC-Critical] Integer Division Precision Loss in normalizeDebtTokensToUnderlying Leads to Permanent Collateral Locking
#57448 [SC-Insight] Unnecessary computation of lockedCollateral in `_addDebt()` and `_subDebt()`
#56343 [SC-Low] MorphoYearnOGWETH _deallocate function always emits StrategyDeallocationLoss due to flawed balance measurement
#58497 [SC-Low] The amount of WETH redeemed is not calculated properly in MorphoYearnOGWETH
#58269 [SC-High] Liquidator Fee Not Paid When Fee Equals Surplus
#58329 [SC-Low] Incorrect Balance Measurement in `MorphoYearnOGWETH._deallocate()` Leads to Temporary Freezing of Funds via Spurious Loss Events
#57662 [SC-Critical] portion of users alAsset amount that staked in transmuter can be lost forever when `amount > cumulativeEarmarked`
#58626 [SC-Critical] Repayment Fee Overpayment in Liquidation Repay-Only Path
#58094 [SC-Insight] AutopoolETH vault slippage during LP token liquidation leads to temporary fund freezing
#56672 [SC-High] Inconsistent MYT share accounting leads to under-liquidation and solvency risk
#57907 [SC-High] Incorrect forced-repayment accounting allows debt forgiveness and frees locked collateral (systemic loss)
#57585 [SC-High] AlchemistV3 does not properly update CDP collateralBalance when redemptions exceed _totalLocked which enables some CDPs to over-withdraw collateral on account of others
#58778 [SC-Low] ZeroXSwapVerifier implements incorrect data extraction logic enabling verification bypass in future strategy integrations
#58347 [SC-High] Accounting Drift Due to Missing `_mytSharesDeposited` Decrements During Liquidation
#58348 [SC-Low] ZeroXSwapVerifier accepts malicious 0x calldata (recipient not bound, minOut ignored, transferFrom misused) -> attacker can route strategy/vault funds to self (Direct theft)
#58416 [SC-Low] Unclaimed Extra Rewards in Tokemak Integration Lead to Permanent Freezing of Yield
#58422 [SC-Low] MorphoYearn OG WETH strategy always emits deallocation-loss event due to zero delta calculation
#58456 [SC-Medium] Account Can Enter Unliquidatable State with Residual Debt
#57930 [SC-High] Allocation tracking underflow in strategy deallocation Leads to protocol insolvency
#56817 [SC-High] ForceRepay doesn't decrement _mytSharesDeposited, inflating TVL
#58112 [SC-High] A malicious user can avoid getting penalized upon a Transmuter redemption by depositing and withdrawing collateral in the Alchemist
#58628 [SC-High] Attackers Can Avoid Redemption Losses By Temporarily Burning and Re-Borrowing The Debt
#57522 [SC-Insight] useCurrent flag ignored in preview functions in Moonwell strategies
#58326 [SC-Insight] The value of the burned Peapods share token may exceed expectations
#57088 [SC-High] Unscaled collateral accounting in redeem lets users withdraw more than intended
#57726 [SC-High] AlchemistV3: MYT TVL accounting drift on liquidation/forceRepay blocks deposits via depositCap (Medium — Smart contract unable to operate due to lack of token funds)
#58396 [SC-High] Total locked is not cleared proportionally to the total debt, this forces the collateral weight to become incorrect and new users transmuter redeem repayment will repay more debt fo...
#58163 [SC-Critical] Total loss of user Funds in claim redemption
#57950 [SC-High] Unit Mismatch in _addDebt() Collateralization Check Allows Unbacked Debt Issuance and Protocol Insolvency
#56368 [SC-Insight] `AlchemistTokenVault::deposit()` should use `safeTransferFrom()` instead of `transferFrom()`; `AlchemistTokenVault::withdraw()` should use `safeTransfer()` instead of `transfer()`
#57746 [SC-Low] Broken contract ownership logic at AlchemistV3.sol
#58143 [SC-Low] Unused Cap Enforcement Variables (adjusted)
#58645 [SC-Medium] Incorrect WETH Wrapping Amount in `MoonwellWETHStrategy._deallocate()` Wraps `ethRedeemed` Instead of `amount`
#58757 [SC-Critical] Forgotten cover in _earmark() causes systematic over-earmarking and temporary freezing of user collateral
#57957 [SC-Medium] Loss of EulerETH vault yields for Euler WETH Strategy
#56836 [SC-Low] Ownership Transfer Failure in `AlchemistCurator` Prevents Future DAO Governance or Recovery
#57963 [SC-High] Incorrect _mytSharesDeposited Accounting in liquidate() Allows Theft of User Funds via Corrupted Bad Debt Ratio
#58070 [SC-High] Forced-repay accounting lets borrowers erase debt without paying equivalent assets (protocol deficit / insolvency)
#57632 [SC-High] Inflated TVL in _mytSharesDeposited hides protocol insolvency
#56621 [SC-Insight] Broken withdrawal logic in AaveV3ARBUSDCStrategy permanently locks user funds
#58125 [SC-Critical] Repayment Fee Overpayment from Pooled Collateral
#56806 [SC-Insight] Broken withdrawal logic in AaveV3ARBWETHStrategy permanently locks user funds
#57970 [SC-High] _forceRepay Leaves `cumulativeEarmarked` Stale
#57969 [SC-Insight] Lack of incentive to liquidate small positions can cause the system to accumulate bad debt
#56348 [SC-Insight] Incorrect APY calculation in MYTStrategy::_approxAPY() causes underreported yields
#57788 [SC-Medium] Missing `_claimRewards()` Implementation in AaveV3ARBUSDCStrategy Leads to Permanent Loss of Aave Incentive Rewards
#58435 [SC-High] Systemic Accounting Bug Leads to Protocol Insolvency
#57975 [SC-Low] Broken admin rotation in acceptAdminOwnership() causes permanent governance lockout
#58762 [SC-Insight] Manipulation of `feeInUnderlying` through front-running during liquidations on Ethereum
#57793 [SC-High] `cumulativeEarmarked` variable is not updated in `_forceRepay` function, breaking core internal logic and leading to user funds being stuck.
#57102 [SC-High] TVL Overstatement from _mytSharesDeposited Desync Enables Softened Liquidations & No‑Haircut Over‑Redemptions (Transmuter)
#56625 [SC-Low] Broken ownership transfer logic in AlchemistCurator permanently freezes contract operations
#58203 [SC-Medium] Moonwell Strategies Silent Failure Due to Unchecked mint() and redeemUnderlying() Return Values
#56658 [SC-Insight] Transmuter's tokenURI does not revert for nonexistent tokenIds
#57989 [SC-Low] Broken isValidSignature leads to fund freezing
#58086 [SC-High] Mis-accounting of MYT outflows inflates TVL, distorts collateralization, and can DoS deposits/liquidations
#58088 [SC-Low] Inadequate enforcement of global cap enables cumulative over‑allocation
#57816 [SC-Insight] Critical Incentive Failure in calculateLiquidation Leads to Protocol Insolvency Risk During Global Bad Debt
#56855 [SC-Medium] Liquidations Fail With Arithmetic Underflow When Forced Repayment Exhausts Collateral
#58089 [SC-Low] Arithmetic underflow revert in `_deallocate`
#56528 [SC-Insight] Unbounded `slippageBPS` Can Freeze Withdrawals
#58443 [SC-Critical] Incorrect Consumption of Yield Cover in redeem, Leading to Reuse of Accrued Yield
#58442 [SC-High] Liquidation Breaks Core Accounting Invariant: Missing cumulativeEarmarked Update in _forceRepay() Causes Permanent State Drift
#57995 [SC-High] Missing Slippage Protection in TokeAutoUSDStrategy Allocation Function Leads to Permanent Value Loss
#58093 [SC-Medium] MORPHO reward in `MorphoYearnOGWETH` will be lost or stuck
#56678 [SC-High] Missing Internal MYT Shares Accounting in Liquidation Functions Causes Deposit Blocking and Protocol Insolvency Risk Through Inflated TVL Calculations
#57464 [SC-High] Incorrect accounting in stargate strategy causes protocol insolvency and user liquidations
#58369 [SC-High] Missing _mytSharesDeposited Decrements in _forceRepay/_doLiquidation Leads to Smart Contract Unable to Operate Due to Lack of Token Funds
#57837 [SC-Low] `MoonwellWETHStrategy` cant claim reward from Moonwell Comptroller
#58002 [SC-Low] Missing submitRemoveStrategy Function
#57152 [SC-High] Assets Permanently Locked Due to KillSwitch Flag
#56326 [SC-Insight] Variable could be immutable
#58006 [SC-Medium] `MoonwellUSDCStrategy._allocate` ignores Compound-style mint failures and corrupts vault accounting
#58772 [SC-Critical] `_resolveRepaymentFee` overpays liquidators when collateral is gone, letting attackers drain MYT
#58792 [SC-High] the cumulativeEarmark does not decrease in _forceRepay which lead to transfer more collateral from users even when all earmark debt cleared which breaks the alchemix v3 core logic
#58773 [SC-Medium] In Stargate Incorrect Allocation Cap Accounting Leading to Unnecessary DoS
#58149 [SC-Low] MorphoYearnOGWETH incorrectly reports loss and triggers StrategyDeallocationLoss event
#58449 [SC-Medium] TokeAutoEth Strategy Balance-Approval Mismatch DOS
#58019 [SC-High] Flawed killSwitch Implementation in MYTStrategy Leads to Permanent Loss of Funds
#57860 [SC-High] Incorrect `_mytSharesDeposited` accounting inflates collateral and underreports bad debt, enabling insolvency
#57861 [SC-High] Missing Slippage Protection in Tokemak Autopool Allocation Functions Leads to Direct Theft of User Funds
#57169 [SC-Low] ZeroXSwapVerifier Policy Bypass via RFQ fillData Prefix (Token & Amount Spoof)
#58452 [SC-High] MYTStrategy Allocation underflow in deallocate() when allocation + profits exceed old allocation
#57197 [SC-High] Incorrect _totalLocked Reduction
#57604 [SC-High] Nominal accounting mismatch in Moonwell strategies leads to permanent locking of all generated yield
#57867 [SC-Medium] ZeroXSwapVerifier erroneously rejects Uniswap v3 swaps due to an an incorrect selector
#58636 [SC-Low] Broken Two-Step Admin Transfer Prevents Legitimate Admin Succession in AlchemistCurator
#57212 [SC-High] _totalLocked is not properly decremented in the redeem function causing system insolvency.
#58189 [SC-Low] Two-step mechanism to transfer ownership is broken due to incorrect access control
#56350 [SC-Insight] Implementation contract AlchemistV3 not locked (_disableInitializers() missing)
#56462 [SC-Insight] Unused Mapping Causes Unnecessary Storage Gas Consumption
#58259 [SC-Low] Broken operator logic inside AlchemistCurator
#58323 [SC-Critical] The Alchemist::burn function experiences precision loss, resulting in the avoidance of protocol fees
#58324 [SC-High] Incorrect Return Value in _deallocate Function Leads to Permanent Fund Locking in MYTStrategy Implementations
#58363 [SC-High] Accounting Corruption in Liquidations Due to Missing Global Counter Update
#57582 [SC-Critical] Calling _earmark one block apart skips the block's earmark value
#58076 [SC-Insight] Fix unit mismatch in _doLiquidation: collateralInUnderlying -> collateralInDebt
#57972 [SC-High] liquidation doesn't update _mytSharesDeposited
#58735 [SC-Insight] ``calculateLiquidation`` reverts due to divide by ``ZERO`` if ``targetCollateralization = FIXED_POINT_SCALAR``
#58472 [SC-High] Liquidator Base Fee Seized but Not Paid Due to Post‑Deduction Balance Check
#57563 [SC-Insight] Reward tokens being permanently frozen in TokeAutoUSDStrategy
#58386 [SC-Low] Rewards claimed during deallocation remain stranded on strategy and unaccounted
#58689 [SC-Critical] Incorrect deduction logic in `AlchemistV3::redeem()` may lead to insufficient contract collateral
#56815 [SC-High] Missing `_mytSharesDeposited` Decrements in Internal Outflows cause TVL Inflation & Deposit DoS
#56359 [SC-High] Permanent Deposit Freeze After _forceRepay() Misaccounts Freed Shares
#58605 [SC-Medium] Missing _claimRewards in AaveV3ARBUSDCStrategy leads to permanent freezing of accrued Aave incentives
#58615 [SC-High] _mytSharesDeposited didn't get updated after _forceRepay && _doLiquidation called
#58275 [SC-High] account.rawLocked not clear even when debt is clear
#57725 [SC-High] # `AlchemistV::liquidate` is not updating the `_mytSharesDeposited` which makes it inflated and can cause deposits DoS and liquidations malfunction that may cause protocol insolvency.
#57752 [SC-Medium] Aave and Euler incentives for MYT will be lost due to unimplemented `_claimRewards` function
#56702 [SC-Critical] `claimRedemption` would not return all alAsset that is not get converted to MYT in some case
#57665 [SC-Low] Incorrect Balance Measurement in `_deallocate` function of `MorphoYearnOGWETHStrategy`
#58270 [SC-Critical] incorrect handling of debt cover in redeem can affect early liquidation and incorrectly sync accounts
#57697 [SC-Low] Missing Recipient & `from` Checks in ZeroXSwapVerifier Enable Direct Asset Theft
#57866 [SC-Low] Failure to verify the recipient's address can result in the theft of purchased tokens
#58578 [SC-Low] ZeroXSwapVerifier allows attackers to drain strategy tokens via crafted calldata
#58575 [SC-Low] Operator Limit Bypass
#58506 [SC-Low] Adjusted Cap Limits Are Never Enforced
#58794 [SC-High] Hardcoded 0 amount as the minSharesOut to depositMax(...) function call does not provide slippage protection
#56328 [SC-Insight] Redundant require statement in EulerUSDCStrategy _deallocate function leads to unnecessary gas consumption
#57506 [SC-High] force repay don't update cumulativeEarmarked variable
#56936 [SC-High] Missing `_mytSharesDeposited` decrements on repay/liquidation → TVL drift, false over‑collateralization, and deposit‑cap DoS
#58797 [SC-Low] The `TokeAuto` strategies implementation does not accurately report the actual assets held by the strategy
#58796 [SC-Low] Incorrect balance snapshot in _deallocate() causes wethRedeemed always = 0
#56801 [SC-Insight] Function burn could be gas optimized
#57749 [SC-Low] ZeroXSwapVerifier misses critical sender/recipient/minOut validations, allowing malicious 0x calldata to drain funds (Critical — Direct theft)
#57090 [SC-Low] Ownership Transfer Failure in `AlchemistCurator` Prevents Future DAO Governance or Recovery
#56583 [SC-Low] Wrong 2 step transferAdminOwnerShip logic and insufficient checks in AlchemistCurator.sol leads to permanent admin ownership loss
#58081 [SC-Medium] Missing check in function `AlchemistV3::setMinimumCollateralization` could lead to set `minimumCollateralization > globalMinimumCollateralization`.
#58291 [SC-Medium] Unlike setters collateralization functions, AlchemistV3::initialize doesnt enforce collateralization invariants allowing to break them
#57916 [SC-Critical] Repay removes earmark, meant to be reducing debt while collateral is still reduced
#58257 [SC-Low] In TokeAutoETH deallocate can be DOSed if the vault incuring losses
#56406 [SC-Insight] `getEstimatedYield` never updates after snapshots
#56491 [SC-Critical] User Collateral Loss Triggered by setMinimumCollateralization Update
#56830 [SC-Low] Broken admin Ownership transfer Logic, acceptAdminOwnership() requires current admin instead of pending Admin, Blocking Role Claim.
#58513 [SC-Low] Broken Access Control in AlchemistCurator.acceptAdminOwnership() Prevents Admin Transfer
#56911 [SC-Low] Incorrectly implemented two-step admin ownership transfer mechanism prevents new admin to accept role
#56730 [SC-Insight] Transmuter `tokenURI()` is not EIP-721 compliance
#57328 [SC-Low] Once `tokeLockDuration` is the opposite of zero in `TokeAutoEthStrategy`, accumulated rewards in `accToke` can be stuck
#56389 [SC-High] `_mytSharesDeposited` is not updated on liquidation outflows which could lead to solvency illusion and misreported global ratios
#58519 [SC-High] Double Counting of Collateral Due to `_mytSharesDeposited` not being updated during liquidations
#57316 [SC-Low] Allocation Cap Enforcement Missing & DeadCode
#57760 [SC-High] MytStrategy._allocate/_deallocate doesnt account for profit and loss
#56776 [SC-High] TVL Manipulation via Missing _mytSharesDeposited Decrement in Liquidations
#57553 [SC-High] _mytSharesDeposited is not updated in liquidations which breaks bad debt ratio/alchemistCR calculations and causes failures in bad debt handling and liquidation handling
#58067 [SC-High] Asymmetric deallocation in TokeAutoEthStrategy leads to permanent WETH funds stuck in strategy
#58754 [SC-High] Missing `_mytSharesDeposited` decrements in `AlchemistV3` `_forceRepay`/`_doLiquidation`
#58168 [SC-Medium] Safe Position Liquidation Vulnerability in AlchemistV3 When minimumCollateralization Equals collateralizationLowerBound
#58177 [SC-High] Transmuter::claimRedemption cant update _mytSharesDeposited leading to permanent underlying value state inside Alchemist
#58552 [SC-Insight] Single transfer instead of multiple saves gas
#57787 [SC-High] asset can be transferred to strategies even when the killSwitch enabled without posibility to use this funds for allocation
#57791 [SC-Insight] Receipt Token Misconfiguration in Aave Strategies
#57617 [SC-Critical] Protocol-paid repayment fee transfer allows draining of protocol MYT (yield)
#57189 [SC-High] AlchemistCurator contract not implement setForceDeallocatePenalty
#58616 [SC-Medium] Liquidation can revert due to 0 amount fee withdraw
#56582 [SC-Low] AlchemistCurator::removeStrategy is unable to remove strategies from vaults due to wrong logic implementation
#57973 [SC-Critical] repay doesnt set lastTransmuterTokenBalance leading to the same balance covering earmark twice
#58301 [SC-Critical] Accounting Issue in Liquidation Logic After Force Repay we charge repayment fee even if collateral balanc cannot account for it
#56800 [SC-Medium] Minimum collateral change lets liquidators seize compliant accounts
#56832 [SC-Low] AlchemistCurator contract doesn't allow to remove strategies from the MYT morpho V2 vault.
#56845 [SC-High] The deposit will be reverted because `_mytSharesDeposited` references an outdated value
#57806 [SC-Low] Staking Graph argument bounds are incorrectly defined
#57335 [SC-Medium] Zero min-out ERC-4626 deposits cause under-mint and permanent allocation loss
#58728 [SC-Medium] When the strategy is at a loss, the assets cannot be withdrawn
#58393 [SC-Low] Wrong order in balance querying instructions in MorphoYearnOGWETHStrategy::_deallocate function leads to always emit StrategyDeallocationLoss event
#57918 [SC-High] Incorrect `totalLocked` Collateral Accounting in AlchemistV3
#58352 [SC-Low] Assets Become Permanently Stuck in TokeAutoEth Strategy Due to Strict Balance Check
#58036 [SC-Critical] Incorrect Fee Deduction May Drain Collateral Pool When Account Balance Is Insufficient
#58542 [SC-Low] [Low] Logic Error in MorphoYearnOGWETHStrategy._deallocate(): `wethRedeemed` Always Zero → All Deallocations Emit `StrategyDeallocationLoss`
#58357 [SC-Low] Permanent Freezing of TokeAutoEth strategy rewards in MYT Vault
#57511 [SC-Medium] Protocol could atleast be taking a part of the protocol fee
#58611 [SC-Medium] Double-counting of earmarked debt repayments as cover leads to user funds being stuck and protocol insolvency.
#56572 [SC-Insight] Aave V3 lending pool is immutable in Aave strategies
#56949 [SC-Insight] Uncapped collateral transfer in redemption leads to accounting discrepancy enabling theft of user funds
#58515 [SC-Medium] A liquidated position can end the liquidation process still below `collateralizationLowerBound`, allowing for double liquidation of positions.
#57272 [SC-Medium] Silent Failures on Moonwell Deposit are not catched by strategy
#57057 [SC-Low] Wrong order of balance checks in MorphoYearnOGWETHStrategy
#57251 [SC-Low] Curator Cannot Remove Adapter Due to Timelock Requirement
#56887 [SC-Low] Incorrect balance tracking in MorphoYearnOGWETHStrategy _deallocate function leads to wrong loss event emission(Resend))
#58787 [SC-Medium] When allocation amount is greater than the maxDeposit of TokeAutoETh.sol, the remaining is stuck in TokeAutoEth.sol
#56324 [SC-Low] Missing ```from==owner ```check in transferFrom verifier → direct theft of user funds
#58658 [SC-High] cumulativeEarmarked not updated
#58087 [SC-Medium] MoonwellUSDCStrategy ignores redeemUnderlying error codes → temporary freezing of funds (withdrawals revert)
#58743 [SC-Low] ZeroXSwapVerifier Recipient Validation Bypass
#58730 [SC-Medium] An attacker can prevent any TokenAuto strategy allocation by making a donation to the vault of as little as 1 wei of underlying token
#58181 [SC-Medium] A griefer can cause a permanent DoS in TokeAutoETH/TokeAutoUSDCStrategy::allocate.
#57852 [SC-Critical] Old borrowers steal from new borrowers after redemptions are claimed
#58703 [SC-Insight] Cached interest rate calculation in PeapodsETH strategy leads to inaccurate APR/APY estimates
#56809 [SC-High] Vulnerable redemption survival ratio in _sync allows theft of alTokens
#57066 [SC-Critical] A malicious actor can keep calling `poke` at every block to prevent collateral earmarking exposing transmuter users to delayed redemptions and loss of funds
#58564 [SC-Critical] Earmarked funds fail to accumulate when _earmark is called in consecutive blocks
#58544 [SC-Critical] it is possible to underflow on `_sync` making positions bricked forever
#58146 [SC-Insight] Whitelist can be disabled repeatedly, contradicting intended program behavior.
#56365 [SC-Critical] Liquidation Fee Overdraft Drains Pooled Collateral
#56775 [SC-Medium] Permanent freezing of funds from precision/dust + strict deallocation check
#56622 [SC-Critical] Repayment Fee Overpays Liquidators Using Pooled Collateral After _forceRepay
#56740 [SC-Critical] Unbounded Liquidation Fee Allows Theft of Shared Collateral
#57330 [SC-Critical] _resolveRepaymentFee returns initial fee when fee is greater collateral balance
#56895 [SC-Insight] Function approveMint is vulnerable to race conditions
#58209 [SC-Medium] Lack of Slippage Protection in Transmuter.claimRedemption and AlchemistV3.withdraw Leads to User Yield Losses
#57114 [SC-Low] Inherited `setAdmin` function allows to bypass two-step admin ownership transfer mechanism
#56442 [SC-High] Inflated `_totalLocked` because vault yield accrual would skew `_collateralWeight` calculation
#58035 [SC-High] killSwitch early-return in strategy causes vault-to-adapter asset leakage, mis-accounting, and deallocation DOS
#56878 [SC-Medium] The permissionedCalls check can be bypass
#58198 [SC-Low] Broken Two-Step Admin Transfer Pattern
#56418 [SC-Low] Two step owner transfer is broken and can lead to unforseen damages
#57622 [SC-Low] Lack of claimed reward handling in MYT strategies will keep all external token rewards stuck forever
#57017 [SC-Medium] `AaveV3ARBWETHStrategy`cant claim AAVE incentive
#56465 [SC-Low] `getTotalDeposited` doesn't reflect the correct total deposited
#57770 [SC-Medium] Admin Can Bypass `permissionedCalls` Protection Using Multicall
#56956 [SC-High] Lack of slippage control in Tokemak strategies can make MYT suffer losses on allocation
#58010 [SC-High] Slippage tolerance not enforced in TokeAutoUSDStrategy
#56560 [SC-High] Liquidation base fee transfer is gated by a condition that’s usually false
#57883 [SC-High] _mytSharesDeposited Updates in Liquidation Functions Leads to Critical TVL Inflation
#58129 [SC-High] Missing _mytSharesDeposited Update in _forceRepay() Causes Accounting Inconsistency which can DOS deposit and Liquidation
#57544 [SC-High] `_mytSharesDeposited` is not reduced upon fee transfers to protocol
#58116 [SC-High] TVL Accounting Mismatch Leading to Protocol Insolvency
#58260 [SC-High] Inconsistent collateral accounting where Force-Repay/Liquidation transfer out MYT without adjusting TVL
#57439 [SC-Low] Incorrect `badDebtRatio` rounding in `Transmuter::claimRedemption()` may cause funds to become permanently stuck
#57291 [SC-Insight] Hardcoded Slippage in MYT Strategy
#58751 [SC-Medium] `setMinimumCollateralization` allows for increasing the current `minimumCollateralization` , instantly exposing users to risk of liquidation
#58185 [SC-Medium] Incorrect _survivalAccumulator accounting logic after _earmarkWeight reaches 128 breaks core system invariants and can lead to protocol insolvency
#58338 [SC-Critical] AlchemistV3 Repayment Fee Can Exceed Remaining Collateral Leading to Position Insolvency
#56706 [SC-Medium] StargateEthPoolStrategy Incomplete ETH Wrapping Causes Withdrawal DoS
#57526 [SC-Medium] `StargateEthPoolStrategy` rounding mismatch freezes `VaultV2` allocations
#57565 [SC-Medium] The amount of dust will be permanently locked in `StargateEthPoolStrategy`
#58022 [SC-Medium] Accounting Mismatch and Fund Stuck Due to Dust ETH on StargateEthPoolStrategy
#58427 [SC-Medium] `StargateEthPoolStrategy::_allocate()` and `_deallocate()` Inconsistent Dust Handling Causes ETH to be Permanently Locked in Strategy Contract
#56561 [SC-Insight] Fee amount is recomputed multiple times when the initial value has already been cached
#58210 [SC-Low] Incorrect balance measurement in deallocation disables loss detection in MorphoYearnOGWETH.
#57740 [SC-High] EulerETH strategy will have WETH locked in the strategy contract
#56798 [SC-Critical] Flash-Vote Exploit Drains All Funds via AlchemistAllocator
#58215 [SC-High] Funds Can Become Permanently Stuck in Adapter When Kill Switch is Enabled
#58423 [SC-Low] Pending Admin Cannot Accept Ownership Transfer in `AlchemistCurator`
#58346 [SC-High] _forceRepay() fails to decrement cumulativeEarmarked, breaking earmark invariant and skewing redemptions
#58196 [SC-High] AaveV3ARBUSDCStrategy strategy will have its reward stuck in Aave USDC
#58105 [SC-Medium] ZeroXSwapVerifier decodes execute payload with wrong ABI (bytes vs bytes[]) → temporary freezing of funds
#58249 [SC-Low] Broken Two-Step Admin Handover in AlchemistCurator
#57369 [SC-High] Deallocation may revert due to an underflow
#57923 [SC-Insight] Redundant Synthetic Transfers in claimRedemption When amountNottransmuted is Zero
#57183 [SC-Medium] Missing Incentive Rewards Claiming in Multiple Strategy Contracts
#57812 [SC-Medium] No function to claim Aave Incentives
#58239 [SC-Medium] Missing Aave incentives rewards claiming mechanism leads to permanent loss of protocol royalties
#56427 [SC-Insight] src/utils/PermissionedProxy.sol::setPermissionedCall incomplete event emission because it doesnt include value argument for signature
#56347 [SC-Insight] burn contains redundant calculations
#56516 [SC-High] allocate assets in killSwitch mode can lead to assets stuck on contract
#57394 [SC-Low] `acceptAdminOwnership()` only allows the current admin to finalise transfers
#58124 [SC-Low] Direct Theft of Funds via Malicious actions[] in execute() Call Due to Incorrect Calldata Verification
#58130 [SC-Medium] Asymmetric Validation in Collateralization Setters Allows Protocol Misconfiguration Breaking All Borrowing
#58080 [SC-Medium] Aave V3 strategies fail to claim OP/ARB liquidity mining rewards, causing permanent loss of yield
#58131 [SC-Critical] Rounding Errors in Debt-to-Collateral Conversions Allow Attackers to Drain Protocol Assets
#58627 [SC-Low] Incorrect delta calculation in _deallocate() causes wethRedeemed to always be zero.
#57825 [SC-High] Forced repay cover enables double-counted debt reduction in redeem
#56923 [SC-High] Missing cumulativeEarmarked Update in _forceRepay Causes Incorrect Debt Accounting in AlchemistV3
#56927 [SC-Medium] setMinimumCollateralization function also needs a another check
#57678 [SC-High] Liquidation fee is deducted from user but not paid to liquidator
#56498 [SC-Low] Reserve Drainage Due to Incorrect Balance Measurement
#58150 [SC-High] Missing Slippage Protection in `TokeAutoUSDStrategy::_allocate` Leads to Direct Theft of User Funds via MEV Sandwich Attacks
#56518 [SC-Insight] `claimWithdrawalQueue` discards claimed amount
#56982 [SC-Medium] Incorrect function selectors used in ZeroXSwapVerifier
#58101 [SC-Critical] Repayment-only liquidation overpays fee from pooled collateral
#58266 [SC-High] Partial liquidation strands base fee due to post-seizure balance check
#58322 [SC-Low] Incorrect Emit Due to Wrong Ordering of wethBalanceBefore Calculation
#58360 [SC-Low] Round-down calculation in `convertToShares()` leads to deallocation failure in TokeAutoEth strategy
#58356 [SC-Insight] The Alchemist TokeAuto Strategies doesn't use recommended best practice by TokeAuto.
#58408 [SC-Low] Underflow account.rawLocked on _subDebt due to rounding inconsistency
#58410 [SC-Low] Tokemak Strategy Deallocation Causes TOKE Token Lockup
#58419 [SC-Low] AlchemistCurator two-step ownership transfer mis-implemented
#58469 [SC-Low] Pending Admin Cannot Accept Ownership
#58782 [SC-High] Rewards earned by EulerARBUSDCStrategy will not be withdrawable from Euler pool on Arbitrum
#56689 [SC-Low] Reward token TOKE is stuck in MYT
#58555 [SC-Low] `AlchemistCurator` 2-step ownership transfer is implemented incorrectly
#58428 [SC-Low] TOKE reward loss when calling deallocate
#58376 [SC-Low] claimRewards() function permanently locks earned Toke reward token on Morpho VaultV2
#58527 [SC-Low] Complete loss of all reward value on TokeAutoEthStrategy _claimRewards
#57692 [SC-High] AlchemistV3 Liquidation Fee Loss Vulnerability
#58524 [SC-High] When liquidating, there are cases where the Fee is not paid to the liquidator.
#56757 [SC-High] Incorrect leftover-collateral check blocks liquidator fee payment leading broken incentives & delayed deleveraging
#56451 [SC-Low] `AlchemistAllocator::allocate()` and `deallocate()` do not enforce cap checks as intended
#57644 [SC-Low] Unenforced cap logic in AlchemistAllocator allows not controlled allocations
#58325 [SC-Low] Operator Can Shift vault Funds to Risky Strategies Without Oversight, leading to potential loss of user funds.
#57101 [SC-Critical] Same-block earmark early-exit leaves stale transmuter balance, causing under-earmarking
#58714 [SC-Low] Pending Admin cannot accept Ownership in `AlchemistCurator.sol`
#58734 [SC-Low] Broken strategy realAssets calculation
#58742 [SC-High] Liquidators will not earn fees in some cases
#58759 [SC-High] Yield Stuck in Adapter Contracts Forever
#58781 [SC-High] _totalLocked Accounting Mismatch Leading to Token Balance Deficit in AlchemistV3
#58780 [SC-High] WETH Yield will be locked on AaveWETH pool on Arbitrum
#56983 [SC-Low] Tokemak rewards sent to MYT vault contract (not strategy) -> rewards stranded
#58056 [SC-Low] The Auto ETH and USDC staking rewards will stuck in vault
#57067 [SC-Low] Overstated Per-Account Locked Collateral Due to Global Clamp in _subDebt
#56332 [SC-Low] Pending Admin Cannot Accept Ownership
#57479 [SC-Low] Logical bug in `AlchemistCurator::acceptAdminOwnership`, asking to current admin to accept ownership.
#58007 [SC-Low] `pendingAdmin` cannot call `acceptAdminOwnership()` to accept admin role
#58333 [SC-Low] Incorrect onlyAdmin Modifier in acceptAdminOwnership
#57680 [SC-High] PeapodsETHStrategy unable to withdraw yield from price share increase
#57476 [SC-High] _forceRepay() fails to decrement global cumulativeEarmarked
#58722 [SC-Medium] TokenAuto strategy allocation uses maxDeposit which may allocate less than requested, leaving any excess funds permanently locked
#58522 [SC-High] Earmark consumes excess cover, inflating cumulativeEarmarked
#56975 [SC-High] Liquidation Fee Trapping in AlchemistV3
#57024 [SC-Low] `wethBalanceBefore` is computed after withdrawal in `_deallocate` function in MorphoYearnOGWETHStrategy contract, leading to systematic StrategyDeallocationLoss event emission.
#58115 [SC-Medium] Incorrect WETH deposit amount prevents deposited ETH through `receive` function to cover strategy loss.
#58639 [SC-Medium] ``Off by One`` issue in the ``_forceRepay()`` function causes protocol to lose funds in the form of ``protocol fee``.
#58403 [SC-Medium] Missing Checks for Transaction Return Values in Moonwell Strategies
#57227 [SC-Medium] Unchecked Return Codes in MoonwellUSDCStrategy Leading to Stuck Funds
#56909 [SC-Low] Incorrect balance snapshot in strategy deallocation causes false loss events and masks real shortfalls
#56529 [SC-Low] Incorrect token balance calculation in MorphoYearnOGWETHStrategy.sol::_deallocate() leads to wrong event emitted every time
#57926 [SC-Low] The conditional 'StrategyDeallocationLoss' event in `MorphoYearnOGWETHStrategy::_deallocate` gets logged all the time due a misplacement in variable declaration
#56961 [SC-Low] Incorrect balance snapshot check in `_deallocate()` logs false deallocation loss in MorphoYearnOGWETH strategy
#56962 [SC-Low] Balance Check Logic Error in _deallocate() Function Leads to Broken Loss Detection and False Event Emissions
#58383 [SC-High] Due to `cumulativeEarmarked` not being updated in `Alchemix::_forceRepay` user funds are locked longer due to slower debt decay and Calculation of System Collaterization Rate is Inc...
#58769 [SC-High] `_forceRepay` fails to decrement global `cumulativeEarmarked`, causing redemption accounting desynchronization and potential protocol-wide redemption halt
#58799 [SC-High] `_forceRepay` does not reduce `cumulativeEarmarked` which leads to wrong accounting: users debts are incorrectly higher which can cause wrongful liquidations
#57704 [SC-High] Missing Global State Update in _forceRepay Leads to Permanent Freezing of Unclaimed Yield
#57023 [SC-High] Global earmark not reduced in _forceRepay lets redeem() over-burn global debt (cross-account leakage, protocol insolvency)
#58635 [SC-High] ``cumulativeEarmarked`` is not subtracted in ``_forceRepay()``.
#57777 [SC-Low] ZeroX swap verifier bypass enables direct theft of user funds
#56960 [SC-Medium] Missing Slippage Protection During Redemption Execution, lead to loss of token for user.
#58079 [SC-Low] Missing from validation in ZeroXSwapVerifier.verifySwapCalldata() enables direct theft of approved funds
#58289 [SC-Low] Missing addresses Verification in ZeroXSwapVerifier
#57516 [SC-Low] Arbitrary External Call in ZeroXSwapVerifier Leads to Theft of Unclaimed Yield
#57606 [SC-Insight] Attacker can DoS deposits by hitting the deposit cap
#58492 [SC-Medium] Unbounded Deposit Exposure in TokeAutoEthStrategy::_allocate()
#57532 [SC-High] Assets are not accounted for when the contract is in killSwitch mode
#57849 [SC-High] Funds gets stuck even when killswitch is enabled
#58127 [SC-Critical] Users can invoke the poke() function whenever the lastEarmarkDebtBlock is exactly one block behind the current block.number which lead to affecting users earmarked debt
#58723 [SC-High] `cumulativeEarmarked` is not updated at `_forceRepay`
#58418 [SC-Low] `verifySwapCalldata` cant verify the output token of the swap
#57028 [SC-Insight] Wrong amount variable in Repay event
#58705 [SC-Low] Mismatch between emitted protocol fee and actual fee paid in _forceRepay due to strict inequality check
#57832 [SC-Insight] Cap Logic Error in AlchemistAllocator
#58534 [SC-High] Zero Slippage Protection in Toke strategies Allocation
#58702 [SC-High] No slippage provided in Auto strategy implementation will open room for MEV attacks
#56902 [SC-High] Strategy Adapter `AaveV3OPUSDCStrategy` would not work well with aToken rebasing mechanism
#58287 [SC-High] _mytSharesDeposited is not updated on some token transfer
#58399 [SC-Critical] Precision Loss in badDebtRatio Calculation Causes Overpayment and DOS
#58768 [SC-High] `_mytSharesDeposited is not updated during liquidations, breaking core accounting
#56791 [SC-High] Missing `_mytSharesDeposited` Decrements in Token Transfers
#58207 [SC-High] AlchemistV3 _mytSharesDeposited Not Reduced When Repaid Collateral Sent to Transmuter
#57138 [SC-Critical] Protocol subsidizes repayment fees during liquidation
#58040 [SC-Low] removeStrategy() is Non-Functional
#57346 [SC-Low] AlchemistAllocator Compares Incompatible Units (Asset Wei vs WAD Percentage)
#57441 [SC-Critical] Repay-Only Fee Drain in AlchemistV3
#57982 [SC-Low] Permanently stuck rewards in the Vault
#58473 [SC-Low] Wrong redeemed amount calculation in MorphoYearnOGWETH strategy
#57378 [SC-High] Impossible to withdraw yield from strategies
#58530 [SC-High] Protocol insolvency via stale `_totalLocked`: zeroed `_totalLocked` prevents `_collateralWeight` update in `redeem()` leading to missed collateral haircut
#56555 [SC-Critical] User can avoid Bad Debt ratio scaling when claiming redeem, leading to protocol insolvency
#58110 [SC-Low] MorphoYearnOGWETHStrategy will always report strategy loss
#58313 [SC-Medium] Incorrect allocation accounting and dust handling in `StargateEthPoolStrategy` causes systematic loss, cap mis-accounting, and deallocation reverts
#58061 [SC-High] Incorrect collateral and fee Check in _doLiquidation Allows Liquidator to loose fee.
#57637 [SC-Low] acceptAdminOwnership doesn't allow expected user approval
#56709 [SC-Low] ZeroXSwapVerifier Missing Source Validation
#57208 [SC-Insight] It is possible to prevent lowering the deposit cap by front-running
#57646 [SC-Medium] ABI Signature Mismatch in ZeroXSwapVerifier Causes Complete Failure to Verify Legitimate 0x Settler Transactions
#58133 [SC-Low] TOKE Rewards Permanently Locked in Strategy adapter
#57587 [SC-Critical] _earmark() reduction of transmuterDifference does not always account for the full transmuter balance diff which can cause permanent earmark to accrue in Alchemist
#57483 [SC-Medium] Fees could be skipped when there is not enough collateral
#57771 [SC-Medium] Fee not collected in _forceRepay when should
#58718 [SC-Medium] In _forceRepay Protocol Fee Collection Leads to Theft of Unclaimed Yield
#58488 [SC-Low] TokeAutoUSDStrategy claims rewards to itself automatically when deallocate is called but since reward token is Tokemak the rewards remain permanently locked
#57196 [SC-High] Artificially inflated `_mytSharesDeposited` in `AlchemixV3.sol` deflates bad debt ratio in `Transmuter.sol`
#58502 [SC-High] Deposit cap denial of service due to stale _mytSharesDeposited during liquidation
#58234 [SC-Critical] There is a problem related ot Repayment Fee Overpayment can lead to Protocol Insolvency
#58491 [SC-High] _mytSharesDeposited Not Reduced on Liquidation, leading to Deposit Cap Bypass and potential insovency
#56628 [SC-High] `_liquidate` does not update `_mytSharesDeposited` that is reduced by fees
#58395 [SC-High] Repayment fee exit leaves `_mytSharesDeposited` inflated, hiding protocol insolvency
#57533 [SC-High] Inaccurate TVL Calculation Prevents Liquidations, Leading to Protocol Insolvency Risk
#58520 [SC-Low] Pending admin cannot accept ownership
#58606 [SC-High] Missing collateral accounting in liquidation leads to inflated bad debt calculations
#56545 [SC-High] Force Repayment Leaves Stale Global Earmarks, Freezing Transmuter Redemptions
#56846 [SC-Medium] Liquidation will return because of insufficient funds
#56719 [SC-High] The function _forcerepay reduces debt before clamp, creating unbacked loan forgiveness and protocol insolvency
#57123 [SC-Low] Incorrect 2 step ownership in AlchemistCurator
#58464 [SC-Critical] Repayment fee paid from protocol funds when user collateral is depleted
#58138 [SC-Critical] Liquidator fees could surpass the user remaining collateral resulting in protocol insolvency
#56602 [SC-Low] Function takes incorrect modifier
#58077 [SC-Low] Reward tokens are incorrectly claimed to strategy contract during deallocation leads to permanent token loss
#57977 [SC-High] Inconsistent rawLocked State of a user after subdebt Leads to Irrecoverable User Collateral Loss
#56737 [SC-Medium] The return value of mint is not checked
#58334 [SC-Medium] Incorrect Function Selectors
#58244 [SC-Low] Incorrect balance check order in `MorphoYearnOGWETH` strategy leads to false deallocation loss events
#58033 [SC-Medium] Unimplemented `_claimRewards()` Function Results in Permanent Freezing of Aave Incentive Rewards
#57545 [SC-Medium] Stargate ETH Strategy Rounding Bug
Was this helpful?