{"version":1,"pages":[{"id":"7YNKlaS7Qwn2zT3ZKpCG","title":"README","pathname":"/","siteSpaceId":"sitesp_stpzW","description":""},{"id":"swMcXU4G30qDFLKbo2xd","title":"Alchemix","pathname":"/alchemix","siteSpaceId":"sitesp_stpzW","description":""},{"id":"9n0yLwpT8g5CC1OsO8ro","title":"30555 - [SC - Low] Precision loss when calculating the FLUX amount...","pathname":"/alchemix/30555-sc-low-precision-loss-when-calculating-the-flux-amount...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"I7AeraHPPpZDsAEi2uoD","title":"30556 - [SC - Low] Past defeated proposals may become executable i...","pathname":"/alchemix/30556-sc-low-past-defeated-proposals-may-become-executable-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"96cPrqK4DjjEziUceRAU","title":"30565 - [SC - Low] veALCX does not comply with ERC breaking compos...","pathname":"/alchemix/30565-sc-low-vealcx-does-not-comply-with-erc-breaking-compos...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"9jQ5SPPM8hqOnbOLfgDD","title":"30584 - [SC - Insight] Invalid check to make sure Minter is already in...","pathname":"/alchemix/30584-sc-insight-invalid-check-to-make-sure-minter-is-already-in...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"FVgtunOojBuf1Yi6IH5r","title":"30592 - [SC - Medium] DOS attack by delegating tokens at MAX_DELEGATE...","pathname":"/alchemix/30592-sc-medium-dos-attack-by-delegating-tokens-at-max_delegate...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"RmfKqNxQjSGmKCrghNnY","title":"30598 - [SC - Low] Access Control Flaw in _burn Function Leads to ...","pathname":"/alchemix/30598-sc-low-access-control-flaw-in-_burn-function-leads-to-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"iWjcnKbp4nhTYTq25KRo","title":"30613 - [SC - Medium] malicious user can front run any call to the sw...","pathname":"/alchemix/30613-sc-medium-malicious-user-can-front-run-any-call-to-the-sw...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"aLUCITV7kOKaZLAJNLzZ","title":"30634 - [SC - Critical] Unauthorized minting of unlimited FLUX in tran...","pathname":"/alchemix/30634-sc-critical-unauthorized-minting-of-unlimited-flux-in-tran...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"kZ9QqVSU3aWa560Uvr1m","title":"30650 - [SC - Critical] Infinite minting of FLUX through voterpoke","pathname":"/alchemix/30650-sc-critical-infinite-minting-of-flux-through-voterpoke","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"YNg3yaWHptqwliwcuunz","title":"30651 - [SC - Critical] Insolvency in RevenueHandlersol because unclaim...","pathname":"/alchemix/30651-sc-critical-insolvency-in-revenuehandlersol-because-unclaim...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"9mvxe2ahP4ROmmkGZfBt","title":"30655 - [SC - Critical] Binary search does not correctly handle duplica...","pathname":"/alchemix/30655-sc-critical-binary-search-does-not-correctly-handle-duplica...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ymxbGP1MjjbG57BdcCQn","title":"30667 - [SC - Medium] Unlimited gauge numbers can DoS users distribut...","pathname":"/alchemix/30667-sc-medium-unlimited-gauge-numbers-can-dos-users-distribut...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"o8T0obUnSQocQQwnYs7W","title":"30671 - [SC - Critical] Reward token permanent freeze due to bulk call ...","pathname":"/alchemix/30671-sc-critical-reward-token-permanent-freeze-due-to-bulk-call-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"CXboCeDc8c09CcbnQtPr","title":"30682 - [SC - Critical] Insufficient slippage control in RevenueHandler...","pathname":"/alchemix/30682-sc-critical-insufficient-slippage-control-in-revenuehandler...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"OegXVVDDFCROve0dCYYT","title":"30683 - [SC - Critical] User can increase their unclaimed Flux token wi...","pathname":"/alchemix/30683-sc-critical-user-can-increase-their-unclaimed-flux-token-wi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ZZbJJttKjW8WlHG1ekzq","title":"30685 - [SC - Medium] The proposer can be impeded from submitting a p...","pathname":"/alchemix/30685-sc-medium-the-proposer-can-be-impeded-from-submitting-a-p...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"7BivjhIe0aGzX5uB4ysU","title":"30694 - [SC - Low] Users approved for a single token id cannot wit...","pathname":"/alchemix/30694-sc-low-users-approved-for-a-single-token-id-cannot-wit...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"beTO9bgO7ZWSAYbuJf84","title":"30699 - [SC - High] Permanent freezing of unclaimed ALCX yield when...","pathname":"/alchemix/30699-sc-high-permanent-freezing-of-unclaimed-alcx-yield-when...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"rn0QqAQ6C4LUbsurK8r2","title":"30704 - [SC - Medium] Griefing an account from getting votes delegate...","pathname":"/alchemix/30704-sc-medium-griefing-an-account-from-getting-votes-delegate...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"o6KI25PXwrkaX8Nz2aOn","title":"30708 - [SC - Low] treasuryPct can be exceeded than BPS due to inc...","pathname":"/alchemix/30708-sc-low-treasurypct-can-be-exceeded-than-bps-due-to-inc...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"WYzQhts1d7IGNzmXQySe","title":"30710 - [SC - Insight] The execution of the proposal has no expiration","pathname":"/alchemix/30710-sc-insight-the-execution-of-the-proposal-has-no-expiration","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"4GA656rmMAncpMUUwy6e","title":"30711 - [SC - Low] The result of the AggregatorVInterface is not v...","pathname":"/alchemix/30711-sc-low-the-result-of-the-aggregatorvinterface-is-not-v...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"o0IyNTnnxVInjvvuqqmd","title":"30781 - [SC - Low] It is possible to lower the quorum requirements...","pathname":"/alchemix/30781-sc-low-it-is-possible-to-lower-the-quorum-requirements...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"8Ku6FEtmT6aeNkd8olfv","title":"30788 - [SC - Critical] User can increase their unclaimed Flux token wi...","pathname":"/alchemix/30788-sc-critical-user-can-increase-their-unclaimed-flux-token-wi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"RD1Rty6uwGLmiYu1faOo","title":"30800 - [SC - Critical] Stealing FLUX by claiming then merging position...","pathname":"/alchemix/30800-sc-critical-stealing-flux-by-claiming-then-merging-position...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"PlI6pjKzIwtxHB6zOG9c","title":"30814 - [SC - Critical] Wrong calculation of boost amount in Voterpoke","pathname":"/alchemix/30814-sc-critical-wrong-calculation-of-boost-amount-in-voterpoke","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"TCTZsjPgGTAipyf00Hy6","title":"30818 - [SC - Low] division before multiplication in theamountToRa...","pathname":"/alchemix/30818-sc-low-division-before-multiplication-in-theamounttora...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"n05p7KsBd5bDsmF5xrAG","title":"30825 - [SC - Critical] Users can get unlimited amounts of Flux tokens","pathname":"/alchemix/30825-sc-critical-users-can-get-unlimited-amounts-of-flux-tokens","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"bILQCxI9T5bP3jABKbfC","title":"30826 - [SC - High] ALCK rewards are lost when merging tokens becau...","pathname":"/alchemix/30826-sc-high-alck-rewards-are-lost-when-merging-tokens-becau...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"HwJ9RmlQQnu8WZBDYeEV","title":"30860 - [SC - Critical] Wrong timestamp for totalVoting","pathname":"/alchemix/30860-sc-critical-wrong-timestamp-for-totalvoting","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"vrpvKXvzECUnQEfdWN0N","title":"30886 - [SC - Medium] Wrong totalWeight in Votersol","pathname":"/alchemix/30886-sc-medium-wrong-totalweight-in-votersol","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"DiIMEqgLg1cViw8H4NSx","title":"30898 - [SC - Critical] Call the deposit function before the distribute...","pathname":"/alchemix/30898-sc-critical-call-the-deposit-function-before-the-distribute...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"VSs2NyfiNClglNcgXqgP","title":"30906 - [SC - Critical] Voterpoke can be called at will leading to a us...","pathname":"/alchemix/30906-sc-critical-voterpoke-can-be-called-at-will-leading-to-a-us...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"8JxQ1z5PAW3vofNthuNg","title":"30910 - [SC - High] Processing of voting results is not implemented...","pathname":"/alchemix/30910-sc-high-processing-of-voting-results-is-not-implemented...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"x2sXh2i0T5IyAtl0GAZa","title":"30918 - [SC - Insight] Incorrect implementation of ownerOf makes veALC...","pathname":"/alchemix/30918-sc-insight-incorrect-implementation-of-ownerof-makes-vealc...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"AjAoRCQp8Fj8qKAihgWu","title":"30919 - [SC - Critical] Front running of pokeTokens could lead to loss ...","pathname":"/alchemix/30919-sc-critical-front-running-of-poketokens-could-lead-to-loss-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"90cupqmMlwVseJhaSINl","title":"30920 - [SC - Low] User loses access to claims after merging of to...","pathname":"/alchemix/30920-sc-low-user-loses-access-to-claims-after-merging-of-to...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"KLHDI5xh3lYe1bXhPQmO","title":"30921 - [SC - Low] Referential assignment causes incorrect block i...","pathname":"/alchemix/30921-sc-low-referential-assignment-causes-incorrect-block-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"u43UoYBvfXZQRdBFVOQ0","title":"30922 - [SC - High] DOS of withdrawals through filling the userPoin...","pathname":"/alchemix/30922-sc-high-dos-of-withdrawals-through-filling-the-userpoin...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"t1U5OozQGmjJelviffOk","title":"30925 - [SC - Critical] Manipulation of governance voting result by unl...","pathname":"/alchemix/30925-sc-critical-manipulation-of-governance-voting-result-by-unl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"kz8VTHIABjiTajaTUjkH","title":"30926 - [SC - Low] AlchemixGovernor updates to quorum can affect p...","pathname":"/alchemix/30926-sc-low-alchemixgovernor-updates-to-quorum-can-affect-p...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"faSshVpWAl2KLkDP3IIR","title":"30939 - [SC - Critical] Misuse of curve pool calls results for precisio...","pathname":"/alchemix/30939-sc-critical-misuse-of-curve-pool-calls-results-for-precisio...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"eOSWrls9tz52wR4tZtKH","title":"30951 - [SC - Low] Incorrect ownerOf implementation makes veALCX n...","pathname":"/alchemix/30951-sc-low-incorrect-ownerof-implementation-makes-vealcx-n...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"C9dpipCXkXK7o8jZeImW","title":"30959 - [SC - Insight] Immutable gauges can break the state of the vot...","pathname":"/alchemix/30959-sc-insight-immutable-gauges-can-break-the-state-of-the-vot...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"4WDEz4x5vqL3RQd38LEd","title":"30972 - [SC - Critical] Theft of unclaimed yield of the revenue in the ...","pathname":"/alchemix/30972-sc-critical-theft-of-unclaimed-yield-of-the-revenue-in-the-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"qnMkA0CKjs0GYHi9AWmY","title":"30973 - [SC - Low] Incorrect Validation of treasuryPct in the Reve...","pathname":"/alchemix/30973-sc-low-incorrect-validation-of-treasurypct-in-the-reve...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ZnP5SGmAekhI7EWYk2ZD","title":"30985 - [SC - Medium] Griefing attack prevents admins from disabling ...","pathname":"/alchemix/30985-sc-medium-griefing-attack-prevents-admins-from-disabling-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"rFPjiHqfVeAb5xnzCemT","title":"30990 - [SC - Critical] Users can use Voterpoke to accrue Flux tokens i...","pathname":"/alchemix/30990-sc-critical-users-can-use-voterpoke-to-accrue-flux-tokens-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"IGGmzWHLJeHEar4Tt7dC","title":"30992 - [SC - Insight] Inconsistent State Missing Event Emission in Fl...","pathname":"/alchemix/30992-sc-insight-inconsistent-state-missing-event-emission-in-fl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"3G6EknnBqw97BxxXSy5m","title":"30999 - [SC - Critical] An edge-case mints times more FLUX than it should","pathname":"/alchemix/30999-sc-critical-an-edge-case-mints-times-more-flux-than-it-should","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"LpT4Ajo7LuUpiD3iyj05","title":"31008 - [SC - High] Alcx rewards are permanently frozen when two to...","pathname":"/alchemix/31008-sc-high-alcx-rewards-are-permanently-frozen-when-two-to...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"H3zQAQDiwx0TfIsAe84N","title":"31042 - [SC - High] Claiming alchemic-token rewards can fail for so...","pathname":"/alchemix/31042-sc-high-claiming-alchemic-token-rewards-can-fail-for-so...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"12Qg20u2xPUJlWiH7FlE","title":"31071 - [SC - Critical] User can steal bribes and prevent other users f...","pathname":"/alchemix/31071-sc-critical-user-can-steal-bribes-and-prevent-other-users-f...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Kd21NW4wrjSSskGAbYkA","title":"31076 - [SC - Critical] checkpointTotalSupply can checkpoint before a t...","pathname":"/alchemix/31076-sc-critical-checkpointtotalsupply-can-checkpoint-before-a-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Hu2jrD3kCUfuh1JC3TuL","title":"31077 - [SC - Critical] RevenueHandler counts unclaimed tokens as new r...","pathname":"/alchemix/31077-sc-critical-revenuehandler-counts-unclaimed-tokens-as-new-r...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"1lszzvcwCxBuRgs7uCEQ","title":"31078 - [SC - High] withdraw doesnt claim all rewards before burnin...","pathname":"/alchemix/31078-sc-high-withdraw-doesnt-claim-all-rewards-before-burnin...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"lJNzcWf6iYAbtrcVXlJm","title":"31079 - [SC - Critical] Claiming bribes for epochs you didnt vote for l...","pathname":"/alchemix/31079-sc-critical-claiming-bribes-for-epochs-you-didnt-vote-for-l...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"o5IG0kAeTkmrGRidy5kZ","title":"31080 - [SC - Insight] DoS in startCooldown when users want start cool...","pathname":"/alchemix/31080-sc-insight-dos-in-startcooldown-when-users-want-start-cool...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"aiVpIl2eiPuNYIRyDfPN","title":"31082 - [SC - Critical] Expired locks can be used to claim rewards","pathname":"/alchemix/31082-sc-critical-expired-locks-can-be-used-to-claim-rewards","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"lVkIvBWhYpgz0UwexbL3","title":"31085 - [SC - Critical] Malicious users can front-run the distribution ...","pathname":"/alchemix/31085-sc-critical-malicious-users-can-front-run-the-distribution-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"9YpfbRLfpeCuA6WPo2Us","title":"31087 - [SC - Low] Colition between approve and _isApprovedOrOwner...","pathname":"/alchemix/31087-sc-low-colition-between-approve-and-_isapprovedorowner...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"a3oQFvrGcCDMugLl3Mx3","title":"31112 - [SC - Critical] Bribesolwithdraw doesnt update the totalVotings...","pathname":"/alchemix/31112-sc-critical-bribesolwithdraw-doesnt-update-the-totalvotings...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"j45rcb2os8D0FgUls7Zi","title":"31141 - [SC - Critical] Permanent freezing of unclaimed yield of reward...","pathname":"/alchemix/31141-sc-critical-permanent-freezing-of-unclaimed-yield-of-reward...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"tk00gcHTdyBNfCcEOKRk","title":"31149 - [SC - Critical] Manipulation of governance voting result by unl...","pathname":"/alchemix/31149-sc-critical-manipulation-of-governance-voting-result-by-unl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"W0v9dd5uiGxcVohMCdEL","title":"31151 - [SC - Medium] Delegation Saturation Leading to Asset Freezing...","pathname":"/alchemix/31151-sc-medium-delegation-saturation-leading-to-asset-freezing...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ZFRgeetNAufT5Wm1Uiuq","title":"31163 - [SC - Critical] Malicious actor can acquire bribe rewards by bl...","pathname":"/alchemix/31163-sc-critical-malicious-actor-can-acquire-bribe-rewards-by-bl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"co0kXOkKorjwrRX9PZxq","title":"31184 - [SC - Critical] Deflating the total amount of votes in a checkp...","pathname":"/alchemix/31184-sc-critical-deflating-the-total-amount-of-votes-in-a-checkp...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"GlDfonTQeXw7ZZdigxxq","title":"31189 - [SC - High] Voting algorithm does not apply maximum availab...","pathname":"/alchemix/31189-sc-high-voting-algorithm-does-not-apply-maximum-availab...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"rasUygiSOmgJzYXAw9Mq","title":"31196 - [SC - Critical] Voterpoke does not check lastVoted resulting in...","pathname":"/alchemix/31196-sc-critical-voterpoke-does-not-check-lastvoted-resulting-in...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"TC5sKJeewXFM0RiqwYjg","title":"31198 - [SC - Critical] VotingEscrowmerge does not check whether the _f...","pathname":"/alchemix/31198-sc-critical-votingescrowmerge-does-not-check-whether-the-_f...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"5J26m66ZguJZFbOPOOdN","title":"31199 - [SC - Critical] Users might receive less rewars token after Vot...","pathname":"/alchemix/31199-sc-critical-users-might-receive-less-rewars-token-after-vot...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"wXwyNsHQiESHM2XivU2a","title":"31211 - [SC - Critical] Inflation Of Total Votes and Potential Freeze o...","pathname":"/alchemix/31211-sc-critical-inflation-of-total-votes-and-potential-freeze-o...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"WD6MSk44tU7qGGvh1F65","title":"31222 - [SC - Critical] Unlimited Flux minting","pathname":"/alchemix/31222-sc-critical-unlimited-flux-minting","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Fcjyq9K8dSw1pThoVycQ","title":"31223 - [SC - Critical] Disproportionate Rewards Manipulation in Bribesol","pathname":"/alchemix/31223-sc-critical-disproportionate-rewards-manipulation-in-bribesol","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"DPVj3ViwzUGxn1LCrK5Z","title":"31226 - [SC - Insight] Missing Revert Message in require statement lea...","pathname":"/alchemix/31226-sc-insight-missing-revert-message-in-require-statement-lea...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"PWCQvNqGRQctb1UMrvWb","title":"31234 - [SC - Medium] Alchemix BlockSlope variable in checkpoint rou...","pathname":"/alchemix/31234-sc-medium-alchemix-blockslope-variable-in-checkpoint-rou...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"26gTIjyYBgzG2a82niSP","title":"31242 - [SC - Critical] RevenueHandlercheckpoint allows users to claim ...","pathname":"/alchemix/31242-sc-critical-revenuehandlercheckpoint-allows-users-to-claim-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Y1igiFonoozjdNaVwb4y","title":"31249 - [SC - Critical] malicious user can back-run Voterdistribute to ...","pathname":"/alchemix/31249-sc-critical-malicious-user-can-back-run-voterdistribute-to-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"0LM14UGrj9DrKu2eCNDN","title":"31253 - [SC - Critical] RevenueHandlercheckpoint isnt correctly","pathname":"/alchemix/31253-sc-critical-revenuehandlercheckpoint-isnt-correctly","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"0W6JY4BCU3qpIM7pyyf6","title":"31258 - [SC - High] Loss of Unclaimed Bribes After Burning veALCX T...","pathname":"/alchemix/31258-sc-high-loss-of-unclaimed-bribes-after-burning-vealcx-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Rr2ZbPbZQEFopcVRomC5","title":"31263 - [SC - Critical] RevenueHandlercheckpoint counts unclaimed rewar...","pathname":"/alchemix/31263-sc-critical-revenuehandlercheckpoint-counts-unclaimed-rewar...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"0gQzwYWNCjVoGM2kwHAj","title":"31264 - [SC - Insight] Multiple Reports QALowOOS Medium","pathname":"/alchemix/31264-sc-insight-multiple-reports-qalowoos-medium","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"QsfYtfquIXJlsAlynwnc","title":"31272 - [SC - Low] Approved user cant merge tokens not approved fo...","pathname":"/alchemix/31272-sc-low-approved-user-cant-merge-tokens-not-approved-fo...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"CGFRE3PQOYP8OWPDrivY","title":"31276 - [SC - High] BPT can be locked for only week resulting in u...","pathname":"/alchemix/31276-sc-high-bpt-can-be-locked-for-only-week-resulting-in-u...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"J6iMp6qMXCtoceoYQMjN","title":"31277 - [SC - Insight] The user can propose with less voting power tha...","pathname":"/alchemix/31277-sc-insight-the-user-can-propose-with-less-voting-power-tha...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Ft7UoQ6aR11Sg3ieG2Ub","title":"31280 - [SC - Critical] Malicious user can mint unlimited flux tokens","pathname":"/alchemix/31280-sc-critical-malicious-user-can-mint-unlimited-flux-tokens","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"wlMEHO4oBhjiCsvyigN6","title":"31281 - [SC - Low] Approved spender cannot withdraw or merge","pathname":"/alchemix/31281-sc-low-approved-spender-cannot-withdraw-or-merge","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ngY6UqOAsChPlbxEqi4z","title":"31284 - [SC - Insight] cancel should allow to cancel the proposal of t...","pathname":"/alchemix/31284-sc-insight-cancel-should-allow-to-cancel-the-proposal-of-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"gAw0PQoS2BZFZ4SmLgrD","title":"31293 - [SC - High] Voters who withdraw veLACX tokens risk losing g...","pathname":"/alchemix/31293-sc-high-voters-who-withdraw-velacx-tokens-risk-losing-g...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"8pmLWOMOQDQEZXawifcw","title":"31295 - [SC - High] Newly created gauge may missed out on its rewards","pathname":"/alchemix/31295-sc-high-newly-created-gauge-may-missed-out-on-its-rewards","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"j46dSUcbHUROI6Pg08wD","title":"31298 - [SC - Medium] Anyone can let users delegates reach the upper ...","pathname":"/alchemix/31298-sc-medium-anyone-can-let-users-delegates-reach-the-upper-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"HZlpXzGHm73A4RcsL9X1","title":"31309 - [SC - Critical] slippage protection is inaccurate","pathname":"/alchemix/31309-sc-critical-slippage-protection-is-inaccurate","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"PIAqVW3Wtwxmh5lRlGe4","title":"31326 - [SC - High] Precision loss causes minor loss of FLUX when c...","pathname":"/alchemix/31326-sc-high-precision-loss-causes-minor-loss-of-flux-when-c...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"xfP4JChESKGr2F3fn9cH","title":"31329 - [SC - Critical] Attacker can gain infinitive FLUX by repeating ...","pathname":"/alchemix/31329-sc-critical-attacker-can-gain-infinitive-flux-by-repeating-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"RWV5iw9Dita2jRlQ3izD","title":"31335 - [SC - High] getActualSupply should be used instead of total...","pathname":"/alchemix/31335-sc-high-getactualsupply-should-be-used-instead-of-total...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"3t3FqAMHF0vzW700EnQr","title":"31355 - [SC - Low] Past Defeated Proposals Can Be Executed in the ...","pathname":"/alchemix/31355-sc-low-past-defeated-proposals-can-be-executed-in-the-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"W51pcWgfrqW4zg1G7uni","title":"31375 - [SC - Critical] Lack of Access control in poke function allows ...","pathname":"/alchemix/31375-sc-critical-lack-of-access-control-in-poke-function-allows-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ngiMDnHwXLHDxaFNmx6j","title":"31377 - [SC - Critical] Stucked yield tokens upon withdrawal of votes f...","pathname":"/alchemix/31377-sc-critical-stucked-yield-tokens-upon-withdrawal-of-votes-f...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"N4m17ZkWSv7yi7ll35TH","title":"31380 - [SC - High] FluxTokencalculateBPT uses wrong algorithm caus...","pathname":"/alchemix/31380-sc-high-fluxtokencalculatebpt-uses-wrong-algorithm-caus...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"oWCfjzJA2igd9JJlXU08","title":"31381 - [SC - Low] Alchemix Incorrect Initialisation of struct in...","pathname":"/alchemix/31381-sc-low-alchemix-incorrect-initialisation-of-struct-in...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"QMhqNKNIqPMagnqR9K9p","title":"31382 - [SC - High] VotingEscrowupdateUnlockTime - Its possible for...","pathname":"/alchemix/31382-sc-high-votingescrowupdateunlocktime-its-possible-for...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"jhzHfU4sCZwGroHatc3F","title":"31383 - [SC - Low] price feeds sanity checks isnt correct in funct...","pathname":"/alchemix/31383-sc-low-price-feeds-sanity-checks-isnt-correct-in-funct...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"lAgcYpm4NNxso0Rcj05a","title":"31385 - [SC - Low] RewardsDistributortokensPerWeek might be zero i...","pathname":"/alchemix/31385-sc-low-rewardsdistributortokensperweek-might-be-zero-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"PC4iVMYm3HPm5zfdLTvc","title":"31386 - [SC - Critical] Malicious user can steal FLUX token by abusing ...","pathname":"/alchemix/31386-sc-critical-malicious-user-can-steal-flux-token-by-abusing-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ovLcrggffp5IG9s3wHWK","title":"31388 - [SC - Critical] Vulnerability in the poke function of Voting co...","pathname":"/alchemix/31388-sc-critical-vulnerability-in-the-poke-function-of-voting-co...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ExN7KqG9XVOeNrtjyfzg","title":"31390 - [SC - High] Precision Loss in FluxTokensolgetClaimableFlux","pathname":"/alchemix/31390-sc-high-precision-loss-in-fluxtokensolgetclaimableflux","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Q7v1msn2cqDkmEeF46wJ","title":"31397 - [SC - Critical] In Bribesol _writeVotingCheckpoint isnt called ...","pathname":"/alchemix/31397-sc-critical-in-bribesol-_writevotingcheckpoint-isnt-called-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"HiJa0hxeESExa6m0AHRy","title":"31399 - [SC - High] RewardDistributor claims can be DoSed through e...","pathname":"/alchemix/31399-sc-high-rewarddistributor-claims-can-be-dosed-through-e...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"3CmelqFsy1NTUBAHlczI","title":"31407 - [SC - Insight] Alchemist is given over Allowance through Reven...","pathname":"/alchemix/31407-sc-insight-alchemist-is-given-over-allowance-through-reven...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"vqRh3vQoE29G9O6mx2eL","title":"31408 - [SC - Critical] Killed Gauge continue to accrue and steal rewar...","pathname":"/alchemix/31408-sc-critical-killed-gauge-continue-to-accrue-and-steal-rewar...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"KYhf4sMF1Q9bVPRisCmR","title":"31409 - [SC - Critical] Users can grief Bribe rewards forcing them to b...","pathname":"/alchemix/31409-sc-critical-users-can-grief-bribe-rewards-forcing-them-to-b...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"jLgQKVczEcqRSvnjYn4S","title":"31410 - [SC - Medium] Griefing Attack using delegate will expose User...","pathname":"/alchemix/31410-sc-medium-griefing-attack-using-delegate-will-expose-user...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"zoLAWd9B7tZb6pyK2bxC","title":"31413 - [SC - Medium] DOS attack by delegating tokens at MAX_DELEGATES","pathname":"/alchemix/31413-sc-medium-dos-attack-by-delegating-tokens-at-max_delegates","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"7xLYa68wdbnPaMCbF3gA","title":"31416 - [SC - Insight] Impossible to set boostMultiplier to MIN_BOOST","pathname":"/alchemix/31416-sc-insight-impossible-to-set-boostmultiplier-to-min_boost","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"GVpxO9MljJhP6Rd8KhHe","title":"31417 - [SC - Insight] Compound claiming transactions will revert if u...","pathname":"/alchemix/31417-sc-insight-compound-claiming-transactions-will-revert-if-u...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Jvkqq29rM0TYop7wTaIH","title":"31418 - [SC - Critical] the killed gauge collect claim amount","pathname":"/alchemix/31418-sc-critical-the-killed-gauge-collect-claim-amount","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"00UcZUqXwxENqVUNit0x","title":"31420 - [SC - Insight] No array lengths check in VotersolclaimBribes","pathname":"/alchemix/31420-sc-insight-no-array-lengths-check-in-votersolclaimbribes","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"YrMWMty1RBwmGrHEJOD3","title":"31425 - [SC - Medium] Users can call reset on their token even if the...","pathname":"/alchemix/31425-sc-medium-users-can-call-reset-on-their-token-even-if-the...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"bVIkTcixQeGTSoL9jdZE","title":"31430 - [SC - Insight] QA","pathname":"/alchemix/31430-sc-insight-qa","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"jxWRtqrdedxBPPinGcKV","title":"31435 - [SC - High] ALCX rewards arent claimed for from token when ...","pathname":"/alchemix/31435-sc-high-alcx-rewards-arent-claimed-for-from-token-when-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"vKqcYsRrUNywGoQRW220","title":"31443 - [SC - Insight] Incorrect values of votingDelay and votingPerio...","pathname":"/alchemix/31443-sc-insight-incorrect-values-of-votingdelay-and-votingperio...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"eJ8HP0sf82U8MBUq5M0W","title":"31444 - [SC - Critical] Manipulation of ve voting mechanism unlimited b...","pathname":"/alchemix/31444-sc-critical-manipulation-of-ve-voting-mechanism-unlimited-b...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"JcRtWdxAswvkto9dDhf7","title":"31447 - [SC - High] veALCX holders are able to withdraw rewards and...","pathname":"/alchemix/31447-sc-high-vealcx-holders-are-able-to-withdraw-rewards-and...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"uP9D09E3VOo7ohixDV6I","title":"31448 - [SC - Medium] Bypassing the Governances proposal threshold to...","pathname":"/alchemix/31448-sc-medium-bypassing-the-governances-proposal-threshold-to...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"9SaLFmJferzGK74RrzhQ","title":"31449 - [SC - Low] BribegetRewardForOwner should not revert if the...","pathname":"/alchemix/31449-sc-low-bribegetrewardforowner-should-not-revert-if-the...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"CfPzG6yDvI3BACC8mXlb","title":"31451 - [SC - Insight] MAX_PROPOSAL_NUMERATOR is incorrectly set","pathname":"/alchemix/31451-sc-insight-max_proposal_numerator-is-incorrectly-set","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"F7UuKqTDw6gm91eJGTcO","title":"31453 - [SC - Critical] The balance of RevenueHandler can be drained","pathname":"/alchemix/31453-sc-critical-the-balance-of-revenuehandler-can-be-drained","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"g4DXmWEfGnj0k0puHkkX","title":"31458 - [SC - Critical] Invalid handling of epochs revenue for tokens t...","pathname":"/alchemix/31458-sc-critical-invalid-handling-of-epochs-revenue-for-tokens-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"0PqSw92eIXp7Tx6P0YWn","title":"31460 - [SC - Insight] supportsInterface does not return typeIERCRecei...","pathname":"/alchemix/31460-sc-insight-supportsinterface-does-not-return-typeiercrecei...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"AmZm185IryJAxnHM5rfu","title":"31461 - [SC - Critical] veALCX holder can mint Unlimited FLUX tokens","pathname":"/alchemix/31461-sc-critical-vealcx-holder-can-mint-unlimited-flux-tokens","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"CoJfKNQW5mQ7rdF9kmZ5","title":"31462 - [SC - Medium] Alchemix addReward access control can be bypas...","pathname":"/alchemix/31462-sc-medium-alchemix-addreward-access-control-can-be-bypas...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"yMNt2q3hHM2iHVpbDM8w","title":"31466 - [SC - Critical] Wrong reward calculation leads to rewards being...","pathname":"/alchemix/31466-sc-critical-wrong-reward-calculation-leads-to-rewards-being...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"JAum8xA7hpatfJR9ybY0","title":"31470 - [SC - Critical] Bribing protocols pay bribes but dont get emiss...","pathname":"/alchemix/31470-sc-critical-bribing-protocols-pay-bribes-but-dont-get-emiss...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"lLragXVx6jgzxn7f6gBo","title":"31472 - [SC - Critical] Stealing all revenue from the Alchemix protocol","pathname":"/alchemix/31472-sc-critical-stealing-all-revenue-from-the-alchemix-protocol","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"Dcw2iPtnck7x4DM4O1dU","title":"31478 - [SC - High] calculateBPT doesnt divide by basis points infl...","pathname":"/alchemix/31478-sc-high-calculatebpt-doesnt-divide-by-basis-points-infl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ZNzv9x2Bq5xdqkuinKQk","title":"31479 - [SC - High] alchemechNFT holder will get too little FLUX be...","pathname":"/alchemix/31479-sc-high-alchemechnft-holder-will-get-too-little-flux-be...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ObFxWRci743Ff8HiC9L7","title":"31480 - [SC - High] Miscalculation of global bias","pathname":"/alchemix/31480-sc-high-miscalculation-of-global-bias","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"6RcNLfQBtoqJecIfsNhg","title":"31481 - [SC - Critical] Undound FLUX accrual through reset and merge","pathname":"/alchemix/31481-sc-critical-undound-flux-accrual-through-reset-and-merge","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"QKNSESc1MI1qLGUvRgyK","title":"31483 - [SC - Critical] Users can vote multiple times in one epoch","pathname":"/alchemix/31483-sc-critical-users-can-vote-multiple-times-in-one-epoch","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"2uOXhrYdX5jgfs4BYNPP","title":"31484 - [SC - High] Rewards for the first epoch at rewards distribu...","pathname":"/alchemix/31484-sc-high-rewards-for-the-first-epoch-at-rewards-distribu...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"fcogIGxqs6EwIDBSNlmG","title":"31485 - [SC - Critical] Miscalculation of distributed tokens at revenue...","pathname":"/alchemix/31485-sc-critical-miscalculation-of-distributed-tokens-at-revenue...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"tEuH5WdpqweAUKhqx6Qq","title":"31486 - [SC - High] getClaimableFlux miscalculates claimable FLUX f...","pathname":"/alchemix/31486-sc-high-getclaimableflux-miscalculates-claimable-flux-f...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"5ZgVvtUafJfHtLk7xXld","title":"31487 - [SC - Low] Wrong condition check on RevenueHandlerconstruc...","pathname":"/alchemix/31487-sc-low-wrong-condition-check-on-revenuehandlerconstruc...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"FgK7xswH7lc3zVaDGQsh","title":"31488 - [SC - Critical] Merging tokens allows multiple Flux accruals wi...","pathname":"/alchemix/31488-sc-critical-merging-tokens-allows-multiple-flux-accruals-wi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"1XdhynlKXySAReDYtjqV","title":"31494 - [SC - High] Alchemix The first epochs ALCX emissions of vo...","pathname":"/alchemix/31494-sc-high-alchemix-the-first-epochs-alcx-emissions-of-vo...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"YOgGthiRGvJ0HmfNlotk","title":"31495 - [SC - Critical] Users cannot claim rewards from RevenueHandler ...","pathname":"/alchemix/31495-sc-critical-users-cannot-claim-rewards-from-revenuehandler-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"HWiUB9emBGuKjym2lLO9","title":"31497 - [SC - Low] executeBatch lacks payable so ethers can not be...","pathname":"/alchemix/31497-sc-low-executebatch-lacks-payable-so-ethers-can-not-be...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"SEK2K356t1dDUNkPVVBT","title":"31498 - [SC - High] Alchemix ALCX rewards are currently subject to...","pathname":"/alchemix/31498-sc-high-alchemix-alcx-rewards-are-currently-subject-to...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"2pJ5XeZF4fLxkHPt8oJN","title":"31503 - [SC - Insight] Incorrect value of MAX_PROPOSAL_NUMERATOR in Al...","pathname":"/alchemix/31503-sc-insight-incorrect-value-of-max_proposal_numerator-in-al...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"C69oCExOCX6dV3GueoRN","title":"31507 - [SC - Critical] Malicious user could flash-loan the veALCX to i...","pathname":"/alchemix/31507-sc-critical-malicious-user-could-flash-loan-the-vealcx-to-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"L3kC0fzwMl77hWf1Lgl1","title":"31512 - [SC - Critical] Infinite minting of FLUX through Merge","pathname":"/alchemix/31512-sc-critical-infinite-minting-of-flux-through-merge","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"DmlSLNqua7948pNjvMHn","title":"31514 - [SC - Medium] Malicious users can cause pokeTokens to revert","pathname":"/alchemix/31514-sc-medium-malicious-users-can-cause-poketokens-to-revert","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"lGOsRvRPHLxXgzAUk1En","title":"31519 - [SC - Low] Lack of revert statement in Votersolpoke result...","pathname":"/alchemix/31519-sc-low-lack-of-revert-statement-in-votersolpoke-result...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"QWuhI54d1nhJuUxcClat","title":"31520 - [SC - Critical] Incorrect accounting of totalVoting leads to pe...","pathname":"/alchemix/31520-sc-critical-incorrect-accounting-of-totalvoting-leads-to-pe...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"x9wiMKwhEXEP0WPFPSJK","title":"31521 - [SC - Medium] Early return in RewardsDistributorclaim can cau...","pathname":"/alchemix/31521-sc-medium-early-return-in-rewardsdistributorclaim-can-cau...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"cHuC8veUnldK6kRplXcf","title":"31523 - [SC - Low] USDT Approval will cause function failure","pathname":"/alchemix/31523-sc-low-usdt-approval-will-cause-function-failure","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"GwPR7fihXvB4Vg2QFc6w","title":"31524 - [SC - High] Rounding down in getClaimableFlux leads to less...","pathname":"/alchemix/31524-sc-high-rounding-down-in-getclaimableflux-leads-to-less...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"qSrRFrDDov4or6Hhnc34","title":"31526 - [SC - Critical] A user is able to claim more bribes than they h...","pathname":"/alchemix/31526-sc-critical-a-user-is-able-to-claim-more-bribes-than-they-h...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"oBWncwyv7iokMTV0Zb6t","title":"31527 - [SC - Critical] No accounting for totalVoting in Bribesolwithdr...","pathname":"/alchemix/31527-sc-critical-no-accounting-for-totalvoting-in-bribesolwithdr...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"ZqhrITfFAfXcJw0226X5","title":"31539 - [SC - Medium] The Voterdistribute function can continue to fail","pathname":"/alchemix/31539-sc-medium-the-voterdistribute-function-can-continue-to-fail","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"y0em1HtQbb2mBPlhpeCZ","title":"31540 - [SC - Insight] Expired Token Locks Impacting Vote Weight Calcu...","pathname":"/alchemix/31540-sc-insight-expired-token-locks-impacting-vote-weight-calcu...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"itEb7pEPVxP3aEaLkLxq","title":"31541 - [SC - Critical] FluxTokens unlimited mint and Exploitation of g...","pathname":"/alchemix/31541-sc-critical-fluxtokens-unlimited-mint-and-exploitation-of-g...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"HbLvaFIFi9se1H0VQslK","title":"31542 - [SC - Low] Bribeearned - L Its potentially possible to ear...","pathname":"/alchemix/31542-sc-low-bribeearned-l-its-potentially-possible-to-ear...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"aS48UGy6GicZx464vUMd","title":"31544 - [SC - High] Certain small amount of tokens are not accounte...","pathname":"/alchemix/31544-sc-high-certain-small-amount-of-tokens-are-not-accounte...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"muVdCMZ1Ltl5zSHAVW8O","title":"31552 - [SC - Insight] Lack of the validation for a Flash token protec...","pathname":"/alchemix/31552-sc-insight-lack-of-the-validation-for-a-flash-token-protec...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"hSS2uwsIuBFfIS3msYno","title":"31555 - [SC - Low] RewardsDistributoramountToCompound - L The stal...","pathname":"/alchemix/31555-sc-low-rewardsdistributoramounttocompound-l-the-stal...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"8Iaorz5suqYciJNB3zVv","title":"31556 - [SC - Critical] Unfair Revenue Distribution in Non-Alchemix Rev...","pathname":"/alchemix/31556-sc-critical-unfair-revenue-distribution-in-non-alchemix-rev...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"zVqSjIYt4OxeQiEFLxkh","title":"31558 - [SC - Insight] Discrepancy in MAX_PROPOSAL_NUMERATOR Value in ...","pathname":"/alchemix/31558-sc-insight-discrepancy-in-max_proposal_numerator-value-in-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"4C9mIjzbNtGPjgXSkLQu","title":"31559 - [SC - Low] Minter UpdatePeriod after weeks causes Rewards...","pathname":"/alchemix/31559-sc-low-minter-updateperiod-after-weeks-causes-rewards...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"k16fxs55H1kQAnsSJdtd","title":"31562 - [SC - Medium] Every consecutive epoch will have same number o...","pathname":"/alchemix/31562-sc-medium-every-consecutive-epoch-will-have-same-number-o...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"g9IV8FXN64ogc8Owipey","title":"31563 - [SC - Low] Oracle days staleThreshold for priceTimestamp ...","pathname":"/alchemix/31563-sc-low-oracle-days-stalethreshold-for-pricetimestamp-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"uYDRwOtaopYbaZvP4Pju","title":"31566 - [SC - Medium] Checkpoints wont update block number in point b...","pathname":"/alchemix/31566-sc-medium-checkpoints-wont-update-block-number-in-point-b...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"rxdR1EQ5VrLxgTIioADk","title":"31567 - [SC - Critical] VotingEscrowsolcheckpoint is completely broken","pathname":"/alchemix/31567-sc-critical-votingescrowsolcheckpoint-is-completely-broken","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"hnsvV3gRv0j3Y46tIsc1","title":"31575 - [SC - Medium] depositIntoRewardPool and withdrawFromRewardPo...","pathname":"/alchemix/31575-sc-medium-depositintorewardpool-and-withdrawfromrewardpo...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"4m5iIOP3HUi8XxIq7d1S","title":"31579 - [SC - Critical] Infinite mint of FLUX using poke","pathname":"/alchemix/31579-sc-critical-infinite-mint-of-flux-using-poke","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"J7ukNNYIp2icIlYBvy6k","title":"31583 - [SC - Insight] Off by one error while adding reward pool token","pathname":"/alchemix/31583-sc-insight-off-by-one-error-while-adding-reward-pool-token","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"RMLyCnQyCwc8q8mAUmOh","title":"31584 - [SC - Critical] Loss Of Boosted Weight When Poking In The Same ...","pathname":"/alchemix/31584-sc-critical-loss-of-boosted-weight-when-poking-in-the-same-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"akn9cvXdmcC5cmMxNqkN","title":"31588 - [SC - Low] Users could start cooldown period for their wit...","pathname":"/alchemix/31588-sc-low-users-could-start-cooldown-period-for-their-wit...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"XWzf4BlbwOMVCN3VDKCJ","title":"31592 - [SC - Insight] Collection of other important issues","pathname":"/alchemix/31592-sc-insight-collection-of-other-important-issues","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"x3M3Vieo744VYL9IKIyU","title":"31594 - [SC - Insight] RewardPoolManager can only add RewardPoolToken ...","pathname":"/alchemix/31594-sc-insight-rewardpoolmanager-can-only-add-rewardpooltoken-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"zwcvWC071A5kaToDBlXJ","title":"31597 - [SC - High] Loss of precision while calculating claimable f...","pathname":"/alchemix/31597-sc-high-loss-of-precision-while-calculating-claimable-f...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Alchemix"}]},{"id":"U2lPvd3nWfxs7vcmMh44","title":"BadgerDAO (eBTC)","pathname":"/badgerdao-ebtc","siteSpaceId":"sitesp_stpzW","description":""},{"id":"hd48r6ipZOhczc9jKoPj","title":"28546 - [SC - Insight] FlashLoan can be taken with no fee to be paid","pathname":"/badgerdao-ebtc/28546-sc-insight-flashloan-can-be-taken-with-no-fee-to-be-paid","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"UkFaRY1Uq65mNZhv2ygj","title":"28605 - [SC - Insight] Reentrancy on ActivePool allows users to borrow...","pathname":"/badgerdao-ebtc/28605-sc-insight-reentrancy-on-activepool-allows-users-to-borrow...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"12elc6OIh2WFRdOwqjYL","title":"28659 - [SC - Insight] Reentrancy in BorrowerOperationsflashLoan enabl...","pathname":"/badgerdao-ebtc/28659-sc-insight-reentrancy-in-borroweroperationsflashloan-enabl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"NwOaiLiydfB3jh9ySbB5","title":"28713 - [SC - Insight] Reentrancy on BorrowerOperations allows users t...","pathname":"/badgerdao-ebtc/28713-sc-insight-reentrancy-on-borroweroperations-allows-users-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"2kHROBnpzZISxxii0Bzp","title":"28791 - [SC - Low] The system protects from any rounding issues wh...","pathname":"/badgerdao-ebtc/28791-sc-low-the-system-protects-from-any-rounding-issues-wh...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"l5LqWs6P7pwt9iDUcqzq","title":"28823 - [SC - Insight] Lido slashing can negatively affect the whole l...","pathname":"/badgerdao-ebtc/28823-sc-insight-lido-slashing-can-negatively-affect-the-whole-l...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"XP2zWmrRhbHWzCVvrSFp","title":"28828 - [SC - Low] Use of deprecated Chainlink API can lead contra...","pathname":"/badgerdao-ebtc/28828-sc-low-use-of-deprecated-chainlink-api-can-lead-contra...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"Smfl6uELXOlsKe7gDUEk","title":"28843 - [SC - Low] Canceled partial redeeming syncs the accounting...","pathname":"/badgerdao-ebtc/28843-sc-low-canceled-partial-redeeming-syncs-the-accounting...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"HqIJndSoDDINmmtKSbAJ","title":"28849 - [SC - Low] Using batchRedemption even if the TCR becomes s...","pathname":"/badgerdao-ebtc/28849-sc-low-using-batchredemption-even-if-the-tcr-becomes-s...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"AWJz2b3U25oWRE4i0pDn","title":"28853 - [SC - Insight] Trycatch will not function with internal type","pathname":"/badgerdao-ebtc/28853-sc-insight-trycatch-will-not-function-with-internal-type","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"zJUOerKKbPOR7VRT73v0","title":"28858 - [SC - Insight] Execution of SortedCpds while command may cause...","pathname":"/badgerdao-ebtc/28858-sc-insight-execution-of-sortedcpds-while-command-may-cause...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"zi8wcnDgHfzS6g9buSIT","title":"28862 - [SC - Insight] Static MIN_CHANGE threshold and lack of relativ...","pathname":"/badgerdao-ebtc/28862-sc-insight-static-min_change-threshold-and-lack-of-relativ...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"mq8MlmAU5xZqZEeVguAA","title":"28864 - [SC - Insight] Unfair Liquidation when ICR equals TCR in redee...","pathname":"/badgerdao-ebtc/28864-sc-insight-unfair-liquidation-when-icr-equals-tcr-in-redee...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"WqWeRH5IXRag9PzrztWO","title":"28890 - [SC - Insight] EBTCTokensol mint function lack of checks allow...","pathname":"/badgerdao-ebtc/28890-sc-insight-ebtctokensol-mint-function-lack-of-checks-allow...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"jV1i1Fp0TCVdLpbX375C","title":"28916 - [SC - Insight] Liquidation Abuse More than half of all assets ...","pathname":"/badgerdao-ebtc/28916-sc-insight-liquidation-abuse-more-than-half-of-all-assets-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"qzN7YAEoU3a0zKvGRonh","title":"28967 - [SC - Insight] When fallback oracle is frozen fetchPrice can r...","pathname":"/badgerdao-ebtc/28967-sc-insight-when-fallback-oracle-is-frozen-fetchprice-can-r...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"gKruN47bpMLQcjSdFjPR","title":"28973 - [SC - Insight] Users CDPs can be removed unintentionally by CD...","pathname":"/badgerdao-ebtc/28973-sc-insight-users-cdps-can-be-removed-unintentionally-by-cd...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"Mu5pgmtH3eP2NBTjHuT2","title":"28980 - [SC - Insight] Ther is an invariant Check Failure in flashLoan...","pathname":"/badgerdao-ebtc/28980-sc-insight-ther-is-an-invariant-check-failure-in-flashloan...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"pZapA3RufjI86SzldlPm","title":"29000 - [SC - Insight] Potential for Denial-of-Service in the redeemCo...","pathname":"/badgerdao-ebtc/29000-sc-insight-potential-for-denial-of-service-in-the-redeemco...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"3u7kxieBnXhebBgcfW0v","title":"29002 - [SC - Insight] Incorrect implementation of EIP- domain separat...","pathname":"/badgerdao-ebtc/29002-sc-insight-incorrect-implementation-of-eip-domain-separat...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"BadgerDAO (eBTC)"}]},{"id":"kErH2WFTQKUthIQcmfvK","title":"DeGate","pathname":"/degate","siteSpaceId":"sitesp_stpzW","description":""},{"id":"BMdbceRF7SaecX6heYBM","title":"25882 - [SC - Insight] Freezing of funds from the Default Deposit Cont...","pathname":"/degate/25882-sc-insight-freezing-of-funds-from-the-default-deposit-cont...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"l5cHmBCujzxg8zZ9iI06","title":"25885 - [SC - Insight] Prevent the operator from submitting blocks to L","pathname":"/degate/25885-sc-insight-prevent-the-operator-from-submitting-blocks-to-l","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"GMmpEvK40uPacpPr4M09","title":"25886 - [SC - Insight] registerToken can be front-run causing token ca...","pathname":"/degate/25886-sc-insight-registertoken-can-be-front-run-causing-token-ca...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"n6jebhbokgiZix9uzNFD","title":"25892 - [SC - Insight] A malicious user can DoS force withdraw request...","pathname":"/degate/25892-sc-insight-a-malicious-user-can-dos-force-withdraw-request...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"lRqJPiQpZZw7mWzmTSj6","title":"25903 - [SC - Insight] Possible loss of user funds by front-runing the...","pathname":"/degate/25903-sc-insight-possible-loss-of-user-funds-by-front-runing-the...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"HyI2gPqlFz7ErmFiUf8Z","title":"25906 - [SC - Insight] setDelay function doesnt revert even when the d...","pathname":"/degate/25906-sc-insight-setdelay-function-doesnt-revert-even-when-the-d...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"HoTx66kSD9TMcIQ1Luoo","title":"25917 - [SC - Insight] Timelock can call transferProxyOwnership of Dep...","pathname":"/degate/25917-sc-insight-timelock-can-call-transferproxyownership-of-dep...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"xrYimjAA8J9QY1YDmkny","title":"25921 - [SC - Insight] Flaw in upgradeToAndCall leads to the proxy cal...","pathname":"/degate/25921-sc-insight-flaw-in-upgradetoandcall-leads-to-the-proxy-cal...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"aGywt9S95X2LWSmU0TQm","title":"25927 - [SC - Insight] MultiSig Owners can set malicious implementatio...","pathname":"/degate/25927-sc-insight-multisig-owners-can-set-malicious-implementatio...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"IoAt5jUVuCqCLDsAeSm0","title":"25930 - [SC - Insight] Malicious owner can update the DepositParams st...","pathname":"/degate/25930-sc-insight-malicious-owner-can-update-the-depositparams-st...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"A1aRBvOuiG94AFsdaYxb","title":"25933 - [SC - Insight] The last person to confirm can control the exec...","pathname":"/degate/25933-sc-insight-the-last-person-to-confirm-can-control-the-exec...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"vamWUUnldz3TsFdjj1rH","title":"25935 - [SC - Insight] Permissive Fallback Function","pathname":"/degate/25935-sc-insight-permissive-fallback-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"LnwJxoYMahtNzYoKxlLn","title":"25952 - [SC - Insight] The smart contract could be inoperable due to w...","pathname":"/degate/25952-sc-insight-the-smart-contract-could-be-inoperable-due-to-w...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"W0dwTXFGa07N8AJPzgqI","title":"26012 - [SC - Insight] getTransactionIds will break at some point runn...","pathname":"/degate/26012-sc-insight-gettransactionids-will-break-at-some-point-runn...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"LCpGKdR9NxHLVCG8CWvb","title":"26017 - [SC - Insight] getTransactionCount will break at some point ru...","pathname":"/degate/26017-sc-insight-gettransactioncount-will-break-at-some-point-ru...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"lrbLcrtrek2YBWn7uPpg","title":"26039 - [SC - Insight] Proxy contract deployments can be front-run to ...","pathname":"/degate/26039-sc-insight-proxy-contract-deployments-can-be-front-run-to-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"gjlkuPnXrudMiitQSu0I","title":"26066 - [SC - Insight] Timelock eta variable can be set further than i...","pathname":"/degate/26066-sc-insight-timelock-eta-variable-can-be-set-further-than-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"k2ed6Q4nPStHmvGe2BwU","title":"26073 - [SC - Insight] The implementation upgrade must be done by call...","pathname":"/degate/26073-sc-insight-the-implementation-upgrade-must-be-done-by-call...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"kc0GD4ibyk3olZGKbYtV","title":"26095 - [SC - Insight] ID Uniqueness Violations","pathname":"/degate/26095-sc-insight-id-uniqueness-violations","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"G4oJnjlKNsEt9iBILDyc","title":"26104 - [SC - Insight] Governance mechanism could be exploited to free...","pathname":"/degate/26104-sc-insight-governance-mechanism-could-be-exploited-to-free...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"3SUnz0MLusFbRoWTqYC0","title":"26110 - [SC - Insight] All the funds from the DepositProxy contracts c...","pathname":"/degate/26110-sc-insight-all-the-funds-from-the-depositproxy-contracts-c...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"pAeHK3o9mxdiOMmeIBN0","title":"26116 - [SC - Insight] The MultiSigWalletgetTransactionIds function co...","pathname":"/degate/26116-sc-insight-the-multisigwalletgettransactionids-function-co...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"YfKmvfbOTJX5Jq40P7wG","title":"26124 - [SC - Insight] Some owners of the MultiSigWallet can bring the...","pathname":"/degate/26124-sc-insight-some-owners-of-the-multisigwallet-can-bring-the...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"Of3JhKvOLLemIYI5aANd","title":"26189 - [SC - Insight] Malicious Exchange Owner can sandwich-attack Et...","pathname":"/degate/26189-sc-insight-malicious-exchange-owner-can-sandwich-attack-et...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"HdJFGu6vPOCVTmuf1z7h","title":"26204 - [SC - Insight] DeGate Operator has capability to disable balan...","pathname":"/degate/26204-sc-insight-degate-operator-has-capability-to-disable-balan...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"H1t0eSi2xS4MgJc3qfVl","title":"26236 - [SC - Insight] Malicious DeGate Operator EOA can irreversibly ...","pathname":"/degate/26236-sc-insight-malicious-degate-operator-eoa-can-irreversibly-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"41Ip8vFy8fFwwfeUhYqx","title":"26259 - [SC - Insight] txHash collision is possible","pathname":"/degate/26259-sc-insight-txhash-collision-is-possible","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"ZmbmOObNk4JaSM6ItbL6","title":"26275 - [SC - Insight] Bad implementation of executeTransaction functi...","pathname":"/degate/26275-sc-insight-bad-implementation-of-executetransaction-functi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"FVbLbMwBAsumJVkRVzNC","title":"26286 - [SC - Insight] Potential Signature Validation Bypass","pathname":"/degate/26286-sc-insight-potential-signature-validation-bypass","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"lM0meGpk0pciX6i3diRM","title":"26422 - [SC - Insight] there is no explicit gas limit in external call...","pathname":"/degate/26422-sc-insight-there-is-no-explicit-gas-limit-in-external-call...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"VofSbwQHMjkrnjFdQfTj","title":"26423 - [SC - Insight] Timelock executeTransaction function will succe...","pathname":"/degate/26423-sc-insight-timelock-executetransaction-function-will-succe...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"by09VEao3kLMLcovO82o","title":"26431 - [SC - Insight] High Risk in transfer of proxyOwnership","pathname":"/degate/26431-sc-insight-high-risk-in-transfer-of-proxyownership","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"hOoChfElyamopdwZIzk2","title":"26446 - [SC - Insight] Consider implementing a two step process in tra...","pathname":"/degate/26446-sc-insight-consider-implementing-a-two-step-process-in-tra...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"Ux2Gio4Vy0TdjhIchrBH","title":"26468 - [SC - Insight] Fee-on-transfer tokens can be used to steal oth...","pathname":"/degate/26468-sc-insight-fee-on-transfer-tokens-can-be-used-to-steal-oth...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"5Ez9uqxg6XH6Pdem7d3X","title":"26479 - [SC - Insight] ExchangeV cannot be reinitialized after an upgrade","pathname":"/degate/26479-sc-insight-exchangev-cannot-be-reinitialized-after-an-upgrade","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"5tZycmu6U7KcqKItd7rH","title":"26501 - [SC - Insight] Timelock should handle queuing transactions and...","pathname":"/degate/26501-sc-insight-timelock-should-handle-queuing-transactions-and...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"IDvHzD1CD5TSoLGfolEi","title":"26502 - [SC - Insight] DeGate Exodus mode forcing study","pathname":"/degate/26502-sc-insight-degate-exodus-mode-forcing-study","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"EIGHjb7dkPdpndhIIjMJ","title":"26509 - [SC - Insight] Exodus Mode Force","pathname":"/degate/26509-sc-insight-exodus-mode-force","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"5aJJk9SBWyHNXAgDd2e4","title":"26516 - [SC - Insight] Gnosis Multisig Contract can become unusable","pathname":"/degate/26516-sc-insight-gnosis-multisig-contract-can-become-unusable","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"87tLJvCr5EM3buhGZpdc","title":"26519 - [SC - Insight] Consider introducing the ability to change requ...","pathname":"/degate/26519-sc-insight-consider-introducing-the-ability-to-change-requ...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"CnyopUTSEyWikFoVUjzy","title":"26520 - [SC - Insight] Multisig Contract onChain can be bricked","pathname":"/degate/26520-sc-insight-multisig-contract-onchain-can-be-bricked","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"azZJwTYWzGAwb808VlYD","title":"26521 - [SC - Insight] ChainId is missing","pathname":"/degate/26521-sc-insight-chainid-is-missing","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"qYXWIsMXmRzdzK9WfJcu","title":"26527 - [SC - Insight] Possible emission of wrong data in cancelTransa...","pathname":"/degate/26527-sc-insight-possible-emission-of-wrong-data-in-canceltransa...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"4NiQzHNWuyzUibuh3Woo","title":"26529 - [SC - Insight] Mitigate Griefing Attacks Theft of Gas by Impl...","pathname":"/degate/26529-sc-insight-mitigate-griefing-attacks-theft-of-gas-by-impl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"Wt9mULjW3XXgQ5D3FHOs","title":"26530 - [SC - Insight] Inefficiency in upgradeToAndCall","pathname":"/degate/26530-sc-insight-inefficiency-in-upgradetoandcall","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"DeGate"}]},{"id":"AgE7PnFUOFfu7Y38aTzx","title":"Firedancer v0.1","pathname":"/firedancer-v0.1","siteSpaceId":"sitesp_stpzW","description":""},{"id":"dhMUtayIdF4p2oTGvOep","title":"Boost _ Firedancer v0.1 33347 - [Blockchain_DLT - Medium] Integer underflow leading to memory corrup","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33347-blockchain_dlt-medium-integer-underflow-leading-to-memory-corruption-i","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"BP7I2qPOkTStsV1ddgsB","title":"Boost _ Firedancer v0.1 33348 - [Blockchain_DLT - Medium] Integer underflow leading to memory corrup","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33348-blockchain_dlt-medium-integer-underflow-leading-to-memory-corruption-i","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"uqhX7tWqeyaay8YhDu12","title":"Boost _ Firedancer v0.1 33378 - [Blockchain_DLT - Medium] OOB Write leading to memory corruption in","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33378-blockchain_dlt-medium-oob-write-leading-to-memory-corruption-in-fd_mem","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"p5n7gaT2yHa585xEVFuq","title":"Boost _ Firedancer v0.1 33586 - [Blockchain_DLT - Insight] fd_ebpf_static_link - possible disclosure","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33586-blockchain_dlt-insight-fd_ebpf_static_link-possible-disclosure-of-stac","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"e4EJd2ccAxiR1QgWbwkw","title":"Boost _ Firedancer v0.1 33669 - [Blockchain_DLT - Medium] fd_quic_process_packet out of bounds read","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33669-blockchain_dlt-medium-fd_quic_process_packet-out-of-bounds-read","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"KBaTashd02aqknEMRDU3","title":"Boost _ Firedancer v0.1 33717 - [Blockchain_DLT - Medium] Memory corruption caused by fully controll","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33717-blockchain_dlt-medium-memory-corruption-caused-by-fully-controllable-s","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"b2ZsJ7hyEVuGM8Z5H3fN","title":"Boost _ Firedancer v0.1 33718 - [Blockchain_DLT - Medium] The malicious fd_shred_t data passed betwe","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33718-blockchain_dlt-medium-the-malicious-fd_shred_t-data-passed-between-fd_","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"P7XTTCmr0jtr5CJM6rqZ","title":"Boost _ Firedancer v0.1 33774 - [Blockchain_DLT - Medium] The malicious fd_txn_p_t data passed betwe","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33774-blockchain_dlt-medium-the-malicious-fd_txn_p_t-data-passed-between-fd_","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"riFDHUVFWNs9LrN7qt4v","title":"Boost _ Firedancer v0.1 33862 - [Blockchain_DLT - Insight] Discord Server Vulnerable to Takeover in","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33862-blockchain_dlt-insight-discord-server-vulnerable-to-takeover-in-fireda","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"sKu8iWs1f9BNAH9JIoWn","title":"Boost _ Firedancer v0.1 33936 - [Blockchain_DLT - Medium] shred tile fails to process zero sized udp","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-33936-blockchain_dlt-medium-shred-tile-fails-to-process-zero-sized-udp-packe","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"rUhwh66XOrMY23L4u0qR","title":"Boost _ Firedancer v0.1 34064 - [Blockchain_DLT - Medium] bank tile possible code execution","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-34064-blockchain_dlt-medium-bank-tile-possible-code-execution","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"td7gW9j3otE5INzJ9jvb","title":"Boost _ Firedancer v0.1 34234 - [Blockchain_DLT - Insight] Setting the variable shred_cnt in the shr","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-34234-blockchain_dlt-insight-setting-the-variable-shred_cnt-in-the-shred-obj","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"3yLrm1ZcLBJ7U8gzAL9Y","title":"Boost _ Firedancer v0.1 34272 - [Blockchain_DLT - Medium] Remote memory corruption in Shred tile","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-34272-blockchain_dlt-medium-remote-memory-corruption-in-shred-tile","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"OXtiA6Qdm94Msxy1cvVU","title":"Boost _ Firedancer v0.1 34290 - [Blockchain_DLT - Medium] bank tile overflow","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-34290-blockchain_dlt-medium-bank-tile-overflow","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"IpqHiOem7S8uwUA25Yi9","title":"Boost _ Firedancer v0.1 34501 - [Blockchain_DLT - Medium] DoS in shreds validation","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-34501-blockchain_dlt-medium-dos-in-shreds-validation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"wHGfqQvV3lKU7SM0wAOi","title":"Boost _ Firedancer v0.1 34564 - [Blockchain_DLT - Medium] shred tile overflow","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-34564-blockchain_dlt-medium-shred-tile-overflow","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"TU247EtfL01tfzpFIKxV","title":"Boost _ Firedancer v0.1 34682 - [Blockchain_DLT - Medium] DoS in shreds validation","pathname":"/firedancer-v0.1/boost-_-firedancer-v0.1-34682-blockchain_dlt-medium-dos-in-shreds-validation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Firedancer v0.1"}]},{"id":"DyqpZUC0aj6w9K5pq8dH","title":"Folks Finance","pathname":"/folks-finance","siteSpaceId":"sitesp_stpzW","description":""},{"id":"gLRd6iB2pTinoJgx1YKH","title":"Boost _ Folks Finance 33258 - [Smart Contract - Insight] Usage of floating pragma","pathname":"/folks-finance/boost-_-folks-finance-33258-smart-contract-insight-usage-of-floating-pragma","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"WsTw0qB41VkC2h22KKjv","title":"Boost _ Folks Finance 33269 - [Smart Contract - Critical] Logic flaw in UserLoanincreaseCollateral l","pathname":"/folks-finance/boost-_-folks-finance-33269-smart-contract-critical-logic-flaw-in-userloanincreasecollateral-leads-t","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"8DxiPpHTXxbXyhrNComI","title":"Boost _ Folks Finance 33272 - [Smart Contract - Medium] FrontRunning Attack on createAccount","pathname":"/folks-finance/boost-_-folks-finance-33272-smart-contract-medium-frontrunning-attack-on-createaccount","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Cby81Vc3AwQIg2YjPdNy","title":"Boost _ Folks Finance 33280 - [Smart Contract - Low] NodeManagersupportsInterface doesnt follow EIP-","pathname":"/folks-finance/boost-_-folks-finance-33280-smart-contract-low-nodemanagersupportsinterface-doesnt-follow-eip","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"K34hK6ED2WKo8oPtlk0S","title":"Boost _ Folks Finance 33311 - [Smart Contract - Critical] Infinite Interest rate bug","pathname":"/folks-finance/boost-_-folks-finance-33311-smart-contract-critical-infinite-interest-rate-bug","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"mHFRPPm64CH8JzD08xmp","title":"Boost _ Folks Finance 33353 - [Smart Contract - Low] Incorrect implementation of Time-Weighted Avera","pathname":"/folks-finance/boost-_-folks-finance-33353-smart-contract-low-incorrect-implementation-of-time-weighted-average-pri","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"xoTb81NcJL5JppO4bk68","title":"Boost _ Folks Finance 33356 - [Smart Contract - Low] All data in _userLoans mapping will not be dele","pathname":"/folks-finance/boost-_-folks-finance-33356-smart-contract-low-all-data-in-_userloans-mapping-will-not-be-deleted-af","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"nz5z09CCEMLUWXAwhg0S","title":"Boost _ Folks Finance 33376 - [Smart Contract - Insight] BridgeRouterreceiveMessage Allows Message R","pathname":"/folks-finance/boost-_-folks-finance-33376-smart-contract-insight-bridgerouterreceivemessage-allows-message-replay","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"cn8CSGgYDPLsaxBBRPrX","title":"Boost _ Folks Finance 33441 - [Smart Contract - Insight] Protocol uses Pyth to fetch price which is","pathname":"/folks-finance/boost-_-folks-finance-33441-smart-contract-insight-protocol-uses-pyth-to-fetch-price-which-is-a-pull","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"icEFyW1v0chRw3AryOLA","title":"Boost _ Folks Finance 33443 - [Smart Contract - Low] StalenessCircuitBreakerNode checks if the last","pathname":"/folks-finance/boost-_-folks-finance-33443-smart-contract-low-stalenesscircuitbreakernode-checks-if-the-last-update","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"LTSBvJXnqBZemYL8XJak","title":"Boost _ Folks Finance 33454 - [Smart Contract - Low] unsafe casting will lead to break of PythNode O","pathname":"/folks-finance/boost-_-folks-finance-33454-smart-contract-low-unsafe-casting-will-lead-to-break-of-pythnode-oracle","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"2IemCcUmRuNLJDM8QiCO","title":"Boost _ Folks Finance 33526 - [Smart Contract - Insight] Need to check returnAdapterId","pathname":"/folks-finance/boost-_-folks-finance-33526-smart-contract-insight-need-to-check-returnadapterid","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"pqtJyrsA3LTy46xm3LN7","title":"Boost _ Folks Finance 33533 - [Smart Contract - Critical] depositDatainterestRate is not correct","pathname":"/folks-finance/boost-_-folks-finance-33533-smart-contract-critical-depositdatainterestrate-is-not-correct","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"SVnPwuAPZqsyyxQIUvfM","title":"Boost _ Folks Finance 33534 - [Smart Contract - Medium] denial of service vulnerability and possible","pathname":"/folks-finance/boost-_-folks-finance-33534-smart-contract-medium-denial-of-service-vulnerability-and-possible-grief","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Ghr8q4tnhHhku21eOqKB","title":"Boost _ Folks Finance 33540 - [Smart Contract - Low] ChainlinkNode uses cached decimals in the calcu","pathname":"/folks-finance/boost-_-folks-finance-33540-smart-contract-low-chainlinknode-uses-cached-decimals-in-the-calculation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"b7qvLvz7SjpMFrK4KZx1","title":"Boost _ Folks Finance 33542 - [Smart Contract - Medium] Attacker can create loan before users tx is","pathname":"/folks-finance/boost-_-folks-finance-33542-smart-contract-medium-attacker-can-create-loan-before-users-tx-is-comple","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"2AErXiZjQMFFq0BHUhJb","title":"Boost _ Folks Finance 33546 - [Smart Contract - Medium] Adversaries can manipulate victims stable ra","pathname":"/folks-finance/boost-_-folks-finance-33546-smart-contract-medium-adversaries-can-manipulate-victims-stable-rate-to","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"qzjVUe7m6oJTUDEaHetg","title":"Boost _ Folks Finance 33566 - [Smart Contract - Low] RepayWithCollateral will almost always fail in","pathname":"/folks-finance/boost-_-folks-finance-33566-smart-contract-low-repaywithcollateral-will-almost-always-fail-in-partia","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"QTreMDauz3yXipO3730I","title":"Boost _ Folks Finance 33568 - [Smart Contract - Medium] Front-running vulnerability in cross-chain l","pathname":"/folks-finance/boost-_-folks-finance-33568-smart-contract-medium-front-running-vulnerability-in-cross-chain-loan-cr","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Hu4hif0vVrgAfmV0lGI9","title":"Boost _ Folks Finance 33588 - [Smart Contract - Insight] The liquidator can make the protocol incur","pathname":"/folks-finance/boost-_-folks-finance-33588-smart-contract-insight-the-liquidator-can-make-the-protocol-incur-bad-de","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"OlVAGXPikuitHiphe6If","title":"Boost _ Folks Finance 33589 - [Smart Contract - Medium] Anyone can call the BridgeRouter Recieve fun","pathname":"/folks-finance/boost-_-folks-finance-33589-smart-contract-medium-anyone-can-call-the-bridgerouter-recieve-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"5UdXp69E1lYVxOqhJnlT","title":"Boost _ Folks Finance 33596 - [Smart Contract - Low] Incorrect rounding direction in HubPoolLogicupd","pathname":"/folks-finance/boost-_-folks-finance-33596-smart-contract-low-incorrect-rounding-direction-in-hubpoollogicupdatewit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"AvAubEvZhIPlvS8L0U97","title":"Boost _ Folks Finance 33609 - [Smart Contract - Medium] Account creation can be frontrun making the","pathname":"/folks-finance/boost-_-folks-finance-33609-smart-contract-medium-account-creation-can-be-frontrun-making-the-users","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"jYuGjRPljlIhSRyVUbgN","title":"Boost _ Folks Finance 33611 - [Smart Contract - Medium] Adversary can perform a DoS on users createL","pathname":"/folks-finance/boost-_-folks-finance-33611-smart-contract-medium-adversary-can-perform-a-dos-on-users-createloan-an","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Ppf7J06MZz3Vvb5Wj2RN","title":"Boost _ Folks Finance 33614 - [Smart Contract - Medium] Front-Running Vulnerability in createAccount","pathname":"/folks-finance/boost-_-folks-finance-33614-smart-contract-medium-front-running-vulnerability-in-createaccount-metho","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"zGLDB8mOOUolo2g0y0vz","title":"Boost _ Folks Finance 33630 - [Smart Contract - High] Incorrect calculation of loanBorrowbalance","pathname":"/folks-finance/boost-_-folks-finance-33630-smart-contract-high-incorrect-calculation-of-loanborrowbalance","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"SSSsbxtKgmpAQRnQ38JE","title":"Boost _ Folks Finance 33631 - [Smart Contract - Low] Wrong implementation of chainLink getTwapPrice","pathname":"/folks-finance/boost-_-folks-finance-33631-smart-contract-low-wrong-implementation-of-chainlink-gettwapprice-can-le","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"6njojv3kvwSDcODf9xns","title":"Boost _ Folks Finance 33643 - [Smart Contract - Low] PriceFeed from PythNode will always revert for","pathname":"/folks-finance/boost-_-folks-finance-33643-smart-contract-low-pricefeed-from-pythnode-will-always-revert-for-some-p","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"wJdjr2CfLyFeihck3kPs","title":"Boost _ Folks Finance 33644 - [Smart Contract - Insight] Insufficient msgvalue validation for Wormho","pathname":"/folks-finance/boost-_-folks-finance-33644-smart-contract-insight-insufficient-msgvalue-validation-for-wormhole-ada","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"PiBuIPIQv3M1RT2sehFa","title":"Boost _ Folks Finance 33645 - [Smart Contract - Medium] Griefing an user from creating an account","pathname":"/folks-finance/boost-_-folks-finance-33645-smart-contract-medium-griefing-an-user-from-creating-an-account","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"1cdj0fmIcNdiUIcG60pJ","title":"Boost _ Folks Finance 33652 - [Smart Contract - Insight] BridgeRouters Unprotected Reversal Function","pathname":"/folks-finance/boost-_-folks-finance-33652-smart-contract-insight-bridgerouters-unprotected-reversal-function-compr","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"6sotr7UYFjcry2uchUpp","title":"Boost _ Folks Finance 33665 - [Smart Contract - Critical] Collateral Inflation Exploit via Zero-Amou","pathname":"/folks-finance/boost-_-folks-finance-33665-smart-contract-critical-collateral-inflation-exploit-via-zero-amount-dep","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"uqjqzS2muYtBuD6MsMaV","title":"Boost _ Folks Finance 33670 - [Smart Contract - Insight] Violator can deny his liquidation by front","pathname":"/folks-finance/boost-_-folks-finance-33670-smart-contract-insight-violator-can-deny-his-liquidation-by-front-runnin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"gA50pO6OljHTytILuX9e","title":"Boost _ Folks Finance 33675 - [Smart Contract - Low] PythNodeprocess can revert because of incorrect","pathname":"/folks-finance/boost-_-folks-finance-33675-smart-contract-low-pythnodeprocess-can-revert-because-of-incorrect-casti","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"BVAmTWrvgbhQy9OQ3fol","title":"Boost _ Folks Finance 33684 - [Smart Contract - Critical] Lack of available liquidity check when sen","pathname":"/folks-finance/boost-_-folks-finance-33684-smart-contract-critical-lack-of-available-liquidity-check-when-sending-t","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"VevL04woQkM7Y8AnVHfy","title":"Boost _ Folks Finance 33687 - [Smart Contract - Medium] Loan creation can be frontrun preventing the","pathname":"/folks-finance/boost-_-folks-finance-33687-smart-contract-medium-loan-creation-can-be-frontrun-preventing-the-users","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"TlrK9814PnY5TGgKe3MJ","title":"Boost _ Folks Finance 33694 - [Smart Contract - Medium] stableBorrowRates are manipulatable through","pathname":"/folks-finance/boost-_-folks-finance-33694-smart-contract-medium-stableborrowrates-are-manipulatable-through-flashl","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"l3mF3yf5xkhsphiMvYUX","title":"Boost _ Folks Finance 33695 - [Smart Contract - Critical] Attacker can borrow more than the collater","pathname":"/folks-finance/boost-_-folks-finance-33695-smart-contract-critical-attacker-can-borrow-more-than-the-collateral-dep","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"dQ3ku2jCVOyrzuabs4WO","title":"Boost _ Folks Finance 33713 - [Smart Contract - Insight] Some transactions can revert when nodetype","pathname":"/folks-finance/boost-_-folks-finance-33713-smart-contract-insight-some-transactions-can-revert-when-nodetype-is-pri","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"yKm1FudQETd0B15zy0Hg","title":"Boost _ Folks Finance 33746 - [Smart Contract - Insight] Rounding down to zero leads to liquidate fu","pathname":"/folks-finance/boost-_-folks-finance-33746-smart-contract-insight-rounding-down-to-zero-leads-to-liquidate-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Jp4n1kUOZmJZCsEw5yyN","title":"Boost _ Folks Finance 33778 - [Smart Contract - Medium] The loan creation process can be griefed","pathname":"/folks-finance/boost-_-folks-finance-33778-smart-contract-medium-the-loan-creation-process-can-be-griefed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"JVUOTgTcN4Zrojrx83Gn","title":"Boost _ Folks Finance 33779 - [Smart Contract - Medium] The account creation process can be griefed","pathname":"/folks-finance/boost-_-folks-finance-33779-smart-contract-medium-the-account-creation-process-can-be-griefed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Cxo8yQAJ0uiYxtAkCCHv","title":"Boost _ Folks Finance 33780 - [Smart Contract - Critical] Zero deposits can be used to artificially","pathname":"/folks-finance/boost-_-folks-finance-33780-smart-contract-critical-zero-deposits-can-be-used-to-artificially-inflat","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"NkyDBxbvRDWyfnvDNi4p","title":"Boost _ Folks Finance 33787 - [Smart Contract - Low] Function PythNodeprocess doesnt handle correctl","pathname":"/folks-finance/boost-_-folks-finance-33787-smart-contract-low-function-pythnodeprocess-doesnt-handle-correctly-prec","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"5rCqjXSX203xBsnSLcbD","title":"Boost _ Folks Finance 33807 - [Smart Contract - Low] updateInterestRate uses incorrect reference of","pathname":"/folks-finance/boost-_-folks-finance-33807-smart-contract-low-updateinterestrate-uses-incorrect-reference-of-borrow","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"U2dErPuUDYrnqrx0Mw7n","title":"Boost _ Folks Finance 33816 - [Smart Contract - Critical] Attacker can get unlimited loan for some m","pathname":"/folks-finance/boost-_-folks-finance-33816-smart-contract-critical-attacker-can-get-unlimited-loan-for-some-minimum","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"s8DjNr1l8HMxGV1ym3Lv","title":"Boost _ Folks Finance 33817 - [Smart Contract - High] Incorrect calculation of effective borrow valu","pathname":"/folks-finance/boost-_-folks-finance-33817-smart-contract-high-incorrect-calculation-of-effective-borrow-value-in-g","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"BE09b8e9uUW21GUQkORH","title":"Boost _ Folks Finance 33852 - [Smart Contract - Insight] Small positions will not get liquidated","pathname":"/folks-finance/boost-_-folks-finance-33852-smart-contract-insight-small-positions-will-not-get-liquidated","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"3RmvGZ63hQT3YgX2jmXK","title":"Boost _ Folks Finance 33869 - [Smart Contract - Medium] loanIds are easy to reproduce and front-runn","pathname":"/folks-finance/boost-_-folks-finance-33869-smart-contract-medium-loanids-are-easy-to-reproduce-and-front-running-en","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"8TPEcFApNt9GL6BsoRCm","title":"Boost _ Folks Finance 33870 - [Smart Contract - Low] convToRepayBorrowAmount calculation is incorrec","pathname":"/folks-finance/boost-_-folks-finance-33870-smart-contract-low-convtorepayborrowamount-calculation-is-incorrect-caus","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"tSLYnHmwkmE4XBnaUvFj","title":"Boost _ Folks Finance 33880 - [Smart Contract - Medium] Front-Running Vulnerability in createUserLoa","pathname":"/folks-finance/boost-_-folks-finance-33880-smart-contract-medium-front-running-vulnerability-in-createuserloan-meth","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"wocTl4Y4aVfkGis1NRcK","title":"Boost _ Folks Finance 33885 - [Smart Contract - Low] Incorrect prices will be returned if the NodeTy","pathname":"/folks-finance/boost-_-folks-finance-33885-smart-contract-low-incorrect-prices-will-be-returned-if-the-nodetype-is","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"FqeCkcdGDbe6GkbYY06P","title":"Boost _ Folks Finance 33893 - [Smart Contract - Medium] Malicious users can DoS loan creations and d","pathname":"/folks-finance/boost-_-folks-finance-33893-smart-contract-medium-malicious-users-can-dos-loan-creations-and-deposit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Y1EUqNvm0kZhJMnvMcGP","title":"Boost _ Folks Finance 33923 - [Smart Contract - Low] Function HubPoolLogicupdateWithWithdraw doesnt","pathname":"/folks-finance/boost-_-folks-finance-33923-smart-contract-low-function-hubpoollogicupdatewithwithdraw-doesnt-round","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"64flMT0EHm318MDiPbVP","title":"Boost _ Folks Finance 33935 - [Smart Contract - Insight] Liquidations dont ensure the violator loan","pathname":"/folks-finance/boost-_-folks-finance-33935-smart-contract-insight-liquidations-dont-ensure-the-violator-loan-become","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"QlNE19abBklWQx7tRvg7","title":"Boost _ Folks Finance 33947 - [Smart Contract - Low] During liquidations when borrowToRepay collater","pathname":"/folks-finance/boost-_-folks-finance-33947-smart-contract-low-during-liquidations-when-borrowtorepay-collateral-the","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"qHOGDeyA3SAZdpUd6k7r","title":"Boost _ Folks Finance 33950 - [Smart Contract - Low] pythnode oracle unexpected revert","pathname":"/folks-finance/boost-_-folks-finance-33950-smart-contract-low-pythnode-oracle-unexpected-revert","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"hDFxhHSHQEPG5rrosHVM","title":"Boost _ Folks Finance 33953 - [Smart Contract - Low] Calling process function will not revert even i","pathname":"/folks-finance/boost-_-folks-finance-33953-smart-contract-low-calling-process-function-will-not-revert-even-if-two","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"x7qW3FG9O9JGSVb7sWzx","title":"Boost _ Folks Finance 33970 - [Smart Contract - Medium] User deposits can be blocked","pathname":"/folks-finance/boost-_-folks-finance-33970-smart-contract-medium-user-deposits-can-be-blocked","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"tqesrCQeDqQ8CIBoFMJ3","title":"Boost _ Folks Finance 33978 - [Smart Contract - Critical] Attacker can Inflate effectiveCollateralVa","pathname":"/folks-finance/boost-_-folks-finance-33978-smart-contract-critical-attacker-can-inflate-effectivecollateralvalue","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"7ctPQ5YbK2qnv1r59ZuC","title":"Boost _ Folks Finance 33981 - [Smart Contract - Low] The PythNode library process function implement","pathname":"/folks-finance/boost-_-folks-finance-33981-smart-contract-low-the-pythnode-library-process-function-implementation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"WxNjbzkadEukpHdXOoCh","title":"Boost _ Folks Finance 33987 - [Smart Contract - Medium] Incorrect access control in receiveMessage l","pathname":"/folks-finance/boost-_-folks-finance-33987-smart-contract-medium-incorrect-access-control-in-receivemessage-leads-t","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"YnKxnGoKCKzdqSI2Tn3N","title":"Boost _ Folks Finance 34025 - [Smart Contract - Medium] Malicious user can DoS the creation of every","pathname":"/folks-finance/boost-_-folks-finance-34025-smart-contract-medium-malicious-user-can-dos-the-creation-of-every-accou","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"2yj1A6Silto149I7HXZc","title":"Boost _ Folks Finance 34028 - [Smart Contract - Medium] Denial of Service DoS vulnerability in UserL","pathname":"/folks-finance/boost-_-folks-finance-34028-smart-contract-medium-denial-of-service-dos-vulnerability-in-userloan-cr","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"yUJHSk8OuMo6LSFZbjNU","title":"Boost _ Folks Finance 34029 - [Smart Contract - Medium] Contract fails to mitigate potential critica","pathname":"/folks-finance/boost-_-folks-finance-34029-smart-contract-medium-contract-fails-to-mitigate-potential-critical-stat","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"RVQxmOYIFZlbQYTml0EU","title":"Boost _ Folks Finance 34030 - [Smart Contract - Low] Incorrect rounding down in HubPoolLogicupdateWi","pathname":"/folks-finance/boost-_-folks-finance-34030-smart-contract-low-incorrect-rounding-down-in-hubpoollogicupdatewithwith","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"fnzIy7Q6dJIt2INJZdGo","title":"Boost _ Folks Finance 34047 - [Smart Contract - Low] Adversaries can create a position that is nearl","pathname":"/folks-finance/boost-_-folks-finance-34047-smart-contract-low-adversaries-can-create-a-position-that-is-nearly-impo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"qJIY1m1tsRwcJStPEgY3","title":"Boost _ Folks Finance 34050 - [Smart Contract - High] Vulnerability in getLoanLiquidity leads to und","pathname":"/folks-finance/boost-_-folks-finance-34050-smart-contract-high-vulnerability-in-getloanliquidity-leads-to-undervalu","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"ja6Tie0oABkfF3KfurKL","title":"Boost _ Folks Finance 34052 - [Smart Contract - Low] withdraw doesnt round in favour of protocol for","pathname":"/folks-finance/boost-_-folks-finance-34052-smart-contract-low-withdraw-doesnt-round-in-favour-of-protocol-for-isfam","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"z7padwGaCgzlwM2mjD3U","title":"Boost _ Folks Finance 34054 - [Smart Contract - Low] In liquidation loanPoolcollateralUsed doesnt ge","pathname":"/folks-finance/boost-_-folks-finance-34054-smart-contract-low-in-liquidation-loanpoolcollateralused-doesnt-get-redu","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"zK4LQzRMiiVeP9ZqkLpP","title":"Boost _ Folks Finance 34066 - [Smart Contract - Medium] Account Creation Front-Running Vulnerability","pathname":"/folks-finance/boost-_-folks-finance-34066-smart-contract-medium-account-creation-front-running-vulnerability-leadi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"HRYJdZ0Y9uksbXvV43LL","title":"Boost _ Folks Finance 34069 - [Smart Contract - Low] repayWithCollateral may revert when repay samll","pathname":"/folks-finance/boost-_-folks-finance-34069-smart-contract-low-repaywithcollateral-may-revert-when-repay-samll-amoun","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"WtPowihBXrdYyih6iuyv","title":"Boost _ Folks Finance 34074 - [Smart Contract - Critical] Hub missing check for available liquidity","pathname":"/folks-finance/boost-_-folks-finance-34074-smart-contract-critical-hub-missing-check-for-available-liquidity-could","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"YucPg6iO1RDPmgDhKZNk","title":"Boost _ Folks Finance 34076 - [Smart Contract - Low] Wrong way of deriving message keys using destin","pathname":"/folks-finance/boost-_-folks-finance-34076-smart-contract-low-wrong-way-of-deriving-message-keys-using-destination","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"p5wBqmY0qNMccJ2WJPsZ","title":"Boost _ Folks Finance 34085 - [Smart Contract - Low] partial repayment with collaterals will revert","pathname":"/folks-finance/boost-_-folks-finance-34085-smart-contract-low-partial-repayment-with-collaterals-will-revert-due-to","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"9lmXY0KeF2nfHBwN3ata","title":"Boost _ Folks Finance 34122 - [Smart Contract - High] Wrong borrow balance calculation in the getLoa","pathname":"/folks-finance/boost-_-folks-finance-34122-smart-contract-high-wrong-borrow-balance-calculation-in-the-getloanliqui","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"ftofO7ChSnzALs8hcBQP","title":"Boost _ Folks Finance 34124 - [Smart Contract - Low] Smart contract cannot be accessed during the no","pathname":"/folks-finance/boost-_-folks-finance-34124-smart-contract-low-smart-contract-cannot-be-accessed-during-the-normal-l","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"utWFHxea1uqYOyNHdQnp","title":"Boost _ Folks Finance 34127 - [Smart Contract - Low] Liquidator gets more debt than usual","pathname":"/folks-finance/boost-_-folks-finance-34127-smart-contract-low-liquidator-gets-more-debt-than-usual","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"acNjJlchAPenLd6hQRGF","title":"Boost _ Folks Finance 34132 - [Smart Contract - Low] Liquidation bonus incorrectly inflates repayBor","pathname":"/folks-finance/boost-_-folks-finance-34132-smart-contract-low-liquidation-bonus-incorrectly-inflates-repayborrowamo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"kmfRfl6auuHd36anPy2i","title":"Boost _ Folks Finance 34148 - [Smart Contract - Low] Full liquidations will fail for certain unhealt","pathname":"/folks-finance/boost-_-folks-finance-34148-smart-contract-low-full-liquidations-will-fail-for-certain-unhealthy-pos","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"XmJPOg8iYZGB7ywYMPw1","title":"Boost _ Folks Finance 34150 - [Smart Contract - Low] Failed messages never expire and can be replaye","pathname":"/folks-finance/boost-_-folks-finance-34150-smart-contract-low-failed-messages-never-expire-and-can-be-replayed-by-a","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"Q1ohfrZRDosFald9xNlY","title":"Boost _ Folks Finance 34153 - [Smart Contract - Low] TWAP query by chainlink is wrong according to c","pathname":"/folks-finance/boost-_-folks-finance-34153-smart-contract-low-twap-query-by-chainlink-is-wrong-according-to-chainli","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"UIdtElscdN2Gs6pz1qde","title":"Boost _ Folks Finance 34158 - [Smart Contract - Low] NodeManagersupportsInterface returns false for","pathname":"/folks-finance/boost-_-folks-finance-34158-smart-contract-low-nodemanagersupportsinterface-returns-false-for-typeie","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"dI5pJJSgChKLTnY9cYjA","title":"Boost _ Folks Finance 34161 - [Smart Contract - Medium] Denial of Service via Front-Running in Loan","pathname":"/folks-finance/boost-_-folks-finance-34161-smart-contract-medium-denial-of-service-via-front-running-in-loan-creati","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"M04yhNjTPITUaIO6Dvmf","title":"Boost _ Folks Finance 34169 - [Smart Contract - Low] Potential revert in PythNode library due to inc","pathname":"/folks-finance/boost-_-folks-finance-34169-smart-contract-low-potential-revert-in-pythnode-library-due-to-incorrect","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"FPSoPJz0m7O1UzEYcmjz","title":"Boost _ Folks Finance 34174 - [Smart Contract - Low] Bug in liquidation logic leads to stealing fund","pathname":"/folks-finance/boost-_-folks-finance-34174-smart-contract-low-bug-in-liquidation-logic-leads-to-stealing-funds-from","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"5iRSbcjTArVBLRQuT5vp","title":"Boost _ Folks Finance 34179 - [Smart Contract - High] Incorrect Updates to pooldepositDatatotalAmoun","pathname":"/folks-finance/boost-_-folks-finance-34179-smart-contract-high-incorrect-updates-to-pooldepositdatatotalamount-and","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"zwFtT6JOUwBNnOImcUPA","title":"Boost _ Folks Finance 34183 - [Smart Contract - Insight] rebalanceUp could be used to lower the user","pathname":"/folks-finance/boost-_-folks-finance-34183-smart-contract-insight-rebalanceup-could-be-used-to-lower-the-userloanst","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"0TokEJINwTmSMYrCtAXa","title":"Boost _ Folks Finance 34188 - [Smart Contract - Insight] BridgeRouterHub can add address adapter","pathname":"/folks-finance/boost-_-folks-finance-34188-smart-contract-insight-bridgerouterhub-can-add-address-adapter","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"LlfYZHvvTXpasMChTitJ","title":"Boost _ Folks Finance 34190 - [Smart Contract - Critical] Liquidated users can mix and manipulate st","pathname":"/folks-finance/boost-_-folks-finance-34190-smart-contract-critical-liquidated-users-can-mix-and-manipulate-stable-a","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks Finance"}]},{"id":"dYWfMiTx5K93B3SvJT3U","title":"Fuel Network | Attackathon","pathname":"/fuel-network-or-attackathon","siteSpaceId":"sitesp_stpzW","description":""},{"id":"7qh7qLWNrui4hldgZn9Q","title":"Attackathon _ Fuel Network 32269 - [Smart Contract - High] Incorrect fuel dce optimization register","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32269-smart-contract-high-incorrect-fuel-dce-optimization-register-usage","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"qbOfzOUo0xb9UVT3LFax","title":"Attackathon _ Fuel Network 32270 - [Smart Contract - Low] Inappropriate fuel dce on side affects","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32270-smart-contract-low-inappropriate-fuel-dce-on-side-affects","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"YyllJ7jpf2obX1ZEnSoV","title":"Attackathon _ Fuel Network 32271 - [Blockchain_DLT - Medium] Incorrect state range access helper","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32271-blockchain_dlt-medium-incorrect-state-range-access-helper","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"kJEgGTUoo4e2PST6F9bq","title":"Attackathon _ Fuel Network 32275 - [Smart Contract - Medium] Various Sway Libs Bugs","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32275-smart-contract-medium-various-sway-libs-bugs","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"vw45PxO66lNCsHRAA6oI","title":"Attackathon _ Fuel Network 32276 - [Smart Contract - Insight] wrong implementation in gt and lt func","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32276-smart-contract-insight-wrong-implementation-in-gt-and-lt-functions","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"Cf2SdtF3Zh2LbYSfisRJ","title":"Attackathon _ Fuel Network 32291 - [Blockchain_DLT - Insight] Profiling is incorrect for dependent g","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32291-blockchain_dlt-insight-profiling-is-incorrect-for-dependent-gas-cos","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"mHcYcr8Jd6QJiiYxoduy","title":"Attackathon _ Fuel Network 32302 - [Smart Contract - Low] Src ContractConfigurables hash collision","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32302-smart-contract-low-src-contractconfigurables-hash-collision","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"qeaT5YVpJZK55zRJyrpX","title":"Attackathon _ Fuel Network 32314 - [Smart Contract - Insight] Missing _disableInitializers in FuelER","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32314-smart-contract-insight-missing-_disableinitializers-in-fuelercgatew","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"R2EAycQ15IrmNFQ0ATEH","title":"Attackathon _ Fuel Network 32327 - [Websites and Applications - Low] REVISED Malicious Downtime via","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32327-websites-and-applications-low-revised-malicious-downtime-via-missin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"xy92N5rrKPx4KbW0BfAd","title":"Attackathon _ Fuel Network 32378 - [Smart Contract - Insight] Missing Zero-Check for Recipient Addre","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32378-smart-contract-insight-missing-zero-check-for-recipient-address-in","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"FwAgIkdpjAJfImmJsV26","title":"Attackathon _ Fuel Network 32388 - [Smart Contract - Low] Buffer overflow in EncodeBufferAppend intr","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32388-smart-contract-low-buffer-overflow-in-encodebufferappend-intrinsic","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"la6wD6UlQV23JiHgCLDH","title":"Attackathon _ Fuel Network 32390 - [Smart Contract - Low] Unchecked Virtual Immediate Construction O","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32390-smart-contract-low-unchecked-virtual-immediate-construction-overflo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"Ydyr1Q7iv3U1qXCzEaa3","title":"Attackathon _ Fuel Network 32412 - [Smart Contract - Insight] the IFP divide functions does not have","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32412-smart-contract-insight-the-ifp-divide-functions-does-not-have-check","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"OGLBnqtBPaXj41x5KA4U","title":"Attackathon _ Fuel Network 32438 - [Smart Contract - Low] Unhandled Bailout During AbstractInstructi","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32438-smart-contract-low-unhandled-bailout-during-abstractinstructionset","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"s0ukXbi3tbebZum2e8pQ","title":"Attackathon _ Fuel Network 32439 - [Smart Contract - Low] Missing Alignment Check During AbstractIns","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32439-smart-contract-low-missing-alignment-check-during-abstractinstructi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"v8V7Spp8VWbgDLKjS4zJ","title":"Attackathon _ Fuel Network 32453 - [Smart Contract - Low] Unhandled Side Effect During AbstractInstr","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32453-smart-contract-low-unhandled-side-effect-during-abstractinstruction","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"7RsAgtHXFF2B7Us2EGlf","title":"Attackathon _ Fuel Network 32459 - [Websites and Applications - Low] URGENT WEB funds drained using","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32459-websites-and-applications-low-urgent-web-funds-drained-using-url-pa","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"x6JC2A2KYNfr1BZTgg9D","title":"Attackathon _ Fuel Network 32465 - [Blockchain_DLT - High] Abuse of CCP instruction to do cheap memo","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32465-blockchain_dlt-high-abuse-of-ccp-instruction-to-do-cheap-memory-cle","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"JBR680CZTw9xzHOvOBGx","title":"Attackathon _ Fuel Network 32486 - [Blockchain_DLT - Medium] Public RPC node craches via GraphQL API","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32486-blockchain_dlt-medium-public-rpc-node-craches-via-graphql-api","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"CRtMrJVyDivNtvWYi2GL","title":"Attackathon _ Fuel Network 32491 - [Smart Contract - Low] Incorrect PushA PopA Mask Calculation","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32491-smart-contract-low-incorrect-pusha-popa-mask-calculation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"xpxA0ryb8PzPE5KTI2VQ","title":"Attackathon _ Fuel Network 32536 - [Smart Contract - Insight] The control flow graph is incorrectly","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32536-smart-contract-insight-the-control-flow-graph-is-incorrectly-constr","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"8MF5SxROvIeglrBt67eY","title":"Attackathon _ Fuel Network 32537 - [Smart Contract - Low] Different data types can be used when init","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32537-smart-contract-low-different-data-types-can-be-used-when-initializi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"3jIB5FQjjn6oSHZKpWWs","title":"Attackathon _ Fuel Network 32548 - [Smart Contract - Low] Uncaught Integer Overflow During AbstractI","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32548-smart-contract-low-uncaught-integer-overflow-during-abstractinstruc","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"TX2U1unHIUD9DOFypq3A","title":"Attackathon _ Fuel Network 32612 - [Smart Contract - Low] Lack of slot hashing at adminsw can cause","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32612-smart-contract-low-lack-of-slot-hashing-at-adminsw-can-cause-storag","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"zf8fmX84pEhw9uNpWVfj","title":"Attackathon _ Fuel Network 32628 - [Blockchain_DLT - Medium] A GraphQL query crashes core process","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32628-blockchain_dlt-medium-a-graphql-query-crashes-core-process","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"dJsHoN552VwZFctVrapp","title":"Attackathon _ Fuel Network 32673 - [Smart Contract - Low] Missing array length check for non constan","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32673-smart-contract-low-missing-array-length-check-for-non-constant-eval","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"ztrHn1chdJg9c7QoHKv0","title":"Attackathon _ Fuel Network 32695 - [Blockchain_DLT - Insight] increasing processing for public nodes","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32695-blockchain_dlt-insight-increasing-processing-for-public-nodes-with","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"2xlcLSmSigsPAICx9GYJ","title":"Attackathon _ Fuel Network 32696 - [Smart Contract - High] incorrect setting of non_negative value i","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32696-smart-contract-high-incorrect-setting-of-non_negative-value-in-ceil","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"6a0oKcHW0sjzMEkp57Zm","title":"Attackathon _ Fuel Network 32700 - [Smart Contract - High] double increasing underlying value in cei","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32700-smart-contract-high-double-increasing-underlying-value-in-ceil-func","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"kbMAOkhOKgPHEB4uNxxx","title":"Attackathon _ Fuel Network 32703 - [Smart Contract - Low] Unexpected variable shadowing during ir ge","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32703-smart-contract-low-unexpected-variable-shadowing-during-ir-generati","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"F8Rg3ic2TUQ5sQAObB7b","title":"Attackathon _ Fuel Network 32706 - [Smart Contract - High] the function subtract in signed libs like","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32706-smart-contract-high-the-function-subtract-in-signed-libs-like-isw-d","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"cCanDNCLBirxP5H8ieFV","title":"Attackathon _ Fuel Network 32728 - [Smart Contract - Low] Incorrect literal type inference","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32728-smart-contract-low-incorrect-literal-type-inference","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"JMNMQEt4oAYL468qOhwK","title":"Attackathon _ Fuel Network 32730 - [Smart Contract - Low] The Sway compiler currently disallows read","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32730-smart-contract-low-the-sway-compiler-currently-disallows-read-acces","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"yzHgJEW353DAmY17Ouzp","title":"Attackathon _ Fuel Network 32768 - [Blockchain_DLT - Medium] WDCM and WQCM doesnt respect the fuel-s","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32768-blockchain_dlt-medium-wdcm-and-wqcm-doesnt-respect-the-fuel-specs","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"K1zr4mxHH8bhG2pODsUR","title":"Attackathon _ Fuel Network 32786 - [Smart Contract - Low] incorrect set of i bits to which it should","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32786-smart-contract-low-incorrect-set-of-i-bits-to-which-it-should-be-bi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"5wgrR5tC2ud2wYSMngZ1","title":"Attackathon _ Fuel Network 32812 - [Smart Contract - Low] Sway-libSRC- Buffer overflow in swap_confi","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32812-smart-contract-low-sway-libsrc-buffer-overflow-in-swap_configurable","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"lh7EXmN6XwxrRznvx6hH","title":"Attackathon _ Fuel Network 32825 - [Blockchain_DLT - High] Consensus between -bit and -bit system ca","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32825-blockchain_dlt-high-consensus-between-bit-and-bit-system-can-fail-f","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"EqOKXU5Liw8N4L9ch4aA","title":"Attackathon _ Fuel Network 32835 - [Smart Contract - Insight] sway compiler doesnt prevent function","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32835-smart-contract-insight-sway-compiler-doesnt-prevent-function-select","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"sI9nzaHwDkrbdlIhR3P9","title":"Attackathon _ Fuel Network 32849 - [Smart Contract - Low] Insufficient array construction element ty","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32849-smart-contract-low-insufficient-array-construction-element-type-che","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"8sbqCSXZGE4oB7b2OUdV","title":"Attackathon _ Fuel Network 32854 - [Smart Contract - Low] Sway-libstd-libcompiler Storage collision","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32854-smart-contract-low-sway-libstd-libcompiler-storage-collision-betwee","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"Sy81ssHjXXJ0L9qXoohP","title":"Attackathon _ Fuel Network 32859 - [Smart Contract - Low] Incorrect argument pointer creation","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32859-smart-contract-low-incorrect-argument-pointer-creation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"7F5jUgXUWzOg3I1Txt6a","title":"Attackathon _ Fuel Network 32860 - [Blockchain_DLT - Insight] Resource Abuse CCP instruction is load","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32860-blockchain_dlt-insight-resource-abuse-ccp-instruction-is-loading-th","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"LBr2yGn3Um5K7ccEHEBg","title":"Attackathon _ Fuel Network 32872 - [Smart Contract - High] Incorrect load_store_to_memcopy optimizat","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32872-smart-contract-high-incorrect-load_store_to_memcopy-optimization","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"uXsZSxD0E8dpLlm5kZ3i","title":"Attackathon _ Fuel Network 32884 - [Smart Contract - Medium] Compilerstd-lib storage collison betwee","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32884-smart-contract-medium-compilerstd-lib-storage-collison-between-vari","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"BUvZNLOWAQhlWIIP0BkU","title":"Attackathon _ Fuel Network 32886 - [Smart Contract - Medium] Incorrect function purity check","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32886-smart-contract-medium-incorrect-function-purity-check","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"V53REbWmy7okT9sC8o1v","title":"Attackathon _ Fuel Network 32924 - [Smart Contract - Insight] sways legacy storage namespacing is br","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32924-smart-contract-insight-sways-legacy-storage-namespacing-is-broken-a","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"l56TZ7Fw7Hunl5SOUb3m","title":"Attackathon _ Fuel Network 32935 - [Smart Contract - Insight] Insufficient trait duplication check","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32935-smart-contract-insight-insufficient-trait-duplication-check","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"CijZSzJID0OM1iZstaef","title":"Attackathon _ Fuel Network 32937 - [Smart Contract - Insight] Fallback function can be directly call","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32937-smart-contract-insight-fallback-function-can-be-directly-called-wit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"awQkS6QIdNQULUxmLbrk","title":"Attackathon _ Fuel Network 32938 - [Smart Contract - Insight] Insufficient declaration shadowing che","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32938-smart-contract-insight-insufficient-declaration-shadowing-check","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"5k8DbSyBjGHva9lnY6de","title":"Attackathon _ Fuel Network 32965 - [Blockchain_DLT - Critical] Messages to L included even on revert","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32965-blockchain_dlt-critical-messages-to-l-included-even-on-reverts-allo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"rJ6RPkcfBFNzTypr5LF6","title":"Attackathon _ Fuel Network 32973 - [Smart Contract - Medium] Impl block dependency overwriting","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32973-smart-contract-medium-impl-block-dependency-overwriting","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"B3FzT6xQRpgZrCjbrsPE","title":"Attackathon _ Fuel Network 32978 - [Blockchain_DLT - Insight] isolating the node from the networkcau","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32978-blockchain_dlt-insight-isolating-the-node-from-the-networkcausing-o","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"Coov1LPKvo6ZNVulnn3E","title":"Attackathon _ Fuel Network 32979 - [Smart Contract - Low] operations with StorageVec incorrectly rev","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32979-smart-contract-low-operations-with-storagevec-incorrectly-revert-du","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"JEO83D13yxf7l2KH0bI0","title":"Attackathon _ Fuel Network 32987 - [Blockchain_DLT - Insight] Sending a message with ETH and data to","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-32987-blockchain_dlt-insight-sending-a-message-with-eth-and-data-to-the-f","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"soggqTYeZbMbmd9k4ABM","title":"Attackathon _ Fuel Network 33039 - [Smart Contract - High] The subtraction function is not correctly","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33039-smart-contract-high-the-subtraction-function-is-not-correctly-imple","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"xher3gJr8pCkmgFSIJhX","title":"Attackathon _ Fuel Network 33045 - [Smart Contract - Low] Compiler Dead Code Elimination inconsisten","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33045-smart-contract-low-compiler-dead-code-elimination-inconsistently-re","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"Q4SUr4dP8OYJ40uQtTYU","title":"Attackathon _ Fuel Network 33101 - [Smart Contract - Insight] Associated functions that were impleme","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33101-smart-contract-insight-associated-functions-that-were-implemented-f","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"s1lPRlnbKvG9CLGWrADT","title":"Attackathon _ Fuel Network 33139 - [Smart Contract - Insight] Unreachable panic in sway compiler whe","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33139-smart-contract-insight-unreachable-panic-in-sway-compiler-when-pars","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"ekOx6waehjVtHkfhmoHT","title":"Attackathon _ Fuel Network 33140 - [Smart Contract - Insight] Sway compiler crash when compile malic","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33140-smart-contract-insight-sway-compiler-crash-when-compile-malicious-c","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"aeAlzwMi6kHDaoyxHBwf","title":"Attackathon _ Fuel Network 33168 - [Smart Contract - High] Incorrect Sign Determination In Multiply","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33168-smart-contract-high-incorrect-sign-determination-in-multiply-divide","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"DGW9FLwb9KdzalxWVgFP","title":"Attackathon _ Fuel Network 33170 - [Smart Contract - Medium] UFP Exp In Sway-lib Logic Vulnerability","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33170-smart-contract-medium-ufp-exp-in-sway-lib-logic-vulnerability","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"gdQGQXoOd8HXJbf5KN3n","title":"Attackathon _ Fuel Network 33171 - [Smart Contract - Insight] panic on unwrapping in decl_to_type_in","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33171-smart-contract-insight-panic-on-unwrapping-in-decl_to_type_info","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"1i1UgSj5ODO8YHmE25r2","title":"Attackathon _ Fuel Network 33172 - [Smart Contract - Insight] OOB in type_check_analyze of ImplTrait","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33172-smart-contract-insight-oob-in-type_check_analyze-of-impltrait","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"PQKJn2s5hc5EUq4aRET8","title":"Attackathon _ Fuel Network 33175 - [Smart Contract - High] Sway-lib Subtract i Logic Vulnerability","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33175-smart-contract-high-sway-lib-subtract-i-logic-vulnerability","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"YkATNDHtPBIzCS3EziFp","title":"Attackathon _ Fuel Network 33181 - [Smart Contract - Insight] users messages might encode incorrect","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33181-smart-contract-insight-users-messages-might-encode-incorrect-data-w","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"i1KiXwJQ6Tg5njGVf25S","title":"Attackathon _ Fuel Network 33186 - [Smart Contract - Medium] _compute_bytecode_root goes to an infin","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33186-smart-contract-medium-_compute_bytecode_root-goes-to-an-infinite-lo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"sbX7SkG3pfMd2PkLcr9D","title":"Attackathon _ Fuel Network 33191 - [Smart Contract - Insight] Sway Formatting Behaves Differently Ba","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33191-smart-contract-insight-sway-formatting-behaves-differently-based-on","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"I4Ub1Bwrp9c2ZWwo2Fre","title":"Attackathon _ Fuel Network 33193 - [Blockchain_DLT - Medium] Fuel SDKs ABI Decoder Behaves Different","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33193-blockchain_dlt-medium-fuel-sdks-abi-decoder-behaves-differently-bas","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"PmbQiCyGGtcSu0Zn5FL7","title":"Attackathon _ Fuel Network 33195 - [Smart Contract - High] Incorrect Calculations in Subtraction Fun","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33195-smart-contract-high-incorrect-calculations-in-subtraction-functions","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"Pfwa64zIG2ePiWJf3011","title":"Attackathon _ Fuel Network 33203 - [Smart Contract - Insight] function inlining doesnt consider asm","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33203-smart-contract-insight-function-inlining-doesnt-consider-asm-blocks","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"OaoZNpz20NSkdIKPGrbe","title":"Attackathon _ Fuel Network 33207 - [Smart Contract - Insight] users created message when withdrawing","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33207-smart-contract-insight-users-created-message-when-withdrawing-from","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"7zhmBj0JqldSVCkPLpbO","title":"Attackathon _ Fuel Network 33227 - [Smart Contract - High] Lack of overflow protection in the pow fu","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33227-smart-contract-high-lack-of-overflow-protection-in-the-pow-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"kFA3BtiZD6DKchVwpbRU","title":"Attackathon _ Fuel Network 33233 - [Smart Contract - Medium] Incorrect Implementation of Unsigned -b","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33233-smart-contract-medium-incorrect-implementation-of-unsigned-bit-fixe","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"8rlDcFXbRWI70B2FcWOP","title":"Attackathon _ Fuel Network 33239 - [Smart Contract - Low] Incorrect Implementation of IFP Min Functi","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33239-smart-contract-low-incorrect-implementation-of-ifp-min-functions","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"zyIA1aWafwZzMThKJXtH","title":"Attackathon _ Fuel Network 33240 - [Smart Contract - Insight] Incorrect Bitness in IFP Types","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33240-smart-contract-insight-incorrect-bitness-in-ifp-types","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"6zkr0bDbX2s1YrlUj8pb","title":"Attackathon _ Fuel Network 33242 - [Smart Contract - High] Incorrect Implementation of IFP Multiply","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33242-smart-contract-high-incorrect-implementation-of-ifp-multiply-and-di","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"RlS1XQH4XJnKFXILj03b","title":"Attackathon _ Fuel Network 33248 - [Smart Contract - High] Incorrect Implementation of IFP Floor and","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33248-smart-contract-high-incorrect-implementation-of-ifp-floor-and-ceil","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"EM7wmsJZYNRLcAgL36s3","title":"Attackathon _ Fuel Network 33267 - [Smart Contract - High] Bug in Multiply and Divide function","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33267-smart-contract-high-bug-in-multiply-and-divide-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"JRv091KZgriKZkzX86eS","title":"Attackathon _ Fuel Network 33286 - [Smart Contract - Insight] panic on unwrapping in type_check_trai","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33286-smart-contract-insight-panic-on-unwrapping-in-type_check_trait_impl","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"fJxdJyDWg1Xaembl7oSe","title":"Attackathon _ Fuel Network 33295 - [Smart Contract - Low] Bug in array decoding can lead to critical","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33295-smart-contract-low-bug-in-array-decoding-can-lead-to-critical-secur","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"qPYBFI4sHi0YYngFpazR","title":"Attackathon _ Fuel Network 33302 - [Smart Contract - Medium] Exp function does not work correctly","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33302-smart-contract-medium-exp-function-does-not-work-correctly","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"Ux2iKCfxMPkumod4p0ku","title":"Attackathon _ Fuel Network 33303 - [Smart Contract - Medium] Incorrect sign change","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33303-smart-contract-medium-incorrect-sign-change","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"5POvXGMPXKgeZxXNA5d7","title":"Attackathon _ Fuel Network 33331 - [Smart Contract - High] Overflow in Types Less Than u","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33331-smart-contract-high-overflow-in-types-less-than-u","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"5i5vhzIVL82pT4ho1Byg","title":"Attackathon _ Fuel Network 33346 - [Blockchain_DLT - Low] Incorrect error handling when executing bl","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33346-blockchain_dlt-low-incorrect-error-handling-when-executing-block-ca","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"kXwNVj4fNBkZ5VdTLkFe","title":"Attackathon _ Fuel Network 33351 - [Smart Contract - Critical] ABI supertraits methods are available","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33351-smart-contract-critical-abi-supertraits-methods-are-available-exter","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"kxkCFmvPgonSmcazsJcZ","title":"Attackathon _ Fuel Network 33360 - [Blockchain_DLT - Medium] The typescript SDK has no awareness of","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33360-blockchain_dlt-medium-the-typescript-sdk-has-no-awareness-of-to-be","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"xpPIKWAAZau8XnTkC2x3","title":"Attackathon _ Fuel Network 33401 - [Smart Contract - Insight] insight compiler crash - trait dummy m","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33401-smart-contract-insight-insight-compiler-crash-trait-dummy-method-wa","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"V4zEWsSiQHAVNQHDa4Dq","title":"Attackathon _ Fuel Network 33407 - [Smart Contract - Insight] Missing Zero-Check for to Address in w","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33407-smart-contract-insight-missing-zero-check-for-to-address-in-withdra","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"ywzvKe22R5kKRWTknW1F","title":"Attackathon _ Fuel Network 33433 - [Smart Contract - Low] Self-append in Bytes data structure causes","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33433-smart-contract-low-self-append-in-bytes-data-structure-causes-memor","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"rdv8ByYimDuTf2yE9nbB","title":"Attackathon _ Fuel Network 33444 - [Smart Contract - Insight] Sway compiler crash for access out-of-","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33444-smart-contract-insight-sway-compiler-crash-for-access-out-of-bound","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"G7xWsKbVtSJ7Oa9Upfh7","title":"Attackathon _ Fuel Network 33450 - [Blockchain_DLT - Insight] fuel_gas_price_algorithm AlgorithmV ma","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33450-blockchain_dlt-insight-fuel_gas_price_algorithm-algorithmv-may-pani","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"oQYHVhAI2Ftkdexj2npS","title":"Attackathon _ Fuel Network 33451 - [Smart Contract - Medium] Incorrect code size estimation can bypa","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33451-smart-contract-medium-incorrect-code-size-estimation-can-bypass-pro","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"e1USs0el7Pvx8gWCLcb3","title":"Attackathon _ Fuel Network 33487 - [Smart Contract - Insight] Flags Do Not Affect Types Less Than u","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33487-smart-contract-insight-flags-do-not-affect-types-less-than-u","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"7mYrNsvFX4ZslWqOPpE7","title":"Attackathon _ Fuel Network 33488 - [Smart Contract - Medium] Insecure implementation of StorageMap c","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33488-smart-contract-medium-insecure-implementation-of-storagemap-could-l","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"y5yhmoyfl2RIAi9igSm1","title":"Attackathon _ Fuel Network 33519 - [Smart Contract - Critical] Silent Stack overflow on variables be","pathname":"/fuel-network-or-attackathon/attackathon-_-fuel-network-33519-smart-contract-critical-silent-stack-overflow-on-variables-between","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fuel Network | Attackathon"}]},{"id":"RfaaFTJsfZoeOMoyK88x","title":"IDEX","pathname":"/idex","siteSpaceId":"sitesp_stpzW","description":""},{"id":"v419tkroCLCcz5sNjUM8","title":"Boost _ IDEX 34239 - [Smart Contract - Insight] Dont validate stale price in Pyth Network","pathname":"/idex/boost-_-idex-34239-smart-contract-insight-dont-validate-stale-price-in-pyth-network","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"IDEX"}]},{"id":"H6R8C6QMeoVUM4XAmpUc","title":"Boost _ IDEX 34428 - [Smart Contract - Insight] Incorrect Condition in validateExitQuoteQuantityAndC","pathname":"/idex/boost-_-idex-34428-smart-contract-insight-incorrect-condition-in-validateexitquotequantityandcoercei","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"IDEX"}]},{"id":"XMwXX9GJXfIz7aOC8X5s","title":"Boost _ IDEX 34437 - [Smart Contract - Insight] User positions could be unfairly liquidated due to s","pathname":"/idex/boost-_-idex-34437-smart-contract-insight-user-positions-could-be-unfairly-liquidated-due-to-stale-i","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"IDEX"}]},{"id":"U8hvyzNC7sUYJIkfXGdO","title":"Boost _ IDEX 34494 - [Smart Contract - High] Tokens deposit in ExchangeStargateVAdapterlzCompose is","pathname":"/idex/boost-_-idex-34494-smart-contract-high-tokens-deposit-in-exchangestargatevadapterlzcompose-is-not-pr","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"IDEX"}]},{"id":"hway7N0ECOK2aXJHrfUw","title":"Boost _ IDEX 34566 - [Smart Contract - Insight] Withdrawingsolwithdraw_delegatecall - Its possible f","pathname":"/idex/boost-_-idex-34566-smart-contract-insight-withdrawingsolwithdraw_delegatecall-its-possible-for-users","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"IDEX"}]},{"id":"SD0TJqsRlMkMeSahTWl7","title":"Immunefi Arbitration","pathname":"/immunefi-arbitration","siteSpaceId":"sitesp_stpzW","description":""},{"id":"QlUoHHPX6htDxRwfnonK","title":"29318 - [SC - Insight] Timelock contract should use canExecuteTransact...","pathname":"/immunefi-arbitration/29318-sc-insight-timelock-contract-should-use-canexecutetransact...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"yx3LN6c7fLfc4viSfTIQ","title":"29341 - [SC - Insight] Unsafe Downcast vulnerability this can lead to ...","pathname":"/immunefi-arbitration/29341-sc-insight-unsafe-downcast-vulnerability-this-can-lead-to-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"1E98ROlVR5wLbLXjKioo","title":"29347 - [SC - Insight] Chainlinks latestRoundData might return stale o...","pathname":"/immunefi-arbitration/29347-sc-insight-chainlinks-latestrounddata-might-return-stale-o...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"rO3kY8OvtqfReRtTYFh8","title":"29348 - [SC - Insight] Token price returned by PriceConsumer may be in...","pathname":"/immunefi-arbitration/29348-sc-insight-token-price-returned-by-priceconsumer-may-be-in...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"qjdu9JUBCoox2i85wUR1","title":"29384 - [SC - Insight] Malicious project can remove the ImmunefiGuard ...","pathname":"/immunefi-arbitration/29384-sc-insight-malicious-project-can-remove-the-immunefiguard-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"ytRTrtAJM96o3AuBMShH","title":"29432 - [SC - Low] Malicious project can grief reward payouts from...","pathname":"/immunefi-arbitration/29432-sc-low-malicious-project-can-grief-reward-payouts-from...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"Kf03nTHNg8mSE0n0WV1f","title":"29445 - [SC - Insight] latestRoundData Call May Result Stale","pathname":"/immunefi-arbitration/29445-sc-insight-latestrounddata-call-may-result-stale","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"Pzp7w402oW1TIJsQORry","title":"29467 - [SC - Low] RewardTimelockexecuteRewardTransaction - L Inco...","pathname":"/immunefi-arbitration/29467-sc-low-rewardtimelockexecuterewardtransaction-l-inco...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"3hIKqOQxfFfTmH07xmEW","title":"29483 - [SC - Insight] RewardTimelockcanExecuteTransaction - Reward tr...","pathname":"/immunefi-arbitration/29483-sc-insight-rewardtimelockcanexecutetransaction-reward-tr...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"bn8UoUfzids1KFmVLlcl","title":"29484 - [SC - Insight] Potential Loss of Precision in Conversion from ...","pathname":"/immunefi-arbitration/29484-sc-insight-potential-loss-of-precision-in-conversion-from-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"KOxw0JI3cwojgeTv4qUR","title":"29513 - [SC - Insight] Critical reentrancy vulnerability in executeRew...","pathname":"/immunefi-arbitration/29513-sc-insight-critical-reentrancy-vulnerability-in-executerew...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"har2QS8TML6o9I7dxUAE","title":"29604 - [SC - Insight] VaultDelegatesendReward - Token fees not subtra...","pathname":"/immunefi-arbitration/29604-sc-insight-vaultdelegatesendreward-token-fees-not-subtra...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"KjuQMJF7Rxy5RkojIiFi","title":"29738 - [SC - Low] Missing Chainlink circuit breaker check allows ...","pathname":"/immunefi-arbitration/29738-sc-low-missing-chainlink-circuit-breaker-check-allows-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"c0jOHWKD1ksTznVqnW4p","title":"29744 - [SC - Insight] Projects can pay rewards at up to below market...","pathname":"/immunefi-arbitration/29744-sc-insight-projects-can-pay-rewards-at-up-to-below-market...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"4AHZXRrmTQ2H2n7Jcobo","title":"29760 - [SC - Insight] Enforcing Multiple Rewards During Arbitration B...","pathname":"/immunefi-arbitration/29760-sc-insight-enforcing-multiple-rewards-during-arbitration-b...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Immunefi Arbitration"}]},{"id":"Vqm8EEalZTmyLie7pOFd","title":"Lido: Mellow Vault","pathname":"/lido-mellow-vault","siteSpaceId":"sitesp_stpzW","description":""},{"id":"0XgTGVlcxmm8AjD5OV0A","title":"Boost _ Lido_ Mellow Vault 34756 - [Smart Contract - Insight] Missing calldata forwarding in Vaultde","pathname":"/lido-mellow-vault/boost-_-lido_-mellow-vault-34756-smart-contract-insight-missing-calldata-forwarding-in-vaultdeposit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lido: Mellow Vault"}]},{"id":"MPAJbzTTXE9MTnwO3X7g","title":"Mitigation Audit | Folks Finance","pathname":"/mitigation-audit-or-folks-finance","siteSpaceId":"sitesp_stpzW","description":""},{"id":"nJ8BLGl1qORNqAq89VNe","title":"Mitigation Audit _ Folks Finance 34929 - [Smart Contract - Critical] Accounting Discrepancy in Fee R","pathname":"/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-34929-smart-contract-critical-accounting-discrepancy-in-fee-retenti","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Mitigation Audit | Folks Finance"}]},{"id":"3Jf4zdeFLMNsxfSuCFz3","title":"Mitigation Audit _ Folks Finance 34942 - [Smart Contract - Insight] In function function getTwapPric","pathname":"/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-34942-smart-contract-insight-in-function-function-gettwapprice-if-l","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Mitigation Audit | Folks Finance"}]},{"id":"ZxLwEgnX79sw4Cltk86s","title":"Mitigation Audit _ Folks Finance 35089 - [Smart Contract - Insight] Malicious actor can control inte","pathname":"/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-35089-smart-contract-insight-malicious-actor-can-control-interest-r","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Mitigation Audit | Folks Finance"}]},{"id":"6bZsExh2ysMjlX9BIFcS","title":"Puffer Finance","pathname":"/puffer-finance","siteSpaceId":"sitesp_stpzW","description":""},{"id":"fGYcQZeQKeReYU8ysFkH","title":"28612 - [SC - Insight] EigenLayers share rate can be massively inflate...","pathname":"/puffer-finance/28612-sc-insight-eigenlayers-share-rate-can-be-massively-inflate...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"kTiTkd8YcMvn0S9D49EM","title":"28613 - [SC - Medium] User will lose funds","pathname":"/puffer-finance/28613-sc-medium-user-will-lose-funds","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"J99a0Q7IMY4JJvc7UETs","title":"28623 - [SC - Low] Timelock transaction that consume more then _ g...","pathname":"/puffer-finance/28623-sc-low-timelock-transaction-that-consume-more-then-_-g...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"EcOLGeA0DuagktUL9AOu","title":"28625 - [SC - Insight] Gas griefing is possible on external call","pathname":"/puffer-finance/28625-sc-insight-gas-griefing-is-possible-on-external-call","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"207aFDjfukfsApdhvXsL","title":"28629 - [SC - Insight] Missing restricted modifier on claimWithdrawalF...","pathname":"/puffer-finance/28629-sc-insight-missing-restricted-modifier-on-claimwithdrawalf...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"4oaKM8VRuCzXX1EGEWNu","title":"28630 - [SC - Insight] Improper Validation for Partial Filling of INCH...","pathname":"/puffer-finance/28630-sc-insight-improper-validation-for-partial-filling-of-inch...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"tBtwttARFjrtvT3R0rpu","title":"28632 - [SC - Insight] Setting delay at MINIMUM_DELAY in timelock fails","pathname":"/puffer-finance/28632-sc-insight-setting-delay-at-minimum_delay-in-timelock-fails","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"OeDzzeFqrPjCMJO6ERPa","title":"28645 - [SC - Insight] Attacker Prevents All Users From Withdrawing Fu...","pathname":"/puffer-finance/28645-sc-insight-attacker-prevents-all-users-from-withdrawing-fu...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"BpaqJvLlPZBtzxPHxrHn","title":"28646 - [SC - Insight] Resubmission with Pause Bypass Potential Exploi...","pathname":"/puffer-finance/28646-sc-insight-resubmission-with-pause-bypass-potential-exploi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"7l8mqlA0ziZo8NniLhUw","title":"28650 - [SC - Insight] Protocol Insolvency due to the over inflated ca...","pathname":"/puffer-finance/28650-sc-insight-protocol-insolvency-due-to-the-over-inflated-ca...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"OFjtwL8ZRMKru80VipRP","title":"28656 - [SC - Insight] Blocking redeemwithdraw from vault","pathname":"/puffer-finance/28656-sc-insight-blocking-redeemwithdraw-from-vault","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Fv5OTL6IB9nvncJGJHc6","title":"28660 - [SC - Insight] pufETHsrcTimelock_setDelay - L State constant M...","pathname":"/puffer-finance/28660-sc-insight-pufethsrctimelock_setdelay-l-state-constant-m...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"YCrKJ1caHvY3Fp5C8y3Y","title":"28663 - [SC - Low] Deposit of stETH fails due to LIDOs - wei corno...","pathname":"/puffer-finance/28663-sc-low-deposit-of-steth-fails-due-to-lidos-wei-corno...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"xqcg47mIefsvLIGbqNAe","title":"28665 - [SC - Low] Underflow risk in receive function due to discr...","pathname":"/puffer-finance/28665-sc-low-underflow-risk-in-receive-function-due-to-discr...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"uUxlUcv7U5fqudPMDYaU","title":"28687 - [SC - Low] Timelocks executeTransaction incorrectly delete...","pathname":"/puffer-finance/28687-sc-low-timelocks-executetransaction-incorrectly-delete...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"LSGweiH3M4vS4Jo2hf2L","title":"28688 - [SC - Insight] Unhandled Failure of _executeTransaction Call i...","pathname":"/puffer-finance/28688-sc-insight-unhandled-failure-of-_executetransaction-call-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Kv74GJkMkUByLHXSyikk","title":"28689 - [SC - Medium] incorrect lidoLockedETH value can block full re...","pathname":"/puffer-finance/28689-sc-medium-incorrect-lidolockedeth-value-can-block-full-re...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"DVzt7vKWYnVv7u7MXmdP","title":"28695 - [SC - Insight] pufETHsrcTimelockexecuteTransaction - L The tim...","pathname":"/puffer-finance/28695-sc-insight-pufethsrctimelockexecutetransaction-l-the-tim...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"sl7tDnnDb2B9gSy1OJiy","title":"28698 - [SC - Insight] User can frontrun claim transaction to make cla...","pathname":"/puffer-finance/28698-sc-insight-user-can-frontrun-claim-transaction-to-make-cla...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"TLJeiuL95Rd3Vhil9kHN","title":"28702 - [SC - Insight] Malicious users can frontrun permits to DoS swaps","pathname":"/puffer-finance/28702-sc-insight-malicious-users-can-frontrun-permits-to-dos-swaps","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"HwE8CkYNPnmHyrRCbzv6","title":"28729 - [SC - Insight] MINIMUM_DELAY uses incorrect value of days ins...","pathname":"/puffer-finance/28729-sc-insight-minimum_delay-uses-incorrect-value-of-days-ins...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"hhAu8UzZO1cv9Zu27O4f","title":"28732 - [SC - Insight] External Call from Eigen Layer can fail silentl...","pathname":"/puffer-finance/28732-sc-insight-external-call-from-eigen-layer-can-fail-silentl...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"xWkyLxpr1feO9UpnE6Ji","title":"28773 - [SC - Insight] The function claimWithdrawalFromEigenLayer can ...","pathname":"/puffer-finance/28773-sc-insight-the-function-claimwithdrawalfromeigenlayer-can-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"A4knAQ8Hn2kHgO1m2b8C","title":"28775 - [SC - Insight] pufETHsrcTimelocksolexecuteTransaction - This b...","pathname":"/puffer-finance/28775-sc-insight-pufethsrctimelocksolexecutetransaction-this-b...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"gcipFPT7YawhcXbDPEJO","title":"28777 - [SC - Low] pufETHsrcTimelocksolexecuteTransaction - This b...","pathname":"/puffer-finance/28777-sc-low-pufethsrctimelocksolexecutetransaction-this-b...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"l7fGgRNrWCEpQNpg76fj","title":"28779 - [SC - Insight] Missing sender address check in receive may lea...","pathname":"/puffer-finance/28779-sc-insight-missing-sender-address-check-in-receive-may-lea...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"IsLz0h3Bbv9hZ8u0TJJ1","title":"28788 - [SC - Critical] Slash during a withdrawal from EigenLayer will ...","pathname":"/puffer-finance/28788-sc-critical-slash-during-a-withdrawal-from-eigenlayer-will-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Xd31aipRczCvAPwbP5KF","title":"28789 - [SC - Low] Return value of call is not checked causing fai...","pathname":"/puffer-finance/28789-sc-low-return-value-of-call-is-not-checked-causing-fai...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"SXTRSlGBY4RhhtTsDRrk","title":"28792 - [SC - Low] Return value of low level isnt checked executio...","pathname":"/puffer-finance/28792-sc-low-return-value-of-low-level-isnt-checked-executio...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"5veAAXlz479grvrs0GeH","title":"28796 - [SC - Low] The PufferVaultgetPendingLidoETHAmount will ret...","pathname":"/puffer-finance/28796-sc-low-the-puffervaultgetpendinglidoethamount-will-ret...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Xx1Q21gqlBRvGVg2UsQj","title":"28813 - [SC - Insight] PufferVaultclaimWithdrawalFromLido according to...","pathname":"/puffer-finance/28813-sc-insight-puffervaultclaimwithdrawalfromlido-according-to...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"7nYk3yhnYY5oYTYmazJM","title":"28827 - [SC - Insight] Multi requestid claims can trigger DOS","pathname":"/puffer-finance/28827-sc-insight-multi-requestid-claims-can-trigger-dos","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"XvHxCUuavWrc4PM3iEPp","title":"28833 - [SC - Insight] Missing slippage protection in functions deposi...","pathname":"/puffer-finance/28833-sc-insight-missing-slippage-protection-in-functions-deposi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"66bMZI49fsRe0bqK32Is","title":"28852 - [SC - Insight] Reverting permit transactions caught in the cat...","pathname":"/puffer-finance/28852-sc-insight-reverting-permit-transactions-caught-in-the-cat...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"TZHyiESU3IpEnIx8IZuZ","title":"28921 - [SC - Medium] Possibly protocol insolvency during a LIDO slas...","pathname":"/puffer-finance/28921-sc-medium-possibly-protocol-insolvency-during-a-lido-slas...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"6e4ylWFmYhilLcjSyXGR","title":"28934 - [SC - Insight] TimelockcancelTransaction does not check asser...","pathname":"/puffer-finance/28934-sc-insight-timelockcanceltransaction-does-not-check-asser...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Iiyd9tEWh3iEtRyjTJyp","title":"28942 - [SC - Insight] Self Destruction of inchRouter can lead to loss...","pathname":"/puffer-finance/28942-sc-insight-self-destruction-of-inchrouter-can-lead-to-loss...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"IWFbe9A8dRa1W1cV7bOx","title":"28946 - [SC - Low] The assets accounting of the vault can become o...","pathname":"/puffer-finance/28946-sc-low-the-assets-accounting-of-the-vault-can-become-o...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"1DZCTfEmjxm8POJ3OeMk","title":"28947 - [SC - Insight] Info","pathname":"/puffer-finance/28947-sc-insight-info","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"eto67DctnY2ZUPnlJAeS","title":"28964 - [SC - Insight] Claiming withdrawals from Lido can lead to unbo...","pathname":"/puffer-finance/28964-sc-insight-claiming-withdrawals-from-lido-can-lead-to-unbo...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"pFuHpNGDsEdIxVvxBgwe","title":"28971 - [SC - Low] Double spending or double execution of transact...","pathname":"/puffer-finance/28971-sc-low-double-spending-or-double-execution-of-transact...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"V45awZ6XNhI3EzxFPrs8","title":"28991 - [SC - Insight] Contract uint delay variable cannot be set to i...","pathname":"/puffer-finance/28991-sc-insight-contract-uint-delay-variable-cannot-be-set-to-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"80YJuqamko2539Mjv3a5","title":"29006 - [SC - Medium] Lack of Success check of the Timelock executeT...","pathname":"/puffer-finance/29006-sc-medium-lack-of-success-check-of-the-timelock-executet...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"KuvYfJAe6KIVln0Pt0nH","title":"29015 - [SC - Low] Boolean return value of addresscall function no...","pathname":"/puffer-finance/29015-sc-low-boolean-return-value-of-addresscall-function-no...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"74DVOpbCmJQmZldfQa0S","title":"29017 - [SC - Insight] Timelock is not capable of performing payable t...","pathname":"/puffer-finance/29017-sc-insight-timelock-is-not-capable-of-performing-payable-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"nVtyTyKA87KXVDavGJdb","title":"29033 - [SC - High] Queued data will be lost if Tx is unsuccessful ...","pathname":"/puffer-finance/29033-sc-high-queued-data-will-be-lost-if-tx-is-unsuccessful-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Hbfo7nGdbPt5ZsnSWqCQ","title":"29054 - [SC - Medium] Lido discounted withdrawals are not accounted for","pathname":"/puffer-finance/29054-sc-medium-lido-discounted-withdrawals-are-not-accounted-for","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"oI9xysNLDTIcWtAbVrzq","title":"29060 - [SC - Medium] initiateETHWithdrawalsFromLido decreases totalA...","pathname":"/puffer-finance/29060-sc-medium-initiateethwithdrawalsfromlido-decreases-totala...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Pw5TADoTrZAJUr3eUClQ","title":"29067 - [SC - Low] Puffer Finance Missing Verification of Externa...","pathname":"/puffer-finance/29067-sc-low-puffer-finance-missing-verification-of-externa...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"qVf1A7642nlKS2qAj3Rz","title":"29073 - [SC - Insight] excuteTransaction in timelock contract will una...","pathname":"/puffer-finance/29073-sc-insight-excutetransaction-in-timelock-contract-will-una...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"SspipDHKydr5XS0bBJQj","title":"29080 - [SC - Insight] Uninitialized uups upgradeable can lead to loss...","pathname":"/puffer-finance/29080-sc-insight-uninitialized-uups-upgradeable-can-lead-to-loss...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"csQB4Dli62n8lIxq1MVM","title":"29081 - [SC - Insight] No constructor should be used to set in upgrade...","pathname":"/puffer-finance/29081-sc-insight-no-constructor-should-be-used-to-set-in-upgrade...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"CQk8MCQoQBazWSTjdg66","title":"29082 - [SC - Insight] Restricted modifier should not be used with int...","pathname":"/puffer-finance/29082-sc-insight-restricted-modifier-should-not-be-used-with-int...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"Yd75Tv8xtQbb16yNyGyo","title":"29099 - [SC - Insight] Actual amount of stETH deposited is less than t...","pathname":"/puffer-finance/29099-sc-insight-actual-amount-of-steth-deposited-is-less-than-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"0gwpjsB2HVhClx3W3U6p","title":"29106 - [SC - High] Insufficient Handling of Partial Failures in Wi...","pathname":"/puffer-finance/29106-sc-high-insufficient-handling-of-partial-failures-in-wi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"6zlmYYyx1ck6j1MJXvXS","title":"29110 - [SC - Insight] Insecure Token Allowance Management in PufferDe...","pathname":"/puffer-finance/29110-sc-insight-insecure-token-allowance-management-in-pufferde...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"guYFgyCBuwctAg2Bwroh","title":"29111 - [SC - Insight] Silent Failure of ERC Permit Calls in PufferDep...","pathname":"/puffer-finance/29111-sc-insight-silent-failure-of-erc-permit-calls-in-pufferdep...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"PsRLCmQ0Detl8N38hYcG","title":"29116 - [SC - Low] Using deposit results in more shares for the sa...","pathname":"/puffer-finance/29116-sc-low-using-deposit-results-in-more-shares-for-the-sa...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Puffer Finance"}]},{"id":"F4iuj7D1aNH8nbWQEwpP","title":"Shardeum Ancillaries","pathname":"/shardeum-ancillaries","siteSpaceId":"sitesp_stpzW","description":""},{"id":"v0MYQ1wrj5y3za1XAmeZ","title":"Boost _ Shardeum_ Ancillaries 33040 - [Websites and Applications - Low] API CSRF protection bypass l","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33040-websites-and-applications-low-api-csrf-protection-bypass-leading","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"B0swO20DQkTjKbPG5xvg","title":"Boost _ Shardeum_ Ancillaries 33392 - [Websites and Applications - Insight] Validator GUI password b","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33392-websites-and-applications-insight-validator-gui-password-brutefo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"Pdq8B7qExwaM4CVowlo5","title":"Boost _ Shardeum_ Ancillaries 33490 - [Websites and Applications - Insight] Abusing blacklist functi","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33490-websites-and-applications-insight-abusing-blacklist-functionalit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"mX3uZCDemPnhXmNUcsrf","title":"Boost _ Shardeum_ Ancillaries 33522 - [Websites and Applications - Insight] Exposed Redis Service Vu","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33522-websites-and-applications-insight-exposed-redis-service-vulnerab","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"Vpx9W7RHarRZTOhNxSbw","title":"Boost _ Shardeum_ Ancillaries 33558 - [Websites and Applications - Insight] In some instances the so","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33558-websites-and-applications-insight-in-some-instances-the-socket-c","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"jRpsAULKYLxxZh88Z58D","title":"Boost _ Shardeum_ Ancillaries 33571 - [Websites and Applications - Medium] Taking down the websocket","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33571-websites-and-applications-medium-taking-down-the-websocket-serve","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"HICVNQhbZcOcf3TR62tS","title":"Boost _ Shardeum_ Ancillaries 33577 - [Websites and Applications - Insight] Taking down the HTTP ser","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33577-websites-and-applications-insight-taking-down-the-http-server-vi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"Lg5bK9zCvKk2ccg7tSFu","title":"Boost _ Shardeum_ Ancillaries 33692 - [Websites and Applications - Low] Reflected XSS in validator n","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33692-websites-and-applications-low-reflected-xss-in-validator-node-en","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"f3wGI7s8XrtxpCVdVMgw","title":"Boost _ Shardeum_ Ancillaries 33809 - [Websites and Applications - Insight] Blocking the user from i","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-33809-websites-and-applications-insight-blocking-the-user-from-interac","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"kgiQJX5uZeff30uW0rBE","title":"Boost _ Shardeum_ Ancillaries 34298 - [Websites and Applications - Medium] archive-server can be kil","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34298-websites-and-applications-medium-archive-server-can-be-killed-by","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"UAUTjkaivLebB8V7N4yB","title":"Boost _ Shardeum_ Ancillaries 34367 - [Websites and Applications - Low] CSRF vulnerability due to mi","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34367-websites-and-applications-low-csrf-vulnerability-due-to-missing","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"seDpft1P7ZnDRjtJMWJM","title":"Boost _ Shardeum_ Ancillaries 34392 - [Websites and Applications - Medium] JSON-RPC Complete Passwor","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34392-websites-and-applications-medium-json-rpc-complete-password-reco","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"QySF76fyjuYJikXP3HzW","title":"Boost _ Shardeum_ Ancillaries 34473 - [Websites and Applications - Low] Insight XSS in json rpc serv","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34473-websites-and-applications-low-insight-xss-in-json-rpc-server-wit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"suAqhBgu7RWVs5OEn7zW","title":"Boost _ Shardeum_ Ancillaries 34474 - [Websites and Applications - Insight] SQL injection in json-rp","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34474-websites-and-applications-insight-sql-injection-in-json-rpc-serv","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"TDemcQdkLMswiwqxlbRo","title":"Boost _ Shardeum_ Ancillaries 34475 - [Websites and Applications - Low] CSRF in Json RPC Server allo","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34475-websites-and-applications-low-csrf-in-json-rpc-server-allows-req","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"G928hDfE9Y2OMOTrzpT4","title":"Boost _ Shardeum_ Ancillaries 34492 - [Websites and Applications - Insight] DoS via unbounded tx id","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34492-websites-and-applications-insight-dos-via-unbounded-tx-id-list-p","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"DQv2Qi33yvDxTa8KuHdx","title":"Boost _ Shardeum_ Ancillaries 34508 - [Websites and Applications - Critical] Malicious archiver can","pathname":"/shardeum-ancillaries/boost-_-shardeum_-ancillaries-34508-websites-and-applications-critical-malicious-archiver-can-overwt","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries"}]},{"id":"PPwp7XBX0suRL4yzdFqO","title":"Shardeum Core","pathname":"/shardeum-core","siteSpaceId":"sitesp_stpzW","description":""},{"id":"ngEbDmajKMPoFoBOfXzs","title":"32942 - [BC - Low] The ChainID and URL parameters that can modify ...","pathname":"/shardeum-core/32942-bc-low-the-chainid-and-url-parameters-that-can-modify-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"UlElRLXpokSWc8m2rnoB","title":"32982 - [BC - Critical] Crashing all Validators Vulnerability in eth_g...","pathname":"/shardeum-core/32982-bc-critical-crashing-all-validators-vulnerability-in-eth_g...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"y7Al73TVJZBoYpj9lQx8","title":"32993 - [BC - Critical] Crashing Validators by triggering an uncaught e...","pathname":"/shardeum-core/32993-bc-critical-crashing-validators-by-triggering-an-uncaught-e...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"PQWFKgzY0qxwKP7YnQoZ","title":"33044 - [BC - Medium] Preventing the network from loading by disconne...","pathname":"/shardeum-core/33044-bc-medium-preventing-the-network-from-loading-by-disconne...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"ekmCVAERBq5xS0fmtCGm","title":"33086 - [BC - Critical] Complete shutdown of the transaction processing...","pathname":"/shardeum-core/33086-bc-critical-complete-shutdown-of-the-transaction-processing...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"Iqq9aAidnoxHqrNioedk","title":"33151 - [BC - Critical] Front running initial account data distribution","pathname":"/shardeum-core/33151-bc-critical-front-running-initial-account-data-distribution","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"FBPJnGzLFiT4RFF5WSVA","title":"33222 - [BC - Critical] An attacker can control which nodes can and can...","pathname":"/shardeum-core/33222-bc-critical-an-attacker-can-control-which-nodes-can-and-can...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"HdThm8uKabdV1QgZBijg","title":"33254 - [BC - Medium] The signature used to Gossip an UnjoinRequest h...","pathname":"/shardeum-core/33254-bc-medium-the-signature-used-to-gossip-an-unjoinrequest-h...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"WRzV3HkprE4IuBLV83v2","title":"33277 - [BC - Critical] Validators can be crashed via GET","pathname":"/shardeum-core/33277-bc-critical-validators-can-be-crashed-via-get","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"rWfCDrgzzxMX6NO4hnvp","title":"33278 - [BC - Critical] Improper input validation leads to DOS and tota...","pathname":"/shardeum-core/33278-bc-critical-improper-input-validation-leads-to-dos-and-tota...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"R8Folokonoh5LVIcFyMI","title":"33395 - [BC - Insight] DoS attack on peer nodes through gossip-valid-j...","pathname":"/shardeum-core/33395-bc-insight-dos-attack-on-peer-nodes-through-gossip-valid-j...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"3onC9lUASaYrQJ2tvXRJ","title":"33424 - [BC - Critical] Improper input validation in safeJsonParse lead...","pathname":"/shardeum-core/33424-bc-critical-improper-input-validation-in-safejsonparse-lead...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"6CoPimmOMRXQW5DbpPXP","title":"33428 - [BC - Critical] Validators can be crashed via pp","pathname":"/shardeum-core/33428-bc-critical-validators-can-be-crashed-via-pp","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"9jqPmcYkYCDpthp83zPI","title":"33473 - [BC - High] Cross-chain replay attacks are possible due to ...","pathname":"/shardeum-core/33473-bc-high-cross-chain-replay-attacks-are-possible-due-to-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"EoSe1NbGtFbre1cZBLo5","title":"33483 - [BC - Critical] shardeum validator bypass loop breaking increme...","pathname":"/shardeum-core/33483-bc-critical-shardeum-validator-bypass-loop-breaking-increme...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"frWm2biPGrmh760X9EOs","title":"33520 - [BC - Insight] Inconsistent consensus issue for BlakeF precomp...","pathname":"/shardeum-core/33520-bc-insight-inconsistent-consensus-issue-for-blakef-precomp...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"VHDnnKO3RiDUytGNFtP3","title":"33576 - [BC - High] Lack of deduplication in joinarchiver requests ...","pathname":"/shardeum-core/33576-bc-high-lack-of-deduplication-in-joinarchiver-requests-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"JITlMM8vp0ri72LNwTXF","title":"33632 - [BC - Critical] Signature forgery on behalf of other nodes lead...","pathname":"/shardeum-core/33632-bc-critical-signature-forgery-on-behalf-of-other-nodes-lead...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"BsYLWhTqLUGR7hbaKXMm","title":"33637 - [BC - Critical] In get_tx_timestamp a prototype pollution bri...","pathname":"/shardeum-core/33637-bc-critical-in-get_tx_timestamp-a-prototype-pollution-bri...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"JbW8gHXqn1UCO1hArMOz","title":"33638 - [BC - Critical] In remove_timestamp_cache a prototype polluti...","pathname":"/shardeum-core/33638-bc-critical-in-remove_timestamp_cache-a-prototype-polluti...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"pn06WRBWjOzaRQCNP0Y9","title":"33655 - [BC - Critical] Complete shutdown of the transaction processing...","pathname":"/shardeum-core/33655-bc-critical-complete-shutdown-of-the-transaction-processing...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"KIV97IOiNub7xp9E1TeX","title":"33696 - [BC - Critical] Failure to validate golden ticket admin cert","pathname":"/shardeum-core/33696-bc-critical-failure-to-validate-golden-ticket-admin-cert","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"oDsGBqalZ7oyxu2cyMbg","title":"33735 - [BC - Insight] Network split due to the sync issue in PP modul...","pathname":"/shardeum-core/33735-bc-insight-network-split-due-to-the-sync-issue-in-pp-modul...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"RO6E11sXkiGGpfSexv9x","title":"33745 - [BC - Critical] A math quirk in Javascript allows anyone to tak...","pathname":"/shardeum-core/33745-bc-critical-a-math-quirk-in-javascript-allows-anyone-to-tak...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"GhEr03VgSe2nn7SgmXjD","title":"33750 - [BC - Critical] Abusing setCertTime Transactions to drain node ...","pathname":"/shardeum-core/33750-bc-critical-abusing-setcerttime-transactions-to-drain-node-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"exyMoHhCuqsQJOZviYQd","title":"33766 - [BC - Critical] Improper input validation in TransactionConsenu...","pathname":"/shardeum-core/33766-bc-critical-improper-input-validation-in-transactionconsenu...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"mGkLhi4awMN5WtXGuAAy","title":"33813 - [BC - Insight] Double slashing of validators","pathname":"/shardeum-core/33813-bc-insight-double-slashing-of-validators","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"crK9391sHtsKqVqJjQO5","title":"33848 - [BC - High] For the first cycles of the network a maliciou...","pathname":"/shardeum-core/33848-bc-high-for-the-first-cycles-of-the-network-a-maliciou...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"cuQNVxvZ7RSCAPJbiBIM","title":"33872 - [BC - Critical] Infinite loop in shardeum","pathname":"/shardeum-core/33872-bc-critical-infinite-loop-in-shardeum","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"MeBxGBziMNiXa8ctm1mm","title":"33922 - [BC - Critical] Steal Rewards and Take over Network by Faking A...","pathname":"/shardeum-core/33922-bc-critical-steal-rewards-and-take-over-network-by-faking-a...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"Dnsi3rbetmXwc130xSBn","title":"33925 - [BC - Critical] Improper input validation in fixDeserializedWra...","pathname":"/shardeum-core/33925-bc-critical-improper-input-validation-in-fixdeserializedwra...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"0ylXJOWLxn6zJhfeLHB2","title":"33941 - [BC - Critical] A missing check for the type of a variable allo...","pathname":"/shardeum-core/33941-bc-critical-a-missing-check-for-the-type-of-a-variable-allo...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"YeuUsAKBPF0gSu6IGkEZ","title":"33946 - [BC - Critical] Lack of voter deduplication in sync_trie_hashes...","pathname":"/shardeum-core/33946-bc-critical-lack-of-voter-deduplication-in-sync_trie_hashes...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"7VdAYgcx19pJnaUpXYLq","title":"33963 - [BC - Critical] Crashing the network by filling timestamp cache...","pathname":"/shardeum-core/33963-bc-critical-crashing-the-network-by-filling-timestamp-cache...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"sWNCev9MVynSDnu4BHxn","title":"33972 - [BC - Critical] Inflating the votes of the hash for a malicious...","pathname":"/shardeum-core/33972-bc-critical-inflating-the-votes-of-the-hash-for-a-malicious...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"pK896ncYjCuJgcxIqTWA","title":"34012 - [BC - Critical] Improper input validation in repair_oos_account...","pathname":"/shardeum-core/34012-bc-critical-improper-input-validation-in-repair_oos_account...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"Nv6489bWu59zsho8U81Z","title":"34019 - [BC - Critical] Lack of vote validation in sync_trie_hashes lea...","pathname":"/shardeum-core/34019-bc-critical-lack-of-vote-validation-in-sync_trie_hashes-lea...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"MtYfQaIx4sEine1n9Dtn","title":"34020 - [BC - Critical] An alternative entry point with a separated but...","pathname":"/shardeum-core/34020-bc-critical-an-alternative-entry-point-with-a-separated-but...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"HbdUoZmPmpZfx2d3kwhB","title":"34053 - [BC - Critical] Malicious HTTP responses allow systemic applica...","pathname":"/shardeum-core/34053-bc-critical-malicious-http-responses-allow-systemic-applica...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"bvVESuthucJguzl0Wi8J","title":"34093 - [BC - Critical] lib-net can be used to force oom reap of shardu...","pathname":"/shardeum-core/34093-bc-critical-lib-net-can-be-used-to-force-oom-reap-of-shardu...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"PI01oOjWtDIX8JEJQzm3","title":"34201 - [BC - Critical] Prototype pollution vulnerability in remove_tim...","pathname":"/shardeum-core/34201-bc-critical-prototype-pollution-vulnerability-in-remove_tim...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"lwgkf6AZEBDXOt2W0pXc","title":"34252 - [BC - Critical] Bypass Certificate Signing Validation","pathname":"/shardeum-core/34252-bc-critical-bypass-certificate-signing-validation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"eSVDqnSG2UP5rdirU6bz","title":"34349 - [BC - High] Archiver Join Limit Logic Error","pathname":"/shardeum-core/34349-bc-high-archiver-join-limit-logic-error","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"MrEZmrpWRzwnSpBjTOTo","title":"34353 - [BC - Critical] Killing nodes by polluting tx timestamp cache o...","pathname":"/shardeum-core/34353-bc-critical-killing-nodes-by-polluting-tx-timestamp-cache-o...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"du1puksecR82rhCD2G2m","title":"34364 - [BC - Insight] pp deserialization denial of service issue","pathname":"/shardeum-core/34364-bc-insight-pp-deserialization-denial-of-service-issue","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"VA3xHdTFFb0FZaPEUoFK","title":"34422 - [BC - High] Forcing the new POQo system to fail preventing ...","pathname":"/shardeum-core/34422-bc-high-forcing-the-new-poqo-system-to-fail-preventing-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"vLvIGagLOEb2O8RxctTp","title":"34456 - [BC - Critical] Lack of consensus validation in repair_oos_acco...","pathname":"/shardeum-core/34456-bc-critical-lack-of-consensus-validation-in-repair_oos_acco...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"IYtQo1gAuiavSGImK8yi","title":"34476 - [BC - Critical] remove_timestamp_cache prototype pollution lead...","pathname":"/shardeum-core/34476-bc-critical-remove_timestamp_cache-prototype-pollution-lead...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"CptLWviVZa5GjPPfs8Fl","title":"34481 - [BC - Critical] Bypassing sender verification in gossip-final-s...","pathname":"/shardeum-core/34481-bc-critical-bypassing-sender-verification-in-gossip-final-s...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"dmyQD50o9Q1qtbGh6xtk","title":"34484 - [BC - Critical] Tricking legit node to signed maliciously contr...","pathname":"/shardeum-core/34484-bc-critical-tricking-legit-node-to-signed-maliciously-contr...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"RP5DNl0C5MzD0SXTkxbj","title":"34489 - [BC - Insight] ActivetsValidateRecordTypes do not check all th...","pathname":"/shardeum-core/34489-bc-insight-activetsvalidaterecordtypes-do-not-check-all-th...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"NptelquKjm8nhXlYUjUx","title":"34500 - [BC - Critical] Prototype pollution vulnerability in get_tx_tim...","pathname":"/shardeum-core/34500-bc-critical-prototype-pollution-vulnerability-in-get_tx_tim...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core"}]},{"id":"IcMg4mEupmWRm71rVMaj","title":"ThunderNFT | IOP","pathname":"/thundernft-or-iop","siteSpaceId":"sitesp_stpzW","description":""},{"id":"OumY6qIvZtWkpR89uEu0","title":"IOP _ ThunderNFT 34455 - [Smart Contract - Low] Double Token Vulnerability leads to drain funds","pathname":"/thundernft-or-iop/iop-_-thundernft-34455-smart-contract-low-double-token-vulnerability-leads-to-drain-funds","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"EZcj1zQmaA4aszBGaqGx","title":"IOP _ ThunderNFT 34496 - [Smart Contract - High] Users cant withdraw their funds for removed assets","pathname":"/thundernft-or-iop/iop-_-thundernft-34496-smart-contract-high-users-cant-withdraw-their-funds-for-removed-assets","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"JaJ7ZFdWWC2J1kBmv7kU","title":"IOP _ ThunderNFT 34519 - [Smart Contract - High] users cant withdraw their tokens when specific asse","pathname":"/thundernft-or-iop/iop-_-thundernft-34519-smart-contract-high-users-cant-withdraw-their-tokens-when-specific-asset-remo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"hiBfjhZzT6bF196MvrrO","title":"IOP _ ThunderNFT 34522 - [Smart Contract - Low] Self-transfer would inflate the balance","pathname":"/thundernft-or-iop/iop-_-thundernft-34522-smart-contract-low-self-transfer-would-inflate-the-balance","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"RQM0ufrIdA0YU0S3cJ15","title":"IOP _ ThunderNFT 34534 - [Smart Contract - Critical] Maker will always only get token even if specif","pathname":"/thundernft-or-iop/iop-_-thundernft-34534-smart-contract-critical-maker-will-always-only-get-token-even-if-specifying-a","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"tCliiLFYjeWewZqJPU44","title":"IOP _ ThunderNFT 34542 - [Smart Contract - Insight] Not Handling Balance Entries Properly in the Wit","pathname":"/thundernft-or-iop/iop-_-thundernft-34542-smart-contract-insight-not-handling-balance-entries-properly-in-the-withdraw","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"tvpK5dZQ4OTAWt9uR92Y","title":"IOP _ ThunderNFT 34545 - [Smart Contract - Low] Smart contract can be taken over by malicious user b","pathname":"/thundernft-or-iop/iop-_-thundernft-34545-smart-contract-low-smart-contract-can-be-taken-over-by-malicious-user-by-back","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"0UTjwmApUTBAIXMZlikX","title":"IOP _ ThunderNFT 34560 - [Smart Contract - Critical] Updating sell-maker-orders does not provide ref","pathname":"/thundernft-or-iop/iop-_-thundernft-34560-smart-contract-critical-updating-sell-maker-orders-does-not-provide-refunds","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"8yi46QlIeXYSgjVRbile","title":"IOP _ ThunderNFT 34565 - [Smart Contract - High] Selling maker cant cancel to retrieve his funds whe","pathname":"/thundernft-or-iop/iop-_-thundernft-34565-smart-contract-high-selling-maker-cant-cancel-to-retrieve-his-funds-when-stra","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"ZJ1pqpLlOvXN60hLfrGS","title":"IOP _ ThunderNFT 34567 - [Smart Contract - Medium] users with current bid order can not update their","pathname":"/thundernft-or-iop/iop-_-thundernft-34567-smart-contract-medium-users-with-current-bid-order-can-not-update-their-order","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"mMgIL5qW8J4UIeV1l2TE","title":"IOP _ ThunderNFT 34578 - [Smart Contract - Insight] unds Not Locked During Order Placement","pathname":"/thundernft-or-iop/iop-_-thundernft-34578-smart-contract-insight-unds-not-locked-during-order-placement","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"f0HChUKMKKQRU2mWncTH","title":"IOP _ ThunderNFT 34585 - [Smart Contract - High] Permanent freezing of NFTS that seller deposit into","pathname":"/thundernft-or-iop/iop-_-thundernft-34585-smart-contract-high-permanent-freezing-of-nfts-that-seller-deposit-into-thund","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"8F0S0XmYSXpjZofHSx6Y","title":"IOP _ ThunderNFT 34587 - [Smart Contract - High] Users might temporarily get their funds locked in P","pathname":"/thundernft-or-iop/iop-_-thundernft-34587-smart-contract-high-users-might-temporarily-get-their-funds-locked-in-pool-co","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"9GI6ztaOzJIj11zJRyag","title":"IOP _ ThunderNFT 34605 - [Smart Contract - Critical] ERC tokens can be stolen because the amount is","pathname":"/thundernft-or-iop/iop-_-thundernft-34605-smart-contract-critical-erc-tokens-can-be-stolen-because-the-amount-is-not-va","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"RCjJ62lZD96HXi0DjifP","title":"IOP _ ThunderNFT 34629 - [Smart Contract - Critical] Theft of Deposited Funds","pathname":"/thundernft-or-iop/iop-_-thundernft-34629-smart-contract-critical-theft-of-deposited-funds","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"5rsVfHhT3PUJjlqTWAza","title":"IOP _ ThunderNFT 34630 - [Smart Contract - Critical] Incorrect Token Sale Amount","pathname":"/thundernft-or-iop/iop-_-thundernft-34630-smart-contract-critical-incorrect-token-sale-amount","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"7xUx7rtiHVFP41BpDWUX","title":"IOP _ ThunderNFT 34636 - [Smart Contract - Critical] The amount is set to when creating the Executio","pathname":"/thundernft-or-iop/iop-_-thundernft-34636-smart-contract-critical-the-amount-is-set-to-when-creating-the-executionresul","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"x6CEy94KK7jD2pYbZ7qu","title":"IOP _ ThunderNFT 34642 - [Smart Contract - High] strategy de-listing causes sellers NFTs locked on T","pathname":"/thundernft-or-iop/iop-_-thundernft-34642-smart-contract-high-strategy-de-listing-causes-sellers-nfts-locked-on-thunder","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"0axU1HCK71H4NOWXTiY9","title":"IOP _ ThunderNFT 34659 - [Smart Contract - Low] Pool Balance Inflation","pathname":"/thundernft-or-iop/iop-_-thundernft-34659-smart-contract-low-pool-balance-inflation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"R4Zs2jNCxsO29iBXCvhq","title":"IOP _ ThunderNFT 34677 - [Smart Contract - Insight] NFTs can not be canceled since the cancel_order","pathname":"/thundernft-or-iop/iop-_-thundernft-34677-smart-contract-insight-nfts-can-not-be-canceled-since-the-cancel_order-functi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"vStQsjTcy8uAKbhzOHGI","title":"IOP _ ThunderNFT 34702 - [Smart Contract - Low] the function register_royalty_info does not allow to","pathname":"/thundernft-or-iop/iop-_-thundernft-34702-smart-contract-low-the-function-register_royalty_info-does-not-allow-to-be-ca","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"3IcvglLNzVEhZcagmkOF","title":"IOP _ ThunderNFT 34714 - [Smart Contract - Medium] owner of NFT who have sell orderlisting NFT can n","pathname":"/thundernft-or-iop/iop-_-thundernft-34714-smart-contract-medium-owner-of-nft-who-have-sell-orderlisting-nft-can-not-acc","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"1bGkp6ZQbPZSIKcVkuEJ","title":"IOP _ ThunderNFT 34736 - [Smart Contract - Critical] ERC tokens are stuck on the contract if more th","pathname":"/thundernft-or-iop/iop-_-thundernft-34736-smart-contract-critical-erc-tokens-are-stuck-on-the-contract-if-more-than-sup","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"aN6hvqRGEqmleGxIrR1B","title":"IOP _ ThunderNFT 34760 - [Smart Contract - Low] Off-by-one error in get_supported_asset","pathname":"/thundernft-or-iop/iop-_-thundernft-34760-smart-contract-low-off-by-one-error-in-get_supported_asset","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"SKebvyZJPkgn8JFWlgEc","title":"IOP _ ThunderNFT 34761 - [Smart Contract - Low] Off-by-one error in get_whitelisted_strategy","pathname":"/thundernft-or-iop/iop-_-thundernft-34761-smart-contract-low-off-by-one-error-in-get_whitelisted_strategy","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"dZakgc7GX9tOSH5Blxie","title":"IOP _ ThunderNFT 34791 - [Smart Contract - Low] Incompatibility with SRC might lead to inability of","pathname":"/thundernft-or-iop/iop-_-thundernft-34791-smart-contract-low-incompatibility-with-src-might-lead-to-inability-of-royalt","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"qFdgRFd73PbUDvrhTlZx","title":"IOP _ ThunderNFT 34800 - [Smart Contract - Critical] Improper input validation in order update funct","pathname":"/thundernft-or-iop/iop-_-thundernft-34800-smart-contract-critical-improper-input-validation-in-order-update-function-le","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"6uSYnDMYZFSAkd3KSrnx","title":"IOP _ ThunderNFT 34816 - [Smart Contract - High] users cant call update_order to update the strategy","pathname":"/thundernft-or-iop/iop-_-thundernft-34816-smart-contract-high-users-cant-call-update_order-to-update-the-strategy-which","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"o4yXhqOqIaHL3Crk8cAq","title":"IOP _ ThunderNFT 34839 - [Smart Contract - Low] Royalty Fee limit is not enforced for registered col","pathname":"/thundernft-or-iop/iop-_-thundernft-34839-smart-contract-low-royalty-fee-limit-is-not-enforced-for-registered-collectio","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"9yWGmimheldckMkFPkTX","title":"IOP _ ThunderNFT 34848 - [Smart Contract - Low] Incorrect verification of deposit asset leads to cre","pathname":"/thundernft-or-iop/iop-_-thundernft-34848-smart-contract-low-incorrect-verification-of-deposit-asset-leads-to-creation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"IcyMuohTGyAbMlhtOjil","title":"IOP _ ThunderNFT 34906 - [Smart Contract - Low] Existing Sell order can be executed despite payment","pathname":"/thundernft-or-iop/iop-_-thundernft-34906-smart-contract-low-existing-sell-order-can-be-executed-despite-payment-asset","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"8jZPYL23rQWEomq8R0x9","title":"IOP _ ThunderNFT 34930 - [Smart Contract - Critical] User can only trade token when ERC is used","pathname":"/thundernft-or-iop/iop-_-thundernft-34930-smart-contract-critical-user-can-only-trade-token-when-erc-is-used","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"jLrZLBgk4i0xOvDl9N2U","title":"IOP _ ThunderNFT 34934 - [Smart Contract - Critical] thunder_exchangeupdate_order can be abused to s","pathname":"/thundernft-or-iop/iop-_-thundernft-34934-smart-contract-critical-thunder_exchangeupdate_order-can-be-abused-to-steal-e","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"iCRovjq7AFGxv05vzFrK","title":"IOP _ ThunderNFT 34943 - [Smart Contract - High] User cant withdraw asset from pool after asset_mana","pathname":"/thundernft-or-iop/iop-_-thundernft-34943-smart-contract-high-user-cant-withdraw-asset-from-pool-after-asset_managerrem","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"PlFZzCLddhz9PKMT2iIu","title":"IOP _ ThunderNFT 34949 - [Smart Contract - Critical] Missing proper validation when updating order","pathname":"/thundernft-or-iop/iop-_-thundernft-34949-smart-contract-critical-missing-proper-validation-when-updating-order","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"yoQTNjhfb06gGgeHWxQW","title":"IOP _ ThunderNFT 34955 - [Smart Contract - Critical] Nfts of type may be stolen by updating an order","pathname":"/thundernft-or-iop/iop-_-thundernft-34955-smart-contract-critical-nfts-of-type-may-be-stolen-by-updating-an-orders-amou","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"zSEHTDSZHBQcpseyjY5G","title":"IOP _ ThunderNFT 34957 - [Smart Contract - Critical] executionResults always returns an amount of le","pathname":"/thundernft-or-iop/iop-_-thundernft-34957-smart-contract-critical-executionresults-always-returns-an-amount-of-leading","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"yt9XhorZcSOueM380fBb","title":"IOP _ ThunderNFT 34958 - [Smart Contract - Critical] Incorrect Setting of Amount in ExecutionResult","pathname":"/thundernft-or-iop/iop-_-thundernft-34958-smart-contract-critical-incorrect-setting-of-amount-in-executionresult","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"uEUIpT48RFVRyzcx7hFT","title":"IOP _ ThunderNFT 34962 - [Smart Contract - Low] tranfer_from function have critical issue which lead","pathname":"/thundernft-or-iop/iop-_-thundernft-34962-smart-contract-low-tranfer_from-function-have-critical-issue-which-lead-to-do","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"WinyCrAJaY9vjxSxTxti","title":"IOP _ ThunderNFT 34963 - [Smart Contract - Insight] Invalid orders persist in storage maps with no i","pathname":"/thundernft-or-iop/iop-_-thundernft-34963-smart-contract-insight-invalid-orders-persist-in-storage-maps-with-no-indicat","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"LdiAZqayxm7M7aqVf5uQ","title":"IOP _ ThunderNFT 34964 - [Smart Contract - Low] Faulty Index out of Bounds","pathname":"/thundernft-or-iop/iop-_-thundernft-34964-smart-contract-low-faulty-index-out-of-bounds","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"nnQKtOKiKEpyDQgxzZ3R","title":"IOP _ ThunderNFT 34966 - [Smart Contract - High] Royalty or protocol fee of will DoS executing order","pathname":"/thundernft-or-iop/iop-_-thundernft-34966-smart-contract-high-royalty-or-protocol-fee-of-will-dos-executing-orders-in-t","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"YGafHgbJsLy0RH7QX7hG","title":"IOP _ ThunderNFT 34967 - [Smart Contract - Insight] Insights Report","pathname":"/thundernft-or-iop/iop-_-thundernft-34967-smart-contract-insight-insights-report","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"hDDSgnaQv0MnaCTz4p7b","title":"IOP _ ThunderNFT 34973 - [Smart Contract - Low] royalty_managerregister_royalty_info might not work","pathname":"/thundernft-or-iop/iop-_-thundernft-34973-smart-contract-low-royalty_managerregister_royalty_info-might-not-work-in-som","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"PO4FYelKmJa211qDfKAp","title":"IOP _ ThunderNFT 34975 - [Smart Contract - Low] Read out of index","pathname":"/thundernft-or-iop/iop-_-thundernft-34975-smart-contract-low-read-out-of-index","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"mdssIHCGpvrlEC0jdK2Q","title":"IOP _ ThunderNFT 34980 - [Smart Contract - Critical] Order side manipulation can lead to theft of NF","pathname":"/thundernft-or-iop/iop-_-thundernft-34980-smart-contract-critical-order-side-manipulation-can-lead-to-theft-of-nfts","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ThunderNFT | IOP"}]},{"id":"Pgqz4J8unktV4ygCe6Pr","title":"ZeroLend","pathname":"/zerolend","siteSpaceId":"sitesp_stpzW","description":""},{"id":"4nulQGpiGadgmQW1HBfR","title":"28875 - [SC - Medium] Unauthorized minting of vested NFTs","pathname":"/zerolend/28875-sc-medium-unauthorized-minting-of-vested-nfts","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"Grk6UN6DJUNjVXw37cJM","title":"28885 - [SC - Medium] Lack of check for Lockend in merge LockerToken ...","pathname":"/zerolend/28885-sc-medium-lack-of-check-for-lockend-in-merge-lockertoken-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"UbJaPqNQmNEXmpIRkg7E","title":"28892 - [SC - Medium] ZeroLockermerge can make a voting lock last lon...","pathname":"/zerolend/28892-sc-medium-zerolockermerge-can-make-a-voting-lock-last-lon...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"oLDwLZixRLz2C7XicNW7","title":"28910 - [SC - High] Bool check wrong in registerGauge","pathname":"/zerolend/28910-sc-high-bool-check-wrong-in-registergauge","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"iRFMbfwBKtL061afbOS2","title":"28912 - [SC - Critical] Attackers can control the vote result and ampli...","pathname":"/zerolend/28912-sc-critical-attackers-can-control-the-vote-result-and-ampli...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"R4g93TRGluFwLuacPQT9","title":"28938 - [SC - Medium] Attacker can invalidate users supplyWithPermit ...","pathname":"/zerolend/28938-sc-medium-attacker-can-invalidate-users-supplywithpermit-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"mmC3LydrlNBcsBIAX7yZ","title":"28943 - [SC - Medium] DoS when user want to supply repay asset using...","pathname":"/zerolend/28943-sc-medium-dos-when-user-want-to-supply-repay-asset-using...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"BYWHubb3az97cIDpJzrs","title":"28955 - [SC - High] Malicious user can transfer all unclaimed rewar...","pathname":"/zerolend/28955-sc-high-malicious-user-can-transfer-all-unclaimed-rewar...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"DHhpn7LqV6hWbQakDv55","title":"28970 - [SC - Medium] Attacker can grief a user by making his supplyW...","pathname":"/zerolend/28970-sc-medium-attacker-can-grief-a-user-by-making-his-supplyw...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"KrzU0u1Vfa7PbtFV4Qwp","title":"28987 - [SC - Medium] Manipulation of governance is possible by minti...","pathname":"/zerolend/28987-sc-medium-manipulation-of-governance-is-possible-by-minti...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"zw8T2RTSOiknJPYR4KBa","title":"28988 - [SC - High] Mechanism for distributing extra reward tokens ...","pathname":"/zerolend/28988-sc-high-mechanism-for-distributing-extra-reward-tokens-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"F83u8Uq30PyTeieJCcix","title":"28992 - [SC - High] Permanent freezing of additional reward tokens","pathname":"/zerolend/28992-sc-high-permanent-freezing-of-additional-reward-tokens","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"lB2TlrNOlqbTw4Vhz2TY","title":"29012 - [SC - High] Votes manipulation in PoolVoter","pathname":"/zerolend/29012-sc-high-votes-manipulation-in-poolvoter","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"FI4o22F1OFI0rpVPBs3y","title":"29019 - [SC - High] The ZeroLendToken contract in the Governance mo...","pathname":"/zerolend/29019-sc-high-the-zerolendtoken-contract-in-the-governance-mo...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"cpKZqRikk74oef0IwELi","title":"29026 - [SC - High] Hackers can steal the unclaimed yield to get th...","pathname":"/zerolend/29026-sc-high-hackers-can-steal-the-unclaimed-yield-to-get-th...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"u780x86c8EJjX7OXLaNH","title":"29031 - [SC - Critical] VestedZeroNFT tokens can be directly stolen thr...","pathname":"/zerolend/29031-sc-critical-vestedzeronft-tokens-can-be-directly-stolen-thr...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"OUHIjl3yozTNj5KjN1qT","title":"29047 - [SC - Insight] Reward is lost when totalSupply","pathname":"/zerolend/29047-sc-insight-reward-is-lost-when-totalsupply","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"SxvQDIDsWJErh3gMVHUJ","title":"29052 - [SC - Medium] Pool funds could be locked due to Division by zero","pathname":"/zerolend/29052-sc-medium-pool-funds-could-be-locked-due-to-division-by-zero","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"96Gf3McCRMSgSymrsyyC","title":"29059 - [SC - Medium] Race condition in StakingBonus will result in s...","pathname":"/zerolend/29059-sc-medium-race-condition-in-stakingbonus-will-result-in-s...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"wQciIk4kU0LF7fxi6rSl","title":"29062 - [SC - Critical] Attacker can steal locked balance of staked nft...","pathname":"/zerolend/29062-sc-critical-attacker-can-steal-locked-balance-of-staked-nft...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"mH78hrBIl53Bx6b04MDH","title":"29068 - [SC - Medium] AaveOracle contract does not verify price stale...","pathname":"/zerolend/29068-sc-medium-aaveoracle-contract-does-not-verify-price-stale...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"tUbn9b7qMBy0eNZXcLlg","title":"29069 - [SC - Medium] Ability to deny users from repaying and supplyi...","pathname":"/zerolend/29069-sc-medium-ability-to-deny-users-from-repaying-and-supplyi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"UQ5YK9Nm4WdyPwLdjpKt","title":"29078 - [SC - High] Theft of unclaimed yield due to the wrong calcu...","pathname":"/zerolend/29078-sc-high-theft-of-unclaimed-yield-due-to-the-wrong-calcu...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"SgWT4jZVKGOA6AWB6T6T","title":"29095 - [SC - High] The lockers supply can be arbitrarily inflated ...","pathname":"/zerolend/29095-sc-high-the-lockers-supply-can-be-arbitrarily-inflated-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"dKos0An8yJd6KddQDrFA","title":"29101 - [SC - High] Staking in BaseLocker is broken","pathname":"/zerolend/29101-sc-high-staking-in-baselocker-is-broken","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"Yk524Pw8SoMVbX4kFIt7","title":"29103 - [SC - Critical] Omnichain Stakers can permanently lose access t...","pathname":"/zerolend/29103-sc-critical-omnichain-stakers-can-permanently-lose-access-t...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"1WdMtta0ra92HQ3h0ewN","title":"29120 - [SC - High] Bug in reward distribution logic leads to theft...","pathname":"/zerolend/29120-sc-high-bug-in-reward-distribution-logic-leads-to-theft...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"UXR7v1NPfRijTNmKaqr1","title":"29121 - [SC - High] Any rewards sent to the PoolVoter will be undis...","pathname":"/zerolend/29121-sc-high-any-rewards-sent-to-the-poolvoter-will-be-undis...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"z12YOuxPr6ILThQQFKEP","title":"29122 - [SC - High] All reward tokens can be stolen by an attacker ...","pathname":"/zerolend/29122-sc-high-all-reward-tokens-can-be-stolen-by-an-attacker-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"9CFxnjlasvlvHrNL2iXT","title":"29123 - [SC - Medium] Griefing attack for VestedZeroNFT","pathname":"/zerolend/29123-sc-medium-griefing-attack-for-vestedzeronft","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"6s0RYUCWQ1Ohg2H6rmbr","title":"29130 - [SC - Medium] Unlimited Minting of VestedZeroNFT","pathname":"/zerolend/29130-sc-medium-unlimited-minting-of-vestedzeronft","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"chZy1jTu5RoWSpX0EN2S","title":"29135 - [SC - Critical] OmnichainStakingsolunstakeLP and OmnichainStaki...","pathname":"/zerolend/29135-sc-critical-omnichainstakingsolunstakelp-and-omnichainstaki...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"7JbNZ8OfTyJZVdNF1fjM","title":"29137 - [SC - High] ZeroLend token is not behaving properly while c...","pathname":"/zerolend/29137-sc-high-zerolend-token-is-not-behaving-properly-while-c...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"3Grp1xYGT14RFBCMN98U","title":"29139 - [SC - Medium] Griefing attack to cause users to suffer penalt...","pathname":"/zerolend/29139-sc-medium-griefing-attack-to-cause-users-to-suffer-penalt...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"Cru6YFohbT1bC9RpuJFO","title":"29145 - [SC - High] zeroLendToken is bricked to use for whitelisted...","pathname":"/zerolend/29145-sc-high-zerolendtoken-is-bricked-to-use-for-whitelisted...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"FEwiWqrtELBpGB1FwcQz","title":"29149 - [SC - Insight] DoS in Zero Registry configuration updation","pathname":"/zerolend/29149-sc-insight-dos-in-zero-registry-configuration-updation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"iU1ZwfW0qNa7TtfDsYJL","title":"29170 - [SC - Medium] DoS by front-runnable externall call","pathname":"/zerolend/29170-sc-medium-dos-by-front-runnable-externall-call","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"N92svL0AwdK3p9mnjJ3Z","title":"29175 - [SC - Insight] Granting DEFAULT_ADMIN_ROLE to the deployer in ...","pathname":"/zerolend/29175-sc-insight-granting-default_admin_role-to-the-deployer-in-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"r1HPndffsCFb3JyEAJx2","title":"29181 - [SC - High] Tautology in PoolVoterregisterGauge makes it im...","pathname":"/zerolend/29181-sc-high-tautology-in-poolvoterregistergauge-makes-it-im...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"Y8oLxQPoeRvA2LhK0xBA","title":"29186 - [SC - Insight] ValidationLogicvalidateBorrow - L-L Incorrect i...","pathname":"/zerolend/29186-sc-insight-validationlogicvalidateborrow-l-l-incorrect-i...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"vEMnT14QsY5L0nDOQ9X3","title":"29188 - [SC - Insight] StakingBonuscalculateBonus wrongly utilizes BPS","pathname":"/zerolend/29188-sc-insight-stakingbonuscalculatebonus-wrongly-utilizes-bps","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"ntccdtjKvduZ8GGN5uwA","title":"29189 - [SC - High] ZeroLendToken doesnt allow whitelisted users to...","pathname":"/zerolend/29189-sc-high-zerolendtoken-doesnt-allow-whitelisted-users-to...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"meF17Zk7LhBBQKbujx6s","title":"29190 - [SC - Insight] Permanent freezing of up to wei of yield each ...","pathname":"/zerolend/29190-sc-insight-permanent-freezing-of-up-to-wei-of-yield-each-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"zj212Dqa4FMPHt5VMaDp","title":"29198 - [SC - Medium] Griefing attack to cause the rewards of a user ...","pathname":"/zerolend/29198-sc-medium-griefing-attack-to-cause-the-rewards-of-a-user-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"S7f3bpPc1PMiy6aKqjVM","title":"29204 - [SC - Critical] Direct theft of Users VestedZeroNFT by using sp...","pathname":"/zerolend/29204-sc-critical-direct-theft-of-users-vestedzeronft-by-using-sp...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"zoUfjTJTs6sDgCeHvM7W","title":"29211 - [SC - Critical] Voting manipulation cause by the possibility to...","pathname":"/zerolend/29211-sc-critical-voting-manipulation-cause-by-the-possibility-to...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"uN3TDSaC2XrTHfQPkEYL","title":"29213 - [SC - High] The function always revert if _stakeNFT True d...","pathname":"/zerolend/29213-sc-high-the-function-always-revert-if-_stakenft-true-d...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"LpddpN5dFRepkkv735ha","title":"29225 - [SC - Insight] EarlyZEROVesting is having a rounding issue and...","pathname":"/zerolend/29225-sc-insight-earlyzerovesting-is-having-a-rounding-issue-and...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"s4XPT4ZZ6GTS3X0LHRaz","title":"29244 - [SC - Insight] Using permit inside the function can lead to Do...","pathname":"/zerolend/29244-sc-insight-using-permit-inside-the-function-can-lead-to-do...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"HS9fv5wQev8HfqjDyPrK","title":"29249 - [SC - Insight] Using permit inside the function can lead to Do...","pathname":"/zerolend/29249-sc-insight-using-permit-inside-the-function-can-lead-to-do...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"eVkwu35gPHvyEU2OgCjW","title":"29262 - [SC - Insight] Some users can get more rewards than others whi...","pathname":"/zerolend/29262-sc-insight-some-users-can-get-more-rewards-than-others-whi...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"007uPIPUVDZhSDr2xxsW","title":"29267 - [SC - High] Wrong implementation causing some functions in ...","pathname":"/zerolend/29267-sc-high-wrong-implementation-causing-some-functions-in-...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"a14j7T1yoFrXTuD1tHB2","title":"29270 - [SC - High] The main functionality of the contract EarlyZER...","pathname":"/zerolend/29270-sc-high-the-main-functionality-of-the-contract-earlyzer...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"qBVL7vygUi3HNZ5grzQk","title":"29286 - [SC - Medium] MultiSigWalletremoveOwner - L The bug allows th...","pathname":"/zerolend/29286-sc-medium-multisigwalletremoveowner-l-the-bug-allows-th...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"HwFckjPoAPW7qxgOkRrU","title":"29288 - [SC - Critical] all NFTs can be stolen by calling VestedZeroNFT...","pathname":"/zerolend/29288-sc-critical-all-nfts-can-be-stolen-by-calling-vestedzeronft...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"eFofabhoVYi416Nqqz0k","title":"29322 - [SC - Insight] Use safeTransfer instead of transfer","pathname":"/zerolend/29322-sc-insight-use-safetransfer-instead-of-transfer","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"lQyldTsneIPoqDBIP2uh","title":"29328 - [SC - Insight] zkSync ACLManager EOA as EMERGENCY_ADMIN","pathname":"/zerolend/29328-sc-insight-zksync-aclmanager-eoa-as-emergency_admin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"QIPO2FNssFLuqNJflseW","title":"29329 - [SC - Insight] Manta ACLManager EOA as EMERGENCY_ADMIN","pathname":"/zerolend/29329-sc-insight-manta-aclmanager-eoa-as-emergency_admin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"1DzmYSMuMtQPhu8zZMmC","title":"29331 - [SC - Insight] Manta ACLManager EOA as RISK_ADMIN","pathname":"/zerolend/29331-sc-insight-manta-aclmanager-eoa-as-risk_admin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"8e16FbupfFJOdYJ7DB4e","title":"29332 - [SC - Insight] Manta ReservesSetupHelper EOA as owner","pathname":"/zerolend/29332-sc-insight-manta-reservessetuphelper-eoa-as-owner","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"lfTqXlE73WyaeHPyJXqj","title":"29342 - [SC - Insight] Lack of chainID validation allows reuse of sign...","pathname":"/zerolend/29342-sc-insight-lack-of-chainid-validation-allows-reuse-of-sign...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"K5ezAlqtDlq4aKONo1vo","title":"29344 - [SC - Insight] Price assets deposited manipulation","pathname":"/zerolend/29344-sc-insight-price-assets-deposited-manipulation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"ZeroLend"}]},{"id":"ZZurnDD2RLEAhuPIzKUO","title":"Swaylend | IOP","pathname":"/swaylend_iop","siteSpaceId":"sitesp_stpzW","description":""},{"id":"drySoxm6bf8o5wkJJd5f","title":"#35853 [SC-Medium] permissonless constructor always for front-running owner initialization.","pathname":"/swaylend_iop/35853-sc-medium-permissonless-constructor-always-for-front-running-owner-initialization.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"Ur9TD9Uu83eZ5Af7qqn8","title":"#36034 [SC-Medium] truncation in the `present_value_borrow()` can lead to loss of accrued borrow int","pathname":"/swaylend_iop/36034-sc-medium-truncation-in-the-present_value_borrow-can-lead-to-loss-of-accrued-borrow-interests.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"8Z5JoMbpdgzB3zKzTKIn","title":"#35908 [SC-Low] If the collateral token''s decimal is <= the base token decimal in a market, `collat","pathname":"/swaylend_iop/35908-sc-low-if-the-collateral-token-s-decimal-is-less-than-the-base-token-decimal-in-a-market-colla","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"GufmhbVgbSITcElIALlt","title":"#35732 [SC-Low] Withdrawals can not be paused which could lead to protocol insolvency in case of iss","pathname":"/swaylend_iop/35732-sc-low-withdrawals-can-not-be-paused-which-could-lead-to-protocol-insolvency-in-case-of-issues","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"Gr1GcHnkKmLLAg6WwLPK","title":"#35768 [SC-Insight] `Market.set_pyth_contract_id` should emit an event","pathname":"/swaylend_iop/35768-sc-insight-market.set_pyth_contract_id-should-emit-an-event","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"Wc9DZT1QkTcVEaXCbUb5","title":"#35831 [SC-High] By bypassing base_borrow_min limitation borrows can create inabsorbable loans","pathname":"/swaylend_iop/35831-sc-high-by-bypassing-base_borrow_min-limitation-borrows-can-create-inabsorbable-loans","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"MtG0bHi7eR1IJw6dZH0v","title":"#35684 [SC-Critical] Incorrect Pyth Oracle Price Feed Process Leads to Wrong Collateral Value Calcul","pathname":"/swaylend_iop/35684-sc-critical-incorrect-pyth-oracle-price-feed-process-leads-to-wrong-collateral-value-calculati","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"DmyAbNkUEHFId0BHpfwZ","title":"#36158 [SC-Low] `Market.collateral_value_to_sell` will always revert if collateral_configuration","pathname":"/swaylend_iop/36158-sc-low-market.collateral_value_to_sell-will-always-revert-if-collateral_configuration","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"EYU5fa1x5VgHBLBmitMO","title":"#36138 [SC-Insight] `Market.update_collateral_asset` should reuse old configuration's `asset_id`","pathname":"/swaylend_iop/36138-sc-insight-market.update_collateral_asset-should-reuse-old-configurations-asset_id","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"UtNpAs175lZlUq7ZamPu","title":"#36137 [SC-Medium] `absorb_internal` might be DOSed","pathname":"/swaylend_iop/36137-sc-medium-absorb_internal-might-be-dosed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"KRgDWki5WUDwrdQE0UQ1","title":"#36117 [SC-High] Permanent freezing of tokens when user sends extra tokens as update fee","pathname":"/swaylend_iop/36117-sc-high-permanent-freezing-of-tokens-when-user-sends-extra-tokens-as-update-fee","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"HNozg6gKi6YY3FPTAxmh","title":"#36108 [SC-Insight] `recipient` with a NULL address will lead to permanent loss of minted coins","pathname":"/swaylend_iop/36108-sc-insight-recipient-with-a-null-address-will-lead-to-permanent-loss-of-minted-coins","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"k4G23BDENUHhm40Z82tw","title":"#35724 [SC-Low] Users can withdraw collateral even when the admin pauses the contract.","pathname":"/swaylend_iop/35724-sc-low-users-can-withdraw-collateral-even-when-the-admin-pauses-the-contract.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"DXX9DCNFqThCj64KUw0l","title":"#36065 [SC-Insight] `Market.update_market_configuration` should reuse old configuration's `base_toke","pathname":"/swaylend_iop/36065-sc-insight-market.update_market_configuration-should-reuse-old-configurations-base_token.decim","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"jYN1aTQllV2rKXZIWCwb","title":"#35815 [SC-Medium] `Market.present_value_borrow` should be roundUp","pathname":"/swaylend_iop/35815-sc-medium-market.present_value_borrow-should-be-roundup","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"CsKtc6abxHZuI7VnEjCH","title":"#35760 [SC-Low] `market::available_to_borrow()` compares the collateral in USD against the borrow in","pathname":"/swaylend_iop/35760-sc-low-market-available_to_borrow-compares-the-collateral-in-usd-against-the-borrow-in-base-un","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"0BORzEjz5tMrGeK8POV1","title":"#35758 [SC-Critical] Loss of yield to the protocol due to incorrect interest rate applied","pathname":"/swaylend_iop/35758-sc-critical-loss-of-yield-to-the-protocol-due-to-incorrect-interest-rate-applied","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"FZRa0O6lvf4O6AcHvnHa","title":"#35999 [SC-Insight] Incorrect event name","pathname":"/swaylend_iop/35999-sc-insight-incorrect-event-name","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"8eCIuvAdLLsp6yFf4AQQ","title":"#35750 [SC-High] User loss due to Pyth oracle update fee being smaller than the msg amount sent","pathname":"/swaylend_iop/35750-sc-high-user-loss-due-to-pyth-oracle-update-fee-being-smaller-than-the-msg-amount-sent","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"S3ZgGZVryxEYBqVNizkw","title":"#35794 [SC-Insight] `Market.absorb` can be called when `Market.supply_collateral` is paused","pathname":"/swaylend_iop/35794-sc-insight-market.absorb-can-be-called-when-market.supply_collateral-is-paused","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"hoY8ZEVg5DOXLo9ibEY8","title":"#35767 [SC-Critical] constanct value is used to check `price.confidence`","pathname":"/swaylend_iop/35767-sc-critical-constanct-value-is-used-to-check-price.confidence","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"SvZdT6SYfaHQxINYOkzO","title":"#35876 [SC-High] Users will lose funds on calls to critical functions if the prices are not updated","pathname":"/swaylend_iop/35876-sc-high-users-will-lose-funds-on-calls-to-critical-functions-if-the-prices-are-not-updated","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"lHOMEJxuG73moA4UvzQY","title":"#35793 [SC-High] `src-20.burn` should use \"==\" instead of \">=\"","pathname":"/swaylend_iop/35793-sc-high-src-20.burn-should-use-instead-of-greater-than","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"EgL6AmX0dfHyinyDGK9P","title":"#35761 [SC-Low] Unhandled smaller base decimals than 6 or bigger than the collateral's decimals","pathname":"/swaylend_iop/35761-sc-low-unhandled-smaller-base-decimals-than-6-or-bigger-than-the-collaterals-decimals","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"Uzu5kafmVTACWxqS7SQf","title":"#35708 [SC-Insight] Adding too many collaterals will halt the protocol operation","pathname":"/swaylend_iop/35708-sc-insight-adding-too-many-collaterals-will-halt-the-protocol-operation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Swaylend | IOP"}]},{"id":"zVcRAsy21Pfm1hT4r7gD","title":"Acre","pathname":"/acre","siteSpaceId":"sitesp_stpzW","description":""},{"id":"HI0ft1WuNzF5ITUj4OQg","title":"#34836 [SC-Medium] Malicious party can make it impossible for debt to be completely repaid by donati","pathname":"/acre/34836-sc-medium-malicious-party-can-make-it-impossible-for-debt-to-be-completely-repaid-by-donating","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"ijrp6aH4cIKt0HBVS8Ng","title":"#34959 [SC-Low] `mintDebt` returns a wrong value","pathname":"/acre/34959-sc-low-mintdebt-returns-a-wrong-value","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"ipc5nSrMQrJVSeS6Ib88","title":"#35014 [SC-Low] incorrect rounding in mintdebt function might allow minimal shares dilution","pathname":"/acre/35014-sc-low-incorrect-rounding-in-mintdebt-function-might-allow-minimal-shares-dilution","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"6y2tCBANISK24NW3ySUQ","title":"#34978 [SC-Low] protocol runs insolvent due to incorrect reliance on depositbalance which doesn t ma","pathname":"/acre/34978-sc-low-protocol-runs-insolvent-due-to-incorrect-reliance-on-depositbalance-which-doesn-t-match","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"CtIYSD30jgAf7QelvXnp","title":"#35026 [SC-Low] `repayDebt` in stbtc returns a worng value","pathname":"/acre/35026-sc-low-repaydebt-in-stbtc-returns-a-worng-value","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"alhAKtNwhPfSwdIbqdwt","title":"#34995 [SC-Low] `mintDebt()` and `repayDebt()` should return `assets` and not `shares`","pathname":"/acre/34995-sc-low-mintdebt-and-repaydebt-should-return-assets-and-not-shares","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"zjvMHRof8dEjgLMNKqkv","title":"#34712 [SC-Medium] Malicious users can block repay debt transactions with no cost","pathname":"/acre/34712-sc-medium-malicious-users-can-block-repay-debt-transactions-with-no-cost","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"rn9jeK5PD8VoOcuFUvzx","title":"#34998 [SC-Insight] Deposited assets in an old dispatcher may be lost when swapping to a new dispatc","pathname":"/acre/34998-sc-insight-deposited-assets-in-an-old-dispatcher-may-be-lost-when-swapping-to-a-new-dispatcher","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"sd1XyMHxhhcn1qXegaGc","title":"#34672 [SC-Low] Protocol runs insolvent due to incorrect reliance on depositBalance which doesn't ma","pathname":"/acre/34672-sc-low-protocol-runs-insolvent-due-to-incorrect-reliance-on-depositbalance-which-doesnt-match","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"U2EfWKxlj1C4ysIlEwkA","title":"#34999 [SC-Low] The tBTC in the MezoAllocator itself is not considered in the withdrawal function","pathname":"/acre/34999-sc-low-the-tbtc-in-the-mezoallocator-itself-is-not-considered-in-the-withdrawal-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"orKBmv3aG28GdmWl6b57","title":"#34748 [SC-Low] Last withdrawer can be prevented from withdrawing their assets","pathname":"/acre/34748-sc-low-last-withdrawer-can-be-prevented-from-withdrawing-their-assets","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"oPJBMMuDRtHQg5h73pgR","title":"#34729 [SC-Low] `releaseDeposit` will likely fail, putting funds in MezoAllocator at risk of being p","pathname":"/acre/34729-sc-low-releasedeposit-will-likely-fail-putting-funds-in-mezoallocator-at-risk-of-being-permane","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"n0ctrDDgaG0mXw6AyO8v","title":"#34851 [SC-Low] Adversary can freeze users' fund in stBTC using donation attack on MezoAllocator","pathname":"/acre/34851-sc-low-adversary-can-freeze-users-fund-in-stbtc-using-donation-attack-on-mezoallocator","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Acre"}]},{"id":"nKvEkjaJ6fLgmAR6NKn2","title":"Shardeum Core II","pathname":"/shardeum-core-ii","siteSpaceId":"sitesp_stpzW","description":""},{"id":"UD2tdNvvtySVmnTwGvaW","title":"#36029 [BC-Insight] Node.js crash on counterMap overflow","pathname":"/shardeum-core-ii/36029-bc-insight-node.js-crash-on-countermap-overflow","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"tXqeGg1tRs3T9rR6W2M5","title":"#35696 [BC-Critical] Specifically crafted penalty TX may cause total network shutdown.","pathname":"/shardeum-core-ii/35696-bc-critical-specifically-crafted-penalty-tx-may-cause-total-network-shutdown.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"XY0jOhBuZXgXRposyNlG","title":"#35694 [BC-Critical] Consensus can be bypassed by single validator node from transaction execution g","pathname":"/shardeum-core-ii/35694-bc-critical-consensus-can-be-bypassed-by-single-validator-node-from-transaction-execution-grou","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"dUdTMAXxn0GtdhFnHobL","title":"#35601 [BC-Critical] Consensus algorithm doesn't deduplicate votes, allowing a malicious validator t","pathname":"/shardeum-core-ii/35601-bc-critical-consensus-algorithm-doesnt-deduplicate-votes-allowing-a-malicious-validator-to-com","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"PZ4UN58uA9Tc7JE7Y7hT","title":"#35695 [BC-Critical] validateTxnFields check for internal transactions can be bypassed","pathname":"/shardeum-core-ii/35695-bc-critical-validatetxnfields-check-for-internal-transactions-can-be-bypassed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"LaCqlroDbXW6H2oAq5JJ","title":"#35531 [BC-Critical] Absence of signature deduplication for receipt in the binary_repair_oos_account","pathname":"/shardeum-core-ii/35531-bc-critical-absence-of-signature-deduplication-for-receipt-in-the-binary_repair_oos_accounts-p","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"0ZMTHvkrhF5JKbxXQCTM","title":"#36024 [BC-Insight] Use of Vulnerable function results in prediction of archivers","pathname":"/shardeum-core-ii/36024-bc-insight-use-of-vulnerable-function-results-in-prediction-of-archivers","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"bKdAj3NkabHuHALjCQHO","title":"#35965 [BC-Insight] Unverified data in safety sync","pathname":"/shardeum-core-ii/35965-bc-insight-unverified-data-in-safety-sync","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"XZtKE72JM8iXOnmqCMfe","title":"#35707 [BC-Critical] Reusing old transaction receipt to rollback account balance","pathname":"/shardeum-core-ii/35707-bc-critical-reusing-old-transaction-receipt-to-rollback-account-balance","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"B7AOqg9UbEr5MhNyGhKP","title":"#35415 [BC-Insight] [Informational] debugMiddleware query parameters can be partially modified by re","pathname":"/shardeum-core-ii/35415-bc-insight-informational-debugmiddleware-query-parameters-can-be-partially-modified-by-request","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"hhrYk1sNBmCOVP09Cv0V","title":"#35839 [BC-Critical] Slash avoidance: Ineffective controls on unstaking allow unstaking before takin","pathname":"/shardeum-core-ii/35839-bc-critical-slash-avoidance-ineffective-controls-on-unstaking-allow-unstaking-before-taking-an","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"bD3LvJLTWsrOH8RBFX61","title":"#35526 [BC-Critical] An attacker can change the account balance after the transaction has been proce","pathname":"/shardeum-core-ii/35526-bc-critical-an-attacker-can-change-the-account-balance-after-the-transaction-has-been-processe","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"9A2JgvKbH2KxLjwkvYgw","title":"#35641 [BC-Insight] node p2p remote denial of service","pathname":"/shardeum-core-ii/35641-bc-insight-node-p2p-remote-denial-of-service","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"3wFlCoKajVBY8ouCYDWO","title":"#35697 [BC-Insight] [Informational] Code logic contains potential risk of full network shutdown","pathname":"/shardeum-core-ii/35697-bc-insight-informational-code-logic-contains-potential-risk-of-full-network-shutdown","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"PInk0wA4BEsxjWJKo8vT","title":"#35710 [BC-Insight] addressToPartition input is unsanitized, allowing to take whole network down","pathname":"/shardeum-core-ii/35710-bc-insight-addresstopartition-input-is-unsanitized-allowing-to-take-whole-network-down","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Core II"}]},{"id":"PbhNqSlQNlvWdm4cxsqc","title":"Shardeum Ancillaries II","pathname":"/shardeum-ancillaries-ii","siteSpaceId":"sitesp_stpzW","description":""},{"id":"57rj1hx15K6vNUJYGWhW","title":"#35598 [W&A-Insight] Access to debug endpoints without any protection","pathname":"/shardeum-ancillaries-ii/35598-w-and-a-insight-access-to-debug-endpoints-without-any-protection","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"raHkhcfUWmZSRM4hbdgY","title":"#35351 [W&A-Insight] Password Length Bypass in Shardeum Authentication System","pathname":"/shardeum-ancillaries-ii/35351-w-and-a-insight-password-length-bypass-in-shardeum-authentication-system","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"rmc91BIf2nENeWZv3YXq","title":"#35537 [W&A-Insight] json rpc server websocket remote crash","pathname":"/shardeum-ancillaries-ii/35537-w-and-a-insight-json-rpc-server-websocket-remote-crash","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"4mJoxfHtWTFISjnAe2Fx","title":"#35996 [W&A-Insight] malicious explorer can cause denial of service in json rpc server and even cras","pathname":"/shardeum-ancillaries-ii/35996-w-and-a-insight-malicious-explorer-can-cause-denial-of-service-in-json-rpc-server-and-even-cra","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"MI0BJ5rKJMatXS1AuBrN","title":"#35979 [W&A-High] malicious archiver malicious validator can overwrite data on any active archiver","pathname":"/shardeum-ancillaries-ii/35979-w-and-a-high-malicious-archiver-malicious-validator-can-overwrite-data-on-any-active-archiver","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"zGiLlzcz1UjeYJ75O2TN","title":"#36025 [W&A-Critical] A malicious validator can overwrite the account data of any archive server con","pathname":"/shardeum-ancillaries-ii/36025-w-and-a-critical-a-malicious-validator-can-overwrite-the-account-data-of-any-archive-server-co","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"myG54bbtsZ6OJsdLfIfu","title":"#35452 [W&A-High] Admin Panel Accessed","pathname":"/shardeum-ancillaries-ii/35452-w-and-a-high-admin-panel-accessed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"D0mhDuu110YtT34xxb6L","title":"#36005 [W&A-Insight] Reflected URL Manipulation and Phishing Risk","pathname":"/shardeum-ancillaries-ii/36005-w-and-a-insight-reflected-url-manipulation-and-phishing-risk","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"gv2vHEeIvcK9d7flYIhe","title":"#35972 [W&A-Insight] Operator-GUI Weak JWT Token Generation Led To Generate same JWT Tokens Even if","pathname":"/shardeum-ancillaries-ii/35972-w-and-a-insight-operator-gui-weak-jwt-token-generation-led-to-generate-same-jwt-tokens-even-if","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"tROpYqfSe30NiGTCNKnH","title":"#35447 [W&A-High] Zero Click Full Account Takeover","pathname":"/shardeum-ancillaries-ii/35447-w-and-a-high-zero-click-full-account-takeover","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"CcxNf4rMKSFSacb8R85H","title":"#35446 [W&A-Insight] IDOR Able to change other user information","pathname":"/shardeum-ancillaries-ii/35446-w-and-a-insight-idor-able-to-change-other-user-information","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"oxekYo8CMZBV07uxV2ih","title":"#35903 [W&A-High] SQL Injection Allows a Malicious Archiver to Overwrite Receipt/originalTxData Data","pathname":"/shardeum-ancillaries-ii/35903-w-and-a-high-sql-injection-allows-a-malicious-archiver-to-overwrite-receipt-originaltxdata-dat","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"aqrz8QFSBT0XTFb1gpT1","title":"#35824 [W&A-Medium] `/set-config` replay attack is possible in production mode after archiver restar","pathname":"/shardeum-ancillaries-ii/35824-w-and-a-medium-set-config-replay-attack-is-possible-in-production-mode-after-archiver-restart","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"3SrDfNDoTyNVTgoOdM1Y","title":"#35157 [W&A-Insight] Unauthorized Access to Shardeum Config Store using default credentials","pathname":"/shardeum-ancillaries-ii/35157-w-and-a-insight-unauthorized-access-to-shardeum-config-store-using-default-credentials","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"UaIHnOYYxFGES52ChOl9","title":"#35709 [W&A-Critical] Potential DoS of archiver-server during network restoration via get_account_da","pathname":"/shardeum-ancillaries-ii/35709-w-and-a-critical-potential-dos-of-archiver-server-during-network-restoration-via-get_account_d","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"3jyPZkJ6vwBWs7JSSC9r","title":"#35534 [W&A-Insight] json rpc server remote crash","pathname":"/shardeum-ancillaries-ii/35534-w-and-a-insight-json-rpc-server-remote-crash","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries II"}]},{"id":"e8X8GvAnzyjYuGW2MCVE","title":"Anvil","pathname":"/anvil","siteSpaceId":"sitesp_stpzW","description":""},{"id":"H9XJHjCxZ6P3ZGapkKMH","title":"#36303 [SC-Medium] attackers can cause griefing attack to cause stake transactions of timebasedcolla","pathname":"/anvil/36303-sc-medium-attackers-can-cause-griefing-attack-to-cause-stake-transactions-of-timebasedcolla","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"w0mCyay7W3caFygyg8rz","title":"#36501 [SC-Medium] Signature Front-Running Vulnerability in CollateralVault","pathname":"/anvil/36501-sc-medium-signature-front-running-vulnerability-in-collateralvault","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"sd7D32puCPSUyILLJcC2","title":"#36268 [SC-Medium] stake with signature can be front-run lead to user's stake failed","pathname":"/anvil/36268-sc-medium-stake-with-signature-can-be-front-run-lead-to-users-stake-failed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"zKnT9cxinEK1wIqGuWC3","title":"#36267 [SC-Insight] tokens can be stuck forever in uniswapliquidator because function retrievetokens","pathname":"/anvil/36267-sc-insight-tokens-can-be-stuck-forever-in-uniswapliquidator-because-function-retrievetokens","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"bVMgNTJGwNoN4qvR9Umw","title":"#36136 [SC-Insight] Fee calculation error in withdraw function of collateralVault contract","pathname":"/anvil/36136-sc-insight-fee-calculation-error-in-withdraw-function-of-collateralvault-contract","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"a8Iw9KFJQJJamaWsgU3z","title":"#36092 [SC-Insight] Collateralizable Contracts May Retain Status Unconditionally","pathname":"/anvil/36092-sc-insight-collateralizable-contracts-may-retain-status-unconditionally","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"IsYGg8tcg2MLHXVHwV1y","title":"#36540 [SC-Insight] users can withdraw funds at incorrect fee rate","pathname":"/anvil/36540-sc-insight-users-can-withdraw-funds-at-incorrect-fee-rate","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"iVIJf3nstcQiRU7JnMom","title":"#36567 [SC-Insight] Anyone can cancel anyone's LOC","pathname":"/anvil/36567-sc-insight-anyone-can-cancel-anyones-loc","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"uJZzOxK5Es4tQnmNSJAo","title":"#36554 [SC-Critical] Time Based Collateral Pool Users can release more than their due share of the p","pathname":"/anvil/36554-sc-critical-time-based-collateral-pool-users-can-release-more-than-their-due-share-of-the-pool","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"797lDXFSuAdXZCAlCLsd","title":"#36552 [SC-Medium] DoS for the user's calling `stake` and `stakeReleasableTokensFrom` function","pathname":"/anvil/36552-sc-medium-dos-for-the-users-calling-stake-and-stakereleasabletokensfrom-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"DYSTjdei0hkSXt0uNQDE","title":"#36532 [SC-Medium] Frontrun to invalidate collateralizable approval signature","pathname":"/anvil/36532-sc-medium-frontrun-to-invalidate-collateralizable-approval-signature","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"a2yZwtkv9zyheeghGapu","title":"#36306 [SC-Insight] Incorrect nonce value emitted in `TimeBasedCollateralPool::_resetPool` event","pathname":"/anvil/36306-sc-insight-incorrect-nonce-value-emitted-in-timebasedcollateralpool-_resetpool-event","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"GNsrS0g8osdhtzwVN1pN","title":"#36475 [SC-Medium] Token allowance signature can be front-run","pathname":"/anvil/36475-sc-medium-token-allowance-signature-can-be-front-run","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"odLqAJkPfI4Ggkjx5eW4","title":"#36450 [SC-Low] contract timebasedcollateralpool will be unable to process new user transactions","pathname":"/anvil/36450-sc-low-contract-timebasedcollateralpool-will-be-unable-to-process-new-user-transactions","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"aEHUjxJMZoYL4nwQBv6e","title":"#36346 [SC-Insight] Typehash Discrepancy in CollateralizableTokenAllowanceAdjustment","pathname":"/anvil/36346-sc-insight-typehash-discrepancy-in-collateralizabletokenallowanceadjustment","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"D1jSfDTgdLOWb6TGW6FE","title":"#36340 [SC-Insight] TimeBasedCollateralPool::_resetAccountTokenStateIfApplicable does not adjust tok","pathname":"/anvil/36340-sc-insight-timebasedcollateralpool-_resetaccounttokenstateifapplicable-does-not-adjust-tokenep","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"ZClY40d403cHNiTMAWXQ","title":"#36309 [SC-Low] TimeBasedCollateralPool: After _resetPool gets called (internally) a depositor can b","pathname":"/anvil/36309-sc-low-timebasedcollateralpool-after-_resetpool-gets-called-internally-a-depositor-can-break-m","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil"}]},{"id":"t27AmgG612abRi28Veuf","title":"Anvil: Letters of Credit","pathname":"/anvil-letters-of-credit","siteSpaceId":"sitesp_stpzW","description":""},{"id":"SmLHa1P6tBRVOHq1aJAd","title":"#36807 [SC-Critical] attackers can create dynamic loc with any credited amount with very small co...","pathname":"/anvil-letters-of-credit/36807-sc-critical-attackers-can-create-dynamic-loc-with-any-credited-amount-with-very-small-co...","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil: Letters of Credit"}]},{"id":"mJygAUXgfQWzKZREqb2Q","title":"#36931 [SC-Critical] critical creators can modifyloccollateral of dynamic loc to release ....","pathname":"/anvil-letters-of-credit/36931-sc-critical-critical-creators-can-modifyloccollateral-of-dynamic-loc-to-release-....","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil: Letters of Credit"}]},{"id":"MUsXdkWq3a4XunR6vXiW","title":"#36910 [SC-Critical] LoC: The creator can withdraw the entire collateral of a Dynamic LoC making it","pathname":"/anvil-letters-of-credit/36910-sc-critical-loc-the-creator-can-withdraw-the-entire-collateral-of-a-dynamic-loc-making-it-inso","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil: Letters of Credit"}]},{"id":"MlcbecWOhvrsWjmRxqsD","title":"#36970 [SC-Insight] Missing `_disableInitializer()` implementation","pathname":"/anvil-letters-of-credit/36970-sc-insight-missing-_disableinitializer-implementation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil: Letters of Credit"}]},{"id":"re5XLJoEjohShtjWIt7K","title":"#36999 [SC-Insight] Incomplete Adjustment of `globalAmountInDynamicUse` During LOC Liquidation Cause","pathname":"/anvil-letters-of-credit/36999-sc-insight-incomplete-adjustment-of-globalamountindynamicuse-during-loc-liquidation-causes-acc","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Anvil: Letters of Credit"}]},{"id":"yxPiu6Vj33AMHI8nQj0R","title":"Fluid Protocol","pathname":"/fluid-protocol","siteSpaceId":"sitesp_stpzW","description":""},{"id":"GUCDg4PwRM2KLbJPUNbx","title":"#36922 [SC-Insight] the function claim_collateral in borrowOperation have read only attribute while","pathname":"/fluid-protocol/36922-sc-insight-the-function-claim_collateral-in-borrowoperation-have-read-only-attribute-while-the","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"vtXvkdvgCnFzKw5qQcua","title":"#37056 [SC-Insight] `require_at_least_min_net_debt` did not emit correct error message","pathname":"/fluid-protocol/37056-sc-insight-require_at_least_min_net_debt-did-not-emit-correct-error-message","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"J34aOJxfjBKHIDlsH903","title":"#37139 [SC-Insight] insight inefficient use of storage reentrancy locks","pathname":"/fluid-protocol/37139-sc-insight-insight-inefficient-use-of-storage-reentrancy-locks","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"6aTGONm5ceQf59adGiGl","title":"#37192 [SC-Low] Trove that under MCR might be redeemed.","pathname":"/fluid-protocol/37192-sc-low-trove-that-under-mcr-might-be-redeemed.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"5ciDX1oGBTFQKNA0KsiS","title":"#37276 [SC-Medium] Redstone's price feed is used incorrectly.","pathname":"/fluid-protocol/37276-sc-medium-redstones-price-feed-is-used-incorrectly.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"6KnZYkkWZdtDxY1aFoTj","title":"#37202 [SC-Insight] some checks can be removed since its not required(best practice report, not an i","pathname":"/fluid-protocol/37202-sc-insight-some-checks-can-be-removed-since-its-not-required-best-practice-report-not-an-issue","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"OjmSCuaRy3kqUoYBHnvV","title":"#37283 [SC-Low] Improper Trove Validation Check Allows Low-Cost Griefing Attack to Block Protocol Re","pathname":"/fluid-protocol/37283-sc-low-improper-trove-validation-check-allows-low-cost-griefing-attack-to-block-protocol-redem","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"Y4VMG62oLC5eFXutCipd","title":"#37343 [SC-Insight] inaccurate check leading to debt miscalculation","pathname":"/fluid-protocol/37343-sc-insight-inaccurate-check-leading-to-debt-miscalculation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"opJqdqcK7FHhx6wl6bq9","title":"#37323 [SC-Critical] Permanent dead Lock in internal_redeem_collateral_from_trove","pathname":"/fluid-protocol/37323-sc-critical-permanent-dead-lock-in-internal_redeem_collateral_from_trove","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"4eTPh1Tl3hCm3eUi7SYs","title":"#37354 [SC-Low] Single below MCR trove temporarily blocks redemptions","pathname":"/fluid-protocol/37354-sc-low-single-below-mcr-trove-temporarily-blocks-redemptions","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"ys7LoRrJhKcyAuRnck9z","title":"#37382 [SC-Insight] Inconsistent Collateral Ratio Checks in Stability Pool Withdrawals Lead to Fund-","pathname":"/fluid-protocol/37382-sc-insight-inconsistent-collateral-ratio-checks-in-stability-pool-withdrawals-lead-to-fund-loc","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"SviODQZqJ8BeCywpIGF0","title":"#37409 [SC-Low] Can not redeem when all `current_cr` less than `MCR`.","pathname":"/fluid-protocol/37409-sc-low-can-not-redeem-when-all-current_cr-less-than-mcr-.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"I68rvBCCkXP0Ui4yM0jz","title":"#37425 [SC-Insight] redeem collateral does not redeem collateral from riskiest trove but wrongly red","pathname":"/fluid-protocol/37425-sc-insight-redeem-collateral-does-not-redeem-collateral-from-riskiest-trove-but-wrongly-redeem","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"CTNwad3QNIZ6UEkMGl8y","title":"#37452 [SC-Critical] `trove-manager-contract.redeem_collateral_from_trove` can be locked forever","pathname":"/fluid-protocol/37452-sc-critical-trove-manager-contract.redeem_collateral_from_trove-can-be-locked-forever","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"GiTJ24UxdTQWODrjhhm3","title":"#37595 [SC-Insight] `require_caller_is_bo_or_tm_or_sp_or_pm` did not emit correct message","pathname":"/fluid-protocol/37595-sc-insight-require_caller_is_bo_or_tm_or_sp_or_pm-did-not-emit-correct-message","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"msPEcREfv8uuHXyZV1Nh","title":"#37607 [SC-Low] bricking redeem function","pathname":"/fluid-protocol/37607-sc-low-bricking-redeem-function","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"fiejjHScUHK2RUWaAWnt","title":"#37624 [SC-Critical] lock issue bricks the redeem functionality","pathname":"/fluid-protocol/37624-sc-critical-lock-issue-bricks-the-redeem-functionality","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"4mdw5hFnzmfYL7lrCOM2","title":"#37650 [SC-Low] redeem functionality partially failing","pathname":"/fluid-protocol/37650-sc-low-redeem-functionality-partially-failing","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"t0Y68u04xw8aRygPpi81","title":"#37668 [SC-Low] Incorrect Scale Factor value leads to early scale change","pathname":"/fluid-protocol/37668-sc-low-incorrect-scale-factor-value-leads-to-early-scale-change","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"9VSLJ52I9im3kUjg0C6L","title":"#37671 [SC-Critical] CRITICAL-02 / The contract could be permanently locked due to not reseting the","pathname":"/fluid-protocol/37671-sc-critical-critical-02-the-contract-could-be-permanently-locked-due-to-not-reseting-the-boole","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Fluid Protocol"}]},{"id":"vy8vnfwoajoviRcr5Fj4","title":"Folks: Liquid Staking","pathname":"/folks-liquid-staking","siteSpaceId":"sitesp_stpzW","description":""},{"id":"aJ6TpresXpF9s2JJpJ9s","title":"#37660 [SC-High] incorrect tracking of `TOTAL_ACTIVE_STAKE` leads to permanent freezing of funds","pathname":"/folks-liquid-staking/37660-sc-high-incorrect-tracking-of-total_active_stake-leads-to-permanent-freezing-of-funds","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"pIfrwktnrRXxJMtbbeBe","title":"#37661 [SC-High] Incorrect `total_active_stake` reduction causes loss of funds for the users and exc","pathname":"/folks-liquid-staking/37661-sc-high-incorrect-total_active_stake-reduction-causes-loss-of-funds-for-the-users-and-excessiv","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"1FryXP7O7iwLwCjj2DN5","title":"#37768 [SC-Insight] Missing Event Emission when proposer are added prevents safe retrieval of index","pathname":"/folks-liquid-staking/37768-sc-insight-missing-event-emission-when-proposer-are-added-prevents-safe-retrieval-of-index-for","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"2W24NxdHK4HS4XTENJNr","title":"#37775 [SC-High] Accounting Discrepancy in `consensus_v2.py::burn()`can potentially cause underflow","pathname":"/folks-liquid-staking/37775-sc-high-accounting-discrepancy-in-consensus_v2.py-burn-can-potentially-cause-underflow-and-lea","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"fNkDJPKIaviIgNG8qoYo","title":"#37791 [SC - Insight] consensus contract distributes algo for proposers that are offline that cause","pathname":"/folks-liquid-staking/37791-sc-insight-consensus-contract-distributes-algo-for-proposers-that-are-offline-that-cause-losin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"SelLKiSrNMM6JjlzPaD1","title":"#37807 [SC-Insight] Truncation of mint_amount to zero leading to potential stake loss","pathname":"/folks-liquid-staking/37807-sc-insight-truncation-of-mint_amount-to-zero-leading-to-potential-stake-loss","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"QynEFi6Zghse2qDKYAeo","title":"#37852 [SC-High] The accumulation of rewards is being decreased from the active stake which could le","pathname":"/folks-liquid-staking/37852-sc-high-the-accumulation-of-rewards-is-being-decreased-from-the-active-stake-which-could-leave","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"KrumCoiGDDasGZ83Qde5","title":"#37854 [SC-Insight] Missing state validation upon Upgrade","pathname":"/folks-liquid-staking/37854-sc-insight-missing-state-validation-upon-upgrade","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"ghI5TcPWicwWYm1BU7SW","title":"#37864 [SC-Insight] Over-charging users on delayed mint","pathname":"/folks-liquid-staking/37864-sc-insight-over-charging-users-on-delayed-mint","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"jW9XZ87Uh8RUQThVC946","title":"#37863 [SC-High] Underflow in burn method prevents all xALGO from being burnt","pathname":"/folks-liquid-staking/37863-sc-high-underflow-in-burn-method-prevents-all-xalgo-from-being-burnt","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"xJYbidOjpWqPu257rgeB","title":"#37867 [SC-Low] Contract upgrade failing due to SHA256 failing because of AVM byte width limits","pathname":"/folks-liquid-staking/37867-sc-low-contract-upgrade-failing-due-to-sha256-failing-because-of-avm-byte-width-limits","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"yr1fgxaedtnb3dyhEFmI","title":"#37889 [SC-High] Underflow in `burn()` function will cause user funds to partially frozen","pathname":"/folks-liquid-staking/37889-sc-high-underflow-in-burn-function-will-cause-user-funds-to-partially-frozen","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"63Fwe8acoevd1SXjjhBs","title":"#37903 [SC-High] \"Potential Underflow Vulnerability in burn Function for total_active_stake_key\"","pathname":"/folks-liquid-staking/37903-sc-high-potential-underflow-vulnerability-in-burn-function-for-total_active_stake_key","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"wHc6DbxkubrrMZCcEoAB","title":"#37893 [SC-Insight] inflation attack in xalgo","pathname":"/folks-liquid-staking/37893-sc-insight-inflation-attack-in-xalgo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"51l0rcAsKvaoBraNuJRe","title":"#37940 [SC-High] freezing of user funds when reward accumulated or added","pathname":"/folks-liquid-staking/37940-sc-high-freezing-of-user-funds-when-reward-accumulated-or-added","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Folks: Liquid Staking"}]},{"id":"H7Y1qFx2lVhVDlXUDSab","title":"Jito Restaking","pathname":"/jito-restaking","siteSpaceId":"sitesp_stpzW","description":""},{"id":"w4DGmBv7WZOYfVFmA4LF","title":"#36675 [SC-Insight] Missing revoke instruction leads to Old delegate accounts have unlimited number","pathname":"/jito-restaking/36675-sc-insight-missing-revoke-instruction-leads-to-old-delegate-accounts-have-unlimited-number-of","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"uWIrVzmcJFScdsdcBgc1","title":"#37315 [SC-High] Theft of Unclaimed Yields Due to Improper Reward Distribution in Vault Program","pathname":"/jito-restaking/37315-sc-high-theft-of-unclaimed-yields-due-to-improper-reward-distribution-in-vault-program","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"PCN3kcFNDz8nyPU7lQMX","title":"#36787 [SC-Insight] The vault program don't support token2022 transfer","pathname":"/jito-restaking/36787-sc-insight-the-vault-program-dont-support-token2022-transfer","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"w52BAHUFSTo7qEv9YFBX","title":"#36903 [SC-High] The vault reward mechanism can be sandwiched by MEV","pathname":"/jito-restaking/36903-sc-high-the-vault-reward-mechanism-can-be-sandwiched-by-mev","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"XSgqnMvr3hp6ZsjosRxu","title":"#37079 [SC-Insight] Withdrawals can be DOSed by reviving tickets in the same burn tx","pathname":"/jito-restaking/37079-sc-insight-withdrawals-can-be-dosed-by-reviving-tickets-in-the-same-burn-tx","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"K4TFqeVSJ8TA9BtMSFGG","title":"#37311 [SC-High] Attackers can steal rewards by depositing, updating vault balance and withdrawing i","pathname":"/jito-restaking/37311-sc-high-attackers-can-steal-rewards-by-depositing-updating-vault-balance-and-withdrawing-immed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"rCl6mLPwYf4VGkKOYby1","title":"#37295 [SC-High] Rewards can be stolen by depositing immediately after reward tokens get sent to vau","pathname":"/jito-restaking/37295-sc-high-rewards-can-be-stolen-by-depositing-immediately-after-reward-tokens-get-sent-to-vault","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"fD9AxNQtsqdZVdhjh4lV","title":"#37314 [SC-High] Vault creators can not withdraw their fees without being recursively charged (vault","pathname":"/jito-restaking/37314-sc-high-vault-creators-can-not-withdraw-their-fees-without-being-recursively-charged-vault-and","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Jito Restaking"}]},{"id":"OOjJWhNzhlpCGREnIAQ0","title":"SwayLend frontend","pathname":"/swaylend-frontend","siteSpaceId":"sitesp_stpzW","description":""},{"id":"lJHc5IK632v36gulOG89","title":"#37822 [W&A-Insight] insight incorrect amounts displayed to foreign users","pathname":"/swaylend-frontend/37822-w-and-a-insight-insight-incorrect-amounts-displayed-to-foreign-users","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"SwayLend frontend"}]},{"id":"lbpPfvfejmiNXpE9WuSM","title":"#37196 [W&A-Insight] DOS due to Misleading 'CircularProgressBar' Display Due to Rounding of 'supplyU","pathname":"/swaylend-frontend/37196-w-and-a-insight-dos-due-to-misleading-circularprogressbar-display-due-to-rounding-of-supplyuse","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"SwayLend frontend"}]},{"id":"1Mnhr9salcQztzJ63KFE","title":"Celo","pathname":"/celo","siteSpaceId":"sitesp_stpzW","description":""},{"id":"yrd9HZ9Iz2GQqtw6Mxnh","title":"#37058 [SC-High] Theft of remuneration through claims processing loops.","pathname":"/celo/37058-sc-high-theft-of-remuneration-through-claims-processing-loops.","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"o83kaWQBk5Xgtz0Y4lj9","title":"#37010 [SC-High] Rollback of the incorrect state interferes with the progress of the epoch process,","pathname":"/celo/37010-sc-high-rollback-of-the-incorrect-state-interferes-with-the-progress-of-the-epoch-process-prev","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"VF1E7mQIGQPHhtS0SK44","title":"#37206 [SC-Medium] Overflow due to lack of checks leading to incorrect price calculation","pathname":"/celo/37206-sc-medium-overflow-due-to-lack-of-checks-leading-to-incorrect-price-calculation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"pzChSkoNGdXt6Zma5IKT","title":"#37251 [SC-Critical] Fraudulent padding of governance voting power","pathname":"/celo/37251-sc-critical-fraudulent-padding-of-governance-voting-power","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"kgTvB3kOQdCkXQPQedLf","title":"#37285 [SC-Critical] Incorrect Delegation State After Slashing in LockedGold Contract","pathname":"/celo/37285-sc-critical-incorrect-delegation-state-after-slashing-in-lockedgold-contract","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"MxQAJ9Fe7o16QuQbuwTa","title":"#37391 [SC-High] Early Reward Accrual Undermines Validator Group Performance Incentives","pathname":"/celo/37391-sc-high-early-reward-accrual-undermines-validator-group-performance-incentives","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"c3JFnzgv191k40UPrcE9","title":"#37443 [SC-Insight] Race Condition in KeyedBroadcaster Implementation","pathname":"/celo/37443-sc-insight-race-condition-in-keyedbroadcaster-implementation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"Kw8PPxRepz4rvuL0ynr2","title":"#37427 [SC-Critical] Delegation is not updated on slash and unlock","pathname":"/celo/37427-sc-critical-delegation-is-not-updated-on-slash-and-unlock","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Celo"}]},{"id":"ZOmxSozExMOuIJGKBdFt","title":"Stacks I Attackathon","pathname":"/stacks-i-attackathon","siteSpaceId":"sitesp_stpzW","description":""},{"id":"xwU2AUWQhOXtPOiNulH4","title":"#38516 [BC-High] Signer can censor transactions and halt the network by providing an invalid nonce o","pathname":"/stacks-i-attackathon/38516-bc-high-signer-can-censor-transactions-and-halt-the-network-by-providing-an-invalid-nonce-or-t","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"9RIfRkWiYMdOmMrJpfpS","title":"#37545 [BC-Medium] Deposits with a lock_time of 16 cannot be processed","pathname":"/stacks-i-attackathon/37545-bc-medium-deposits-with-a-lock_time-of-16-cannot-be-processed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"U802dftV65pTTz1SsIL8","title":"#38003 [BC-Medium] A malicious coordinator calling `Emily::update_deposits` can make the entire Sign","pathname":"/stacks-i-attackathon/38003-bc-medium-a-malicious-coordinator-calling-emily-update_deposits-can-make-the-entire-signers-ne","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"HXCFO3iPTVLY29YIJkyI","title":"#37479 [BC-High] A single signer can lock users' funds by not notifying other signers of the execute","pathname":"/stacks-i-attackathon/37479-bc-high-a-single-signer-can-lock-users-funds-by-not-notifying-other-signers-of-the-executed-sw","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"dv3U6rdMeuA05pSU2NL6","title":"#38398 [BC-High] Malicious Signers can initiate repeated contract calls to cause the multi-sign wall","pathname":"/stacks-i-attackathon/38398-bc-high-malicious-signers-can-initiate-repeated-contract-calls-to-cause-the-multi-sign-wallet","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"ZojZaPnae4FiXhMGU7os","title":"#37530 [BC-Insight] Deposits can be completely DoSed due to incorrect transaction construction","pathname":"/stacks-i-attackathon/37530-bc-insight-deposits-can-be-completely-dosed-due-to-incorrect-transaction-construction","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"EI28nNUYopIiA0dToJRG","title":"#38160 [BC-Insight] Governance calling `sbtc-registry.update-protocol-contract` may cause Stacks' ev","pathname":"/stacks-i-attackathon/38160-bc-insight-governance-calling-sbtc-registry.update-protocol-contract-may-cause-stacks-events-t","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"rIWxB2oPX8j2tqTaLm1E","title":"#37500 [BC-Low] Blocklist can be circumvented due to incorrect blocking logic in `request_decider::c","pathname":"/stacks-i-attackathon/37500-bc-low-blocklist-can-be-circumvented-due-to-incorrect-blocking-logic-in-request_decider-can_ac","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"VXYjslkXx5deueCDF7GA","title":"#38690 [BC-Insight] A malicious coordinator can run multiple DKG coordination in parallel and manipu","pathname":"/stacks-i-attackathon/38690-bc-insight-a-malicious-coordinator-can-run-multiple-dkg-coordination-in-parallel-and-manipulat","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"fRdgwnM3CIE7a5tHT8HN","title":"#38270 [BC-Medium] A signer can send a large number of junk `WstsNetMessage::NonceRequest` through P","pathname":"/stacks-i-attackathon/38270-bc-medium-a-signer-can-send-a-large-number-of-junk-wstsnetmessage-noncerequest-through-p2p-to","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"9cK2AJwGiUNzbc6unZhj","title":"#38223 [BC-Insight] Attackers can disrupt the tag order of gossip messages to bypass signature verif","pathname":"/stacks-i-attackathon/38223-bc-insight-attackers-can-disrupt-the-tag-order-of-gossip-messages-to-bypass-signature-verifica","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"hW8FSVyf9XRfpCviyO6k","title":"#37470 [BC-Medium] SBTC Signers do not page through pending deposit requests making it trivially eas","pathname":"/stacks-i-attackathon/37470-bc-medium-sbtc-signers-do-not-page-through-pending-deposit-requests-making-it-trivially-easy-t","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"0TCsg5SZupnaDA70Uohn","title":"#38551 [BC-Medium] A signer can request stacks tx nonces in batches in advance and then DoS other si","pathname":"/stacks-i-attackathon/38551-bc-medium-a-signer-can-request-stacks-tx-nonces-in-batches-in-advance-and-then-dos-other-signe","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"iuwzgPdR5tUl8RB4ZSNk","title":"#38111 [BC-High] Attackers can send a very large event in a Stacks block so that the Signer can neve","pathname":"/stacks-i-attackathon/38111-bc-high-attackers-can-send-a-very-large-event-in-a-stacks-block-so-that-the-signer-can-never-g","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"gz5XHchReZaGv0XIVT8h","title":"#38477 [BC-High] A single signer can abort every attempted signing round by providing an invalid pac","pathname":"/stacks-i-attackathon/38477-bc-high-a-single-signer-can-abort-every-attempted-signing-round-by-providing-an-invalid-packet","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"O0MNBvhaW5E2HNcrT8zI","title":"#38460 [BC-Low] The coordinator can set a higher BTC tx fee than the current network to make users t","pathname":"/stacks-i-attackathon/38460-bc-low-the-coordinator-can-set-a-higher-btc-tx-fee-than-the-current-network-to-make-users-to-p","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"bo5IuJB44WSMBp8WQsH0","title":"#37384 [BC-Medium] Attacker can front-run call to emily api with incorrect data, preventing legit us","pathname":"/stacks-i-attackathon/37384-bc-medium-attacker-can-front-run-call-to-emily-api-with-incorrect-data-preventing-legit-user-f","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"dpYqYeG7rJ5Qx5K2HYX3","title":"#38133 [BC-Medium] A rogue Signer can censor any deposit request from being processed and fullfilled","pathname":"/stacks-i-attackathon/38133-bc-medium-a-rogue-signer-can-censor-any-deposit-request-from-being-processed-and-fullfilled-on","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"k4hQgeptjZEgg70FzDci","title":"#38053 [BC-High] A single signer can continuously prevent signatures from being finalized, halting n","pathname":"/stacks-i-attackathon/38053-bc-high-a-single-signer-can-continuously-prevent-signatures-from-being-finalized-halting-netwo","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"akRoKRJo1URlp7Tnk5uN","title":"#38740 [BC-High] The missing check in Deposits::DepositScriptInputs::parse() permits losing funds by","pathname":"/stacks-i-attackathon/38740-bc-high-the-missing-check-in-deposits-depositscriptinputs-parse-permits-losing-funds-by-sendin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"QTQmuFufgqedifHJryfc","title":"#38030 [BC-Insight] Coordinator can be crashed by signers on DKG","pathname":"/stacks-i-attackathon/38030-bc-insight-coordinator-can-be-crashed-by-signers-on-dkg","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"xthao4VbuIq5ivYRJRDc","title":"#38028 [BC-Low] There is a Partial Network Degradation Due to DynamoDB GSI Throttling Under High Tra","pathname":"/stacks-i-attackathon/38028-bc-low-there-is-a-partial-network-degradation-due-to-dynamodb-gsi-throttling-under-high-traffi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"9MrvVgxQJSthMSC1Muz4","title":"#38458 [BC-Critical] The coordinator can submit empty BTC transactions to drain BTC tokens in the mu","pathname":"/stacks-i-attackathon/38458-bc-critical-the-coordinator-can-submit-empty-btc-transactions-to-drain-btc-tokens-in-the-multi","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"QKACR1BsM96hzDGGmBnS","title":"#38671 [BC-Insight] Signer key rotation is not possible due to deadlock between submitting key rotat","pathname":"/stacks-i-attackathon/38671-bc-insight-signer-key-rotation-is-not-possible-due-to-deadlock-between-submitting-key-rotation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"NwaFC2BUwFabR0jE1p7E","title":"#38392 [BC-High] Signer can steal STX tokens in multi-sign wallet by setting a high stacks tx fee","pathname":"/stacks-i-attackathon/38392-bc-high-signer-can-steal-stx-tokens-in-multi-sign-wallet-by-setting-a-high-stacks-tx-fee","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"nEKGwPKQZ0gUzUTaOnWP","title":"#37861 [BC-Critical] SBTC Signer WSTS implementation allows nonce replays such that a malicious sign","pathname":"/stacks-i-attackathon/37861-bc-critical-sbtc-signer-wsts-implementation-allows-nonce-replays-such-that-a-malicious-signer","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"KEQvo88YUWNZcQ2vJO8K","title":"#38605 [BC-Low] Lack of fee_rate/last_fees validation in handle_bitcoin_pre_sign_request ebables rog","pathname":"/stacks-i-attackathon/38605-bc-low-lack-of-fee_rate-last_fees-validation-in-handle_bitcoin_pre_sign_request-ebables-rogue","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"DOhuheTlgOk3usOhzEsu","title":"#38582 [BC-High] The `BitcoinCoreClient::get_tx_info` does not support coinbase transactions, which","pathname":"/stacks-i-attackathon/38582-bc-high-the-bitcoincoreclient-get_tx_info-does-not-support-coinbase-transactions-which-may-cau","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"Vsx85gAJYikMF2w0zr4z","title":"#37814 [BC-High] Signers can crash other signers by sending an invalid `DkgPrivateShares` due to mis","pathname":"/stacks-i-attackathon/37814-bc-high-signers-can-crash-other-signers-by-sending-an-invalid-dkgprivateshares-due-to-missing","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"CrXKWvRkJQvzjp2Z9pwb","title":"#37777 [BC-Medium] `Emily.create_deposit` can overwrite any deposit to the Pending state","pathname":"/stacks-i-attackathon/37777-bc-medium-emily.create_deposit-can-overwrite-any-deposit-to-the-pending-state","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"BFzWuPSlw7Ihn4XURoFU","title":"#37811 [BC-High] Missing length check when parsing `SignatureShareRequest` in the signers allows the","pathname":"/stacks-i-attackathon/37811-bc-high-missing-length-check-when-parsing-signaturesharerequest-in-the-signers-allows-the-coor","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"un68SOsBZDvXgrjy35zd","title":"#37718 [BC-High] Key rotations bricks the system due to incorrect `aggregate_key` being used to spen","pathname":"/stacks-i-attackathon/37718-bc-high-key-rotations-bricks-the-system-due-to-incorrect-aggregate_key-being-used-to-spend-the","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Stacks I Attackathon"}]},{"id":"j9VeNt9wKKV7KwPpEG4o","title":"Lombard","pathname":"/lombard","siteSpaceId":"sitesp_stpzW","description":""},{"id":"a1E3R1h5Yo3QjvU0svAo","title":"#38012 [SC-Insight] Unused Function in CLAdapter Contract","pathname":"/lombard/38012-sc-insight-unused-function-in-cladapter-contract","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"25dePYiNVlTMWrUA2EFR","title":"#38066 [SC-Medium] `ProxyFactory` is vulnerable to DoS/Address Hijacking","pathname":"/lombard/38066-sc-medium-proxyfactory-is-vulnerable-to-dos-address-hijacking","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"cdXtxMIldyClfVlZ4Xkd","title":"#38102 [SC-Insight] Due to incorrect design in `BasculeV2::validateWithdrawal` valid transactions wi","pathname":"/lombard/38102-sc-insight-due-to-incorrect-design-in-basculev2-validatewithdrawal-valid-transactions-will-be","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"cH0r5Qoo1RXRxbGGmCW3","title":"#38116 [SC-Insight] Partner vaults don't account for FireBridge fees, forcing LBTC burn to never wor","pathname":"/lombard/38116-sc-insight-partner-vaults-dont-account-for-firebridge-fees-forcing-lbtc-burn-to-never-work","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"70uJMXPH4XpAxGUrI8ZS","title":"#38137 [SC-Low] `RateLimits` library incorrectly reset the consumed amount when the limit is updated","pathname":"/lombard/38137-sc-low-ratelimits-library-incorrectly-reset-the-consumed-amount-when-the-limit-is-updated","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"SePRF8IQsMky9IfKMHY5","title":"#38148 [SC-Insight] Unnecessary Storage Pointer Declaration batchMintWithFee","pathname":"/lombard/38148-sc-insight-unnecessary-storage-pointer-declaration-batchmintwithfee","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"zbcGSm6rwqxErxyaIpqa","title":"#38154 [SC-Medium] The offchain data provided to the CLAdapter isn’t properly validated and can be f","pathname":"/lombard/38154-sc-medium-the-offchain-data-provided-to-the-cladapter-isnt-properly-validated-and-can-be-from","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"fM367k09zp7tDlstj5RY","title":"#38189 [SC-Insight] Attacker can grief calls to `lbtc.mintWithFee()`","pathname":"/lombard/38189-sc-insight-attacker-can-grief-calls-to-lbtc.mintwithfee","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"UMx6bTpHsS0exXHv1912","title":"#38231 [SC-Low] Due to incorrect design in `Consortium::setNextValidatorSet` the validator set could","pathname":"/lombard/38231-sc-low-due-to-incorrect-design-in-consortium-setnextvalidatorset-the-validator-set-could-not-b","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"J2znLBnbySH6ypWxqzRe","title":"#38225 [SC-Insight] user funds will get stuck if `removeDestination` executes before notarization an","pathname":"/lombard/38225-sc-insight-user-funds-will-get-stuck-if-removedestination-executes-before-notarization-and-wit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"y5QmMW6PuqpdhVrLttdO","title":"38286 [SC-Low] bitcoinutils getdustlimitforoutput calculate wrongly the dust limit for a given bitco","pathname":"/lombard/38286-sc-low-bitcoinutils-getdustlimitforoutput-calculate-wrongly-the-dust-limit-for-a-given-bitcoin","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"kpSeX6aoy3rnSiS7QA24","title":"#38257 [SC-Insight] Freezing of msg.value passed in Bridge.deposit() if adapter is address zero","pathname":"/lombard/38257-sc-insight-freezing-of-msg.value-passed-in-bridge.deposit-if-adapter-is-address-zero","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"BJkrJWynGnWAu59e5YYv","title":"#38341 [SC-Insight] Suboptimal gas usage and ambiguous behavior during fee estimation","pathname":"/lombard/38341-sc-insight-suboptimal-gas-usage-and-ambiguous-behavior-during-fee-estimation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"qeawcgnrg065oz8zBRoF","title":"38335 [SC-Medium] attacker can exploit partnervault mint small amount to cause lbtc depeg or protoco","pathname":"/lombard/38335-sc-medium-attacker-can-exploit-partnervault-mint-small-amount-to-cause-lbtc-depeg-or-protocol","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"k9zhtumCqRuvWtp7kQRV","title":"#38342 [SC-Medium] Interchanging `offchainTokenData` between two valid messages","pathname":"/lombard/38342-sc-medium-interchanging-offchaintokendata-between-two-valid-messages","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"nUcRHsJXPIEfHmK1rMrA","title":"#38363 [SC-Medium] LBTC cross-chain transfer can be DOSed","pathname":"/lombard/38363-sc-medium-lbtc-cross-chain-transfer-can-be-dosed","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"wFEiGU1YwTwK8Vo2bLpE","title":"#38344 [SC-Low] Old validated messages can not pass proof check when new validators are set","pathname":"/lombard/38344-sc-low-old-validated-messages-can-not-pass-proof-check-when-new-validators-are-set","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"HZffqnjxidT5git6cT8R","title":"#38634 [SC-Medium] Insufficient validation on offchainTokenData in TokenPool.releaseOrMint allows CC","pathname":"/lombard/38634-sc-medium-insufficient-validation-on-offchaintokendata-in-tokenpool.releaseormint-allows-ccip","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"tQiMP5Hd5cU3UL7i9Yef","title":"#38370 [SC-Insight] Issue Between Comment and Code in Consortium","pathname":"/lombard/38370-sc-insight-issue-between-comment-and-code-in-consortium","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"H22YMDiy9qQOgnrvzRBs","title":"#38644 [SC-Insight] Q&A","pathname":"/lombard/38644-sc-insight-q-and-a","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Lombard"}]},{"id":"xM2WBgu1uvzFWsF9LGiq","title":"Butter","pathname":"/butter","siteSpaceId":"sitesp_stpzW","description":""},{"id":"EXSdQ5oIh3v8sjkHkDeZ","title":"#39181 [SC-Insight] Bond Fund will be Lost When Question is Asked Again","pathname":"/butter/39181-sc-insight-bond-fund-will-be-lost-when-question-is-asked-again","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"FOt3ed25vfeXA4qLHX28","title":"#39153 [SC-Insight] Unauthorized Token Creation and Minting Vulnerability","pathname":"/butter/39153-sc-insight-unauthorized-token-creation-and-minting-vulnerability","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"13HvvU45AHSzhW4L5bWs","title":"#39243 [SC-Insight] Misleading Comment in merge Function Regarding Token Transfers to wrapped1155Fac","pathname":"/butter/39243-sc-insight-misleading-comment-in-merge-function-regarding-token-transfers-to-wrapped1155factor","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"Zn8KyVUJybEQjBB49ChN","title":"#39271 [SC-Insight] Check `numericAnswer` before external call to check answer is valid or not","pathname":"/butter/39271-sc-insight-check-numericanswer-before-external-call-to-check-answer-is-valid-or-not","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"9P3x6SGKkV00FblDCOAS","title":"#39487 [SC-Insight] flatCfmImplementation and conditionalScalarMarketImplementation contracts can be","pathname":"/butter/39487-sc-insight-flatcfmimplementation-and-conditionalscalarmarketimplementation-contracts-can-be-in","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"lzVGHQf4v7DswFDctbto","title":"39495 [SC-Low] flatcfm cannot be resolved in case answer of questionid are in greater or equal to 2","pathname":"/butter/39495-sc-low-flatcfm-cannot-be-resolved-in-case-answer-of-questionid-are-in-greater-or-equal-to-2-ou","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"IrgZkDnHpBhIuUCn79JT","title":"#39528 [SC-Insight] Lack of Validation for Min and Max Values in FlatCFMFactory leads to wrong payou","pathname":"/butter/39528-sc-insight-lack-of-validation-for-min-and-max-values-in-flatcfmfactory-leads-to-wrong-payouts","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"4Qf7JJJc5eXSDsuvpqkq","title":"#39524 [SC-Insight] Incorrect Outcome Formatting in Reality Adapter Leads to Wrong Number of Outcome","pathname":"/butter/39524-sc-insight-incorrect-outcome-formatting-in-reality-adapter-leads-to-wrong-number-of-outcomes","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"xWuvJS4WL2xuN8fpQTC9","title":"#39539 [SC-Insight] Insufficient validation of tokens when created in `PlayCollateralTokenFactory::c","pathname":"/butter/39539-sc-insight-insufficient-validation-of-tokens-when-created-in-playcollateraltokenfactory-create","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Butter"}]},{"id":"TXgukEr2Jp4iyYKWqBSO","title":"Zano IOP","pathname":"/zano-iop","siteSpaceId":"sitesp_stpzW","description":""},{"id":"rhTyO40rrbf5jHKor3WD","title":"#41027 [BC-Insight] Breaking asset surjection proof assumptions","pathname":"/zano-iop/41027-bc-insight-breaking-asset-surjection-proof-assumptions","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Zano IOP"}]},{"id":"s1snxABGe2p6NMplNxfh","title":"#40530 [W&A-High] JWT Salt Expiration isn't entirely correct in wallet_rpc_server::auth_http_request","pathname":"/zano-iop/40530-w-and-a-high-jwt-salt-expiration-isnt-entirely-correct-in-wallet_rpc_server-auth_http_request","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Zano IOP"}]},{"id":"DDJI9J6e83GS1t3FKAXf","title":"#40990 [BC-Insight] Security best practices","pathname":"/zano-iop/40990-bc-insight-security-best-practices","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Zano IOP"}]},{"id":"1TwNOpwC91aDNWW8PWQs","title":"#40970 [BC-Insight] Double spending by using 0-point stealth address and signature elements in CLSAG","pathname":"/zano-iop/40970-bc-insight-double-spending-by-using-0-point-stealth-address-and-signature-elements-in-clsag-gg","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Zano IOP"}]},{"id":"0Kim9O1pSYoOyiwlmCnF","title":"#40794 [W&A-Insight] Unsecured Wallet Voting Configuration Allows Unauthorized Vote Manipulation Des","pathname":"/zano-iop/40794-w-and-a-insight-unsecured-wallet-voting-configuration-allows-unauthorized-vote-manipulation-de","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Zano IOP"}]},{"id":"1BmVjj9ThXeZ3TT9rZzb","title":"Shardeum Ancillaries III","pathname":"/shardeum-ancillaries-iii","siteSpaceId":"sitesp_stpzW","description":""},{"id":"rJeCHYTsBrXYIBxurZyJ","title":"#39360 [W&A-Insight] getRandomActiveNodes may return inconsistent results","pathname":"/shardeum-ancillaries-iii/39360-w-and-a-insight-getrandomactivenodes-may-return-inconsistent-results","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"dAt3xQVcC9brwOhO3q8m","title":"#39993 [W&A-Low] node-fetch without response limit","pathname":"/shardeum-ancillaries-iii/39993-w-and-a-low-node-fetch-without-response-limit","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"jgCB5U3QZksc1cCHBgPl","title":"39829 [W&A-Critical] dos archiver via data subscription channel due to broken safestringfy","pathname":"/shardeum-ancillaries-iii/39829-w-and-a-critical-dos-archiver-via-data-subscription-channel-due-to-broken-safestringfy","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"6OKJ8qagp8aQBeJY2o1L","title":"#40004 [W&A-Critical] Multiple vulnerabilities in signature verification during receipt processing o","pathname":"/shardeum-ancillaries-iii/40004-w-and-a-critical-multiple-vulnerabilities-in-signature-verification-during-receipt-processing","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"0A3E1pwWgUDatGMNxpKx","title":"#39942 [W&A-Medium] Archiver is still vulnerable to replay attack to `/set-config`","pathname":"/shardeum-ancillaries-iii/39942-w-and-a-medium-archiver-is-still-vulnerable-to-replay-attack-to-set-config","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"zmTN8OoBWEkhsjvYPS1M","title":"#39980 [W&A-Critical] Malicious validator can inject its own cycle record into connected archiver","pathname":"/shardeum-ancillaries-iii/39980-w-and-a-critical-malicious-validator-can-inject-its-own-cycle-record-into-connected-archiver","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"wKtVMaJPd63vNVQqNCpQ","title":"#39434 [W&A-Critical] Improper serialization can create an out-of-memory (OOM) issue on the archive","pathname":"/shardeum-ancillaries-iii/39434-w-and-a-critical-improper-serialization-can-create-an-out-of-memory-oom-issue-on-the-archive-s","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"8pDQCJ6YhrEzYvnIFswY","title":"39944 [W&A-Insight] incorrect default configuration leading to dead code","pathname":"/shardeum-ancillaries-iii/39944-w-and-a-insight-incorrect-default-configuration-leading-to-dead-code","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"5qDkPUNVONPo2ebXX1jl","title":"39893 [W&A-Critical] malicious validator can modify txid in global transactions","pathname":"/shardeum-ancillaries-iii/39893-w-and-a-critical-malicious-validator-can-modify-txid-in-global-transactions","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"uascVXaIvH6nPQvUcnsf","title":"#39910 [W&A-Medium] Numerous replay attacks (with arbitrary data) to protected endpoints are possibl","pathname":"/shardeum-ancillaries-iii/39910-w-and-a-medium-numerous-replay-attacks-with-arbitrary-data-to-protected-endpoints-are-possible","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"JMbuEUpC2bGEcGq2JVYZ","title":"39872 [W&A-Critical] bypass receipt signing validation","pathname":"/shardeum-ancillaries-iii/39872-w-and-a-critical-bypass-receipt-signing-validation","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"QDuc9i3qA8Mh9UAVrSWT","title":"#39814 [W&A-Low] Prevent new validators from joining the network by a DOS of the archiver","pathname":"/shardeum-ancillaries-iii/39814-w-and-a-low-prevent-new-validators-from-joining-the-network-by-a-dos-of-the-archiver","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"9QQYSIfUvBdp1yzzzW0g","title":"#39284 [W&A-Medium] Arbitrarily set any archiver config and remotely turning it off","pathname":"/shardeum-ancillaries-iii/39284-w-and-a-medium-arbitrarily-set-any-archiver-config-and-remotely-turning-it-off","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"NQTcFdHQzQ0EtGaSwzpJ","title":"#39109 [W&A-Insight] syncStateDataGlobals will not work, effectively DoS'ing nodes","pathname":"/shardeum-ancillaries-iii/39109-w-and-a-insight-syncstatedataglobals-will-not-work-effectively-dosing-nodes","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"qoXqieByjuhA7rXlppZU","title":"#39623 [W&A-Low] Blocking the victim's account address from sending transactions via JSON-RPC","pathname":"/shardeum-ancillaries-iii/39623-w-and-a-low-blocking-the-victims-account-address-from-sending-transactions-via-json-rpc","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"3TH5wcZ5TYOa5RGOlM0B","title":"39626 [W&A-Critical] malicious validator can overwrite any cycle data","pathname":"/shardeum-ancillaries-iii/39626-w-and-a-critical-malicious-validator-can-overwrite-any-cycle-data","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"xECgPxYhQWWh5MjfhbUh","title":"#39820 [W&A-Medium] Blocking all users from interacting with particular contracts/protocols via JSON","pathname":"/shardeum-ancillaries-iii/39820-w-and-a-medium-blocking-all-users-from-interacting-with-particular-contracts-protocols-via-jso","siteSpaceId":"sitesp_stpzW","description":"","breadcrumbs":[{"label":"Shardeum Ancillaries III"}]},{"id":"Y1H7P5DrlKqY8dCFWGYu","title":"Yeet","pathname":"/yeet","siteSpaceId":"sitesp_stpzW"},{"id":"qt7BkcoH3S6FtFtBg7QF","title":"#41132 [SC-Insight] NFT Boost Lookup values not adhere to docs","pathname":"/yeet/41132-sc-insight-nft-boost-lookup-values-not-adhere-to-docs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"qEhIc3NN7Ib7V18pg3fp","title":"#41145 [SC-Insight] Incorrect Inheritance of Ownership in `Manager` Contract Leading to Inconsistent Use of `Ownable2Step`","pathname":"/yeet/41145-sc-insight-incorrect-inheritance-of-ownership-in-manager-contract-leading-to-inconsistent-use","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"kNkYMZcJNzYyBpFI3Qe4","title":"#41215 [SC-Critical] StakeV2: Inconsistencies in totalSupply computation, can lead to protocol insolvency","pathname":"/yeet/41215-sc-critical-stakev2-inconsistencies-in-totalsupply-computation-can-lead-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"WsBzagdyGhCGRGquwpOf","title":"#41256 [SC-Insight] Contradictory Documentation and actual function","pathname":"/yeet/41256-sc-insight-contradictory-documentation-and-actual-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"3g79NNjReCBq0EiGgSUy","title":"#41272 [SC-Insight] Unnecessary precision loss due to division before multiplication in `getDistribution()`","pathname":"/yeet/41272-sc-insight-unnecessary-precision-loss-due-to-division-before-multiplication-in-getdistribution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"Yks2fBhmuTWupQEZejVL","title":"#41270 [SC-Medium] Harvest timing exploit enables theft of unclaimed yield","pathname":"/yeet/41270-sc-medium-harvest-timing-exploit-enables-theft-of-unclaimed-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"cUa7AF0DIVSiOgtgoRtX","title":"#41280 [SC-High] Permanent freezing of yield due to incorrect reward handling in `StakeV2` claim functions","pathname":"/yeet/41280-sc-high-permanent-freezing-of-yield-due-to-incorrect-reward-handling-in-stakev2-claim-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"N4hLgRgZO5MPADCji5q1","title":"#41283 [SC-Low] Contract fails to deliver promised returns, due to changed `MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR`","pathname":"/yeet/41283-sc-low-contract-fails-to-deliver-promised-returns-due-to-changed-max_cap_per_wallet_per_epoch_","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"4DPe1XymKtb94LMJjbs0","title":"#41286 [SC-Critical] `accumulatedDeptRewardsYeet()` accounts for tokens under unstaking process","pathname":"/yeet/41286-sc-critical-accumulateddeptrewardsyeet-accounts-for-tokens-under-unstaking-process","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"1AY7LhqUMI4zxzVT6wVJ","title":"#41289 [SC-Critical] StakeV2 Contract Insolvency Issue","pathname":"/yeet/41289-sc-critical-stakev2-contract-insolvency-issue","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"YBg6LdRL6BFrqPFS1Qi3","title":"#41345 [SC-Critical] Calculation of accumulatedDeptRewardsYeet is incorrect lead to user lost of fund","pathname":"/yeet/41345-sc-critical-calculation-of-accumulateddeptrewardsyeet-is-incorrect-lead-to-user-lost-of-fund","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"l2O0SXtDQAkhHlk5sY1w","title":"41291 sc insight winner selection vulnerability in yeetback contract allows multiple reward for the same lucky winner","pathname":"/yeet/41291-sc-insight-winner-selection-vulnerability-in-yeetback-contract-allows-multiple-reward-for-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"gS0ML2OMDfl8dv51vMKK","title":"#41359 [SC-Insight] Remove Manager of Address 0 is irrelevant and will never be reached","pathname":"/yeet/41359-sc-insight-remove-manager-of-address-0-is-irrelevant-and-will-never-be-reached","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"VXljmDl5Q70Op8NUekwy","title":"#41365 [SC-Critical] Vested tokens are counted as accumulated revenue","pathname":"/yeet/41365-sc-critical-vested-tokens-are-counted-as-accumulated-revenue","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"49PMmI6OxPfI0Elgkjjn","title":"#41374 [SC-Insight] Incorrect NFT Boost Value in Lookup Array","pathname":"/yeet/41374-sc-insight-incorrect-nft-boost-value-in-lookup-array","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"fbNKxxono04TW7rqadxd","title":"#41377 [SC-Low] Retroactive Reward Cap Manipulation Allows Theft/Loss of Unclaimed Yield","pathname":"/yeet/41377-sc-low-retroactive-reward-cap-manipulation-allows-theft-loss-of-unclaimed-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"nKSvDJKHIPfSg3rR70t9","title":"#41419 [SC-Insight] Miscalculation of `maxClaimable` variable leads to users being able to claim too many or too few reward tokens","pathname":"/yeet/41419-sc-insight-miscalculation-of-maxclaimable-variable-leads-to-users-being-able-to-claim-too-many","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"qxuZKd0EfGfLMQx4EfWk","title":"#41432 [SC-High] Attacker can DoS `StakeV2`'s rewards distribution by repeatedly inflating Zapper's approval for whitelisted Kodiak Vault tokens","pathname":"/yeet/41432-sc-high-attacker-can-dos-stakev2-s-rewards-distribution-by-repeatedly-inflating-zappers-approv","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"te4ey1zaWyYAfgaRgi8D","title":"#41456 [SC-Critical] `executeRewardDistributionYeet` will count user withdraws as rewards","pathname":"/yeet/41456-sc-critical-executerewarddistributionyeet-will-count-user-withdraws-as-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"MzlhKYzPRBr34tHMbdnj","title":"#41487 [SC-Critical] Updates totalSupply before transferring the tokens which causes calculating more reward tokens","pathname":"/yeet/41487-sc-critical-updates-totalsupply-before-transferring-the-tokens-which-causes-calculating-more-r","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"LALHCqf9js22zq3fFAKe","title":"#41488 [SC-Insight] In `StakeV2.sol` there exists a critical flaw that allows adversaries to earn more rewards than should be possible for a period of having staked minimal tokens.","pathname":"/yeet/41488-sc-insight-in-stakev2.sol-there-exists-a-critical-flaw-that-allows-adversaries-to-earn-more-re","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"BpxSBNgyf71uuLTG8NM2","title":"#41492 [SC-Insight] Incorrect Reward Value Emitted in `executeRewardDistributionYeet` Function","pathname":"/yeet/41492-sc-insight-incorrect-reward-value-emitted-in-executerewarddistributionyeet-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"ZqzruSXWthV5QwM2KsAA","title":"#41511 [SC-Low] The contract calculates the `minimumYeetPoint` using the Pot going to the winner instead of the whole Pot.","pathname":"/yeet/41511-sc-low-the-contract-calculates-the-minimumyeetpoint-using-the-pot-going-to-the-winner-instead","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"VLkxvvdXI8FQ28rSDE8g","title":"#41521 [SC-Critical] Unstaked tokens incorrectly counted as rewards during vesting period","pathname":"/yeet/41521-sc-critical-unstaked-tokens-incorrectly-counted-as-rewards-during-vesting-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"iElBVePFzAzqtVEUHC1E","title":"#41524 [SC-Critical] Incorrect Reward Calculation in accumulatedDeptRewardsYeet() Function Leads to Loss of User Funds During Vesting Period","pathname":"/yeet/41524-sc-critical-incorrect-reward-calculation-in-accumulateddeptrewardsyeet-function-leads-to-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"hCnfgIyKvMH3FJQGkgw9","title":"#41526 [SC-Medium] MoneyBrinter::compound can be vulnerable to sandwich attacks","pathname":"/yeet/41526-sc-medium-moneybrinter-compound-can-be-vulnerable-to-sandwich-attacks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"AVq1X9KMFl5PqRZ1A2gx","title":"#41528 [SC-High] When claiming rewards in native Bera via `StakeV2.claimRewardsInNative`, excess `token0Debt` or/and `token1Debt` is not returned to the kodiak vault but stuck in `StakeV2` contract.","pathname":"/yeet/41528-sc-high-when-claiming-rewards-in-native-bera-via-stakev2.claimrewardsinnative-excess-token0deb","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"zeBdGGerECnzxpskyNLL","title":"#41542 [SC-Insight] The 20% charged as a `yeetback` is not considered as part of `addYeetVolume` and `boostedValue`","pathname":"/yeet/41542-sc-insight-the-20-charged-as-a-yeetback-is-not-considered-as-part-of-addyeetvolume-and-boosted","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"SG4NT3wWajpNI0MXr1Sq","title":"#41549 [SC-Critical] users funds can get lost when the executeRewardDistributionYeet function invoked after users unstake","pathname":"/yeet/41549-sc-critical-users-funds-can-get-lost-when-the-executerewarddistributionyeet-function-invoked-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"LjW7vEGbR3MwfoC9Hb3l","title":"#41570 [SC-Insight] Code Insights Report","pathname":"/yeet/41570-sc-insight-code-insights-report","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"tUhB5QYYcO5Le8Q4jhF8","title":"#41559 [SC-Critical] Incorrect Calculation of Accumulated Rewards Due to Unstaked Tokens","pathname":"/yeet/41559-sc-critical-incorrect-calculation-of-accumulated-rewards-due-to-unstaked-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"iehTWILFdFwuiPN3CPqq","title":"#41624 [SC-Medium] Reward sandwich is possible in `MoneyBrinter` vault by frontrunning `compound`.","pathname":"/yeet/41624-sc-medium-reward-sandwich-is-possible-in-moneybrinter-vault-by-frontrunning-compound-.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"vXVX4wpFM9PCfNg4rbRI","title":"#41633 [SC-High] Users might lose some of the rewards they’re supposed to get.","pathname":"/yeet/41633-sc-high-users-might-lose-some-of-the-rewards-theyre-supposed-to-get.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"rIsuGershydt5btmzkQQ","title":"#41635 [SC-Low] MoneyBrinter contract is EIP-4626 incompliant","pathname":"/yeet/41635-sc-low-moneybrinter-contract-is-eip-4626-incompliant","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"wAMrSskG1SISd1q55Fvq","title":"#41639 [SC-Insight] Cross-Vault Reward Arbitrage in StakeV2 Allows Yield Theft","pathname":"/yeet/41639-sc-insight-cross-vault-reward-arbitrage-in-stakev2-allows-yield-theft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"RaQF3Euwqeh97fKwVupw","title":"#41640 [SC-High] Stuck Rewards in StakeV2 Contract Due to Improper Handling of Leftover Tokens","pathname":"/yeet/41640-sc-high-stuck-rewards-in-stakev2-contract-due-to-improper-handling-of-leftover-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"PcA2XUNdlhmAvcplZlqz","title":"#41638 [SC-Medium] Sandwich Attack on `compound()` Function Allows Value Extraction from Honest Depositors","pathname":"/yeet/41638-sc-medium-sandwich-attack-on-compound-function-allows-value-extraction-from-honest-depositors","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"uDJ35C0wQ1Ac9DpHORhp","title":"#41644 [SC-High] `_clearUserDebt` in zapOut function sends the remaining tokens to `msg.sender` instead of receiver.","pathname":"/yeet/41644-sc-high-_clearuserdebt-in-zapout-function-sends-the-remaining-tokens-to-msg.sender-instead-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"w0vNkm6cgMXGvvvamVOi","title":"#41647 [SC-High] Unused tokens after zapping can be stuck and not entitled to users","pathname":"/yeet/41647-sc-high-unused-tokens-after-zapping-can-be-stuck-and-not-entitled-to-users","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"R9E69yuAeG23Js8n3JXc","title":"#41660 [SC-Insight] Yeet will be permanently DOSED if the entropyProvider runs out of randome numbers or gets blacklisted","pathname":"/yeet/41660-sc-insight-yeet-will-be-permanently-dosed-if-the-entropyprovider-runs-out-of-randome-numbers-o","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"ZjBbYbefa1XWsy8BxdrH","title":"#41659 [SC-Insight] Previous owner still hold manager role after ownership transfer","pathname":"/yeet/41659-sc-insight-previous-owner-still-hold-manager-role-after-ownership-transfer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"feD9AYdtVkDNPe8s8JsP","title":"#41664 [SC-Low] Users may receive fewer rewards due to the change in reward limits","pathname":"/yeet/41664-sc-low-users-may-receive-fewer-rewards-due-to-the-change-in-reward-limits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"ylYsi8UwTvPtEvQtrkUR","title":"41672 sc insight permanent loss risk of user funds due to inflexible function design in claim ","pathname":"/yeet/41672-sc-insight-permanent-loss-risk-of-user-funds-due-to-inflexible-function-design-in-claim","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"tLfk5cMBfdH4v4U9jk81","title":"#41682 [SC-Insight] Code can be optimized to use save a lot of gas.","pathname":"/yeet/41682-sc-insight-code-can-be-optimized-to-use-save-a-lot-of-gas.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"2w9oRJtcWXeHDKmnRsRs","title":"#41689 [SC-Insight] Blacklisting a Kodiak vault unintentionally whitelists a previously blacklisted token","pathname":"/yeet/41689-sc-insight-blacklisting-a-kodiak-vault-unintentionally-whitelists-a-previously-blacklisted-tok","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"66ISIIshmxuZb8gnQUMA","title":"#41688 [SC-Insight] Code can be optimized to to save a significant amount of gas.","pathname":"/yeet/41688-sc-insight-code-can-be-optimized-to-to-save-a-significant-amount-of-gas.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"yJW2k41C7WkSNkePDMgB","title":"#41695 [SC-Critical] StakeV2 leaks user tokens as rewards and eventually will become insolvent.","pathname":"/yeet/41695-sc-critical-stakev2-leaks-user-tokens-as-rewards-and-eventually-will-become-insolvent.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"Qza176nYHK42Isg1sGgZ","title":"#41699 [SC-Insight] Silent Transfer Failures in Native Token Handling","pathname":"/yeet/41699-sc-insight-silent-transfer-failures-in-native-token-handling","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"XKlbglstf2p9XEpVipkk","title":"#41707 [SC-Insight] Code differs from documentation in `Reward::getClaimableAmount` function","pathname":"/yeet/41707-sc-insight-code-differs-from-documentation-in-reward-getclaimableamount-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"nOEkMllsXkJKnN4CTpjv","title":"#41741 [SC-Insight] Improper Input Validation in zapInNative Leads to Theft of Residual Funds","pathname":"/yeet/41741-sc-insight-improper-input-validation-in-zapinnative-leads-to-theft-of-residual-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"jSN4ZeTZIo67HEfy5MYo","title":"#41758 [SC-Insight] The code comment to `BOOSTRAP_PHASE_DURATION` is incorrect","pathname":"/yeet/41758-sc-insight-the-code-comment-to-boostrap_phase_duration-is-incorrect","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"aYeGBh8a9PB67y8mid7R","title":"#41765 [SC-Insight] Storage slots only set in constructor should be declared `immutable`","pathname":"/yeet/41765-sc-insight-storage-slots-only-set-in-constructor-should-be-declared-immutable","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"XWZVoLR3lkJKC6geoDia","title":"#41766 [SC-Insight] In `Yeet.sol`, storage slots only set in constructor should be declared `immutable`.","pathname":"/yeet/41766-sc-insight-in-yeet.sol-storage-slots-only-set-in-constructor-should-be-declared-immutable-.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"NQQsCWOu5I8GaQ5GuEDi","title":"#41823 [SC-Low] Changing the reward settings has a retroactive impact","pathname":"/yeet/41823-sc-low-changing-the-reward-settings-has-a-retroactive-impact","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"HkovRbwuDNB4OraL7Ict","title":"#41788 [SC-Medium] Yield theft because of compound function design","pathname":"/yeet/41788-sc-medium-yield-theft-because-of-compound-function-design","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"F1AlSQ2sjezSWVpJYQi9","title":"#41841 [SC-Low] Risk of Reward Loss and Gain Manipulation Due to Untimely Claims and Reward Cap Adjustments","pathname":"/yeet/41841-sc-low-risk-of-reward-loss-and-gain-manipulation-due-to-untimely-claims-and-reward-cap-adjustm","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"xknw4XVE89lgwiil8uK8","title":"#41831 [SC-Critical] Miscalculation of excess rewards via external token transfers leads to contract insolvency and incomplete withdrawals","pathname":"/yeet/41831-sc-critical-miscalculation-of-excess-rewards-via-external-token-transfers-leads-to-contract-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"w9HxeYeENJNDdGQSNNLC","title":"#41873 [SC-Insight] Protocol fee loss due to incorrect fee calculation in MoneyBrinter.sol","pathname":"/yeet/41873-sc-insight-protocol-fee-loss-due-to-incorrect-fee-calculation-in-moneybrinter.sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"FOGZsqOP4hx4yczEeT1e","title":"#41875 [SC-High] Permanent Lock of User Funds in StakeV2 Due to Incorrect token Debt Handling","pathname":"/yeet/41875-sc-high-permanent-lock-of-user-funds-in-stakev2-due-to-incorrect-token-debt-handling","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"9d0TUzCdDL8Re8oGJRFe","title":"#41876 [SC-Insight] User may receive boosted values which are non-concave","pathname":"/yeet/41876-sc-insight-user-may-receive-boosted-values-which-are-non-concave","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"FnXLg4oTuvPkk01xLcbJ","title":"#41885 [SC-Insight] Bypass token whitelist","pathname":"/yeet/41885-sc-insight-bypass-token-whitelist","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"KGX8UotNyc4YMEE5YVtq","title":"#41890 [SC-Insight] MoneyBrinter vault does not consider Farm's staking cap","pathname":"/yeet/41890-sc-insight-moneybrinter-vault-does-not-consider-farms-staking-cap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"c85fCKaXGzlmERf8mDrp","title":"#41886 [SC-Low] Full or Large WBERA reward collects can be blocked by small amounts","pathname":"/yeet/41886-sc-low-full-or-large-wbera-reward-collects-can-be-blocked-by-small-amounts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"3qe8Mk0OGYovASBgnHdU","title":"#41894 [SC-Critical] Incorrect calculation of deposited rewards yeet leads to Staker's not being able to get their staked amount back","pathname":"/yeet/41894-sc-critical-incorrect-calculation-of-deposited-rewards-yeet-leads-to-stakers-not-being-able-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"9QbI2cLfmLlXNgeuy981","title":"#41895 [SC-Medium] Potential loss of token0, token1 in the MoneyBrinter contract","pathname":"/yeet/41895-sc-medium-potential-loss-of-token0-token1-in-the-moneybrinter-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"xzOCqRx0MolEbNwi8ocH","title":"#41907 [SC-High] Unused debt is not send to Reward Claimer","pathname":"/yeet/41907-sc-high-unused-debt-is-not-send-to-reward-claimer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"NcARlFpDEjHc05Nl0wLj","title":"#41911 [SC-Critical] Unstake amount can be zapped before user withdrawal","pathname":"/yeet/41911-sc-critical-unstake-amount-can-be-zapped-before-user-withdrawal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"yYZzu2lEC9bcQtiklz6G","title":"#41938 [SC-Critical] Unstake process manipulation and reward distribution vulnerability","pathname":"/yeet/41938-sc-critical-unstake-process-manipulation-and-reward-distribution-vulnerability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"rrcrWCLLnW3NllqQC5Ia","title":"#41949 [SC-Insight] Optimize StakeV2::startUnstake with `unchecked` block to reduce gas costs","pathname":"/yeet/41949-sc-insight-optimize-stakev2-startunstake-with-unchecked-block-to-reduce-gas-costs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"eNEwfTZgAwfu0TfJzFjp","title":"#41952 [SC-Insight] Reduce storage costs by eliminating stakedTimes in StakeV2::startUnstake","pathname":"/yeet/41952-sc-insight-reduce-storage-costs-by-eliminating-stakedtimes-in-stakev2-startunstake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"BCSqc6HenR1ktkPNomBj","title":"#41974 [SC-Critical] Reducing `totalSupply` in `startUnstake` leads to protocol insolvency","pathname":"/yeet/41974-sc-critical-reducing-totalsupply-in-startunstake-leads-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"38cHZ3HBOsU63e4w4InA","title":"#41981 [SC-Critical] Loss of user funds during unstaking, while under the lockup period","pathname":"/yeet/41981-sc-critical-loss-of-user-funds-during-unstaking-while-under-the-lockup-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"vM8KsubewdDt6V2cKrAI","title":"#42008 [SC-Low] Incorrect Application of MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR on Historical Epochs","pathname":"/yeet/42008-sc-low-incorrect-application-of-max_cap_per_wallet_per_epoch_factor-on-historical-epochs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"O9prZVAwHmPl7e7FdKLA","title":"#42020 [SC-Critical] Inaccurate calculation in `accumulatedDeptRewardsYeet()` causes double counting of vesting tokens as excess, leading to permanent loss of user funds","pathname":"/yeet/42020-sc-critical-inaccurate-calculation-in-accumulateddeptrewardsyeet-causes-double-counting-of-ves","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"R0mIJgtFZJ0MeYCrOm4U","title":"#42033 [SC-Insight] MoneyBrinter contract does not consider farm's pausing status","pathname":"/yeet/42033-sc-insight-moneybrinter-contract-does-not-consider-farms-pausing-status","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"tu29kgY6LCPwqTfh7lF8","title":"#42039 [SC-High] When calling `StakeV2::claimRewardsInNative()` surplus $YEET are send to the StakeV2 contract instead of the user","pathname":"/yeet/42039-sc-high-when-calling-stakev2-claimrewardsinnative-surplus-usdyeet-are-send-to-the-stakev2-cont","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"ZFZSJKfU4a42BsHeTn3N","title":"#42113 [SC-High] yeetOut function in Zapper.sol sends tokens back to StakeV2 contract instead of user","pathname":"/yeet/42113-sc-high-yeetout-function-in-zapper.sol-sends-tokens-back-to-stakev2-contract-instead-of-user","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"TdYbntXPWdAe1rTWJzH0","title":"#42123 [SC-Critical] Insufficient Token Reservation in `startUnstake` Leads to Permanent Freezing of Vested Funds","pathname":"/yeet/42123-sc-critical-insufficient-token-reservation-in-startunstake-leads-to-permanent-freezing-of-vest","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"gVYQoVn9TrsLb9Jg4NAI","title":"#42127 [SC-Insight] Redundant Fee Calculation in addYeetback() function","pathname":"/yeet/42127-sc-insight-redundant-fee-calculation-in-addyeetback-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"qjW0rX8l6oA9rKMAHkXG","title":"#42152 [SC-Critical] `StakeV2::accumulatedDeptRewardsYeet` fails to account for pending vesting withdrawals which could cause contract insolvency","pathname":"/yeet/42152-sc-critical-stakev2-accumulateddeptrewardsyeet-fails-to-account-for-pending-vesting-withdrawal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"t3rpBk6VysgLM7UUlC2F","title":"#42158 [SC-High] Users can DoS `Zapper::zapIn` functionality for a token","pathname":"/yeet/42158-sc-high-users-can-dos-zapper-zapin-functionality-for-a-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"MNCX3m7huY2UWEfso5Mo","title":"#42166 [SC-Low] Modification of MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR Leads to Unjust Loss of Promised Rewards for Users","pathname":"/yeet/42166-sc-low-modification-of-max_cap_per_wallet_per_epoch_factor-leads-to-unjust-loss-of-promised-re","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"5LXhl6pzaIjDRVMBgqGY","title":"#42189 [SC-High] User rewards incorrectly transferred to `StakeV2` instead of claimant","pathname":"/yeet/42189-sc-high-user-rewards-incorrectly-transferred-to-stakev2-instead-of-claimant","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"n92YDCSXaXZel1L8ZGnu","title":"#42214 [SC-High] Leftover `WBERA` and `YEET` sent to `StakeV2` instead of to user who is claiming rewards","pathname":"/yeet/42214-sc-high-leftover-wbera-and-yeet-sent-to-stakev2-instead-of-to-user-who-is-claiming-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"eevPx4E8TXGHAB2E5NhU","title":"42292 sc high zapper wrong convertion of assets in zapout functions leads to partial loss of staking rewards","pathname":"/yeet/42292-sc-high-zapper-wrong-convertion-of-assets-in-zapout-functions-leads-to-partial-loss-of-staking","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"LLh9m2asXjwpKzEjsiDz","title":"#42333 [SC-Medium] compound MoneyBrinter.sol can be sandwiched to extract value from other depositors","pathname":"/yeet/42333-sc-medium-compound-moneybrinter.sol-can-be-sandwiched-to-extract-value-from-other-depositors","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"Dw8oGn7VzOomX2ECWAqu","title":"#42345 [SC-Critical] Theft of User Funds in executeRewardDistributionYeet During Vesting Period","pathname":"/yeet/42345-sc-critical-theft-of-user-funds-in-executerewarddistributionyeet-during-vesting-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"qCNJW7SvdxtY4jCpKUDp","title":"#42351 [SC-Insight] Yeetback complex rewards system","pathname":"/yeet/42351-sc-insight-yeetback-complex-rewards-system","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"9fFPQ4Bj4cCdkopSnhrb","title":"#42355 [SC-Medium] Compounding can be sandwich attacked","pathname":"/yeet/42355-sc-medium-compounding-can-be-sandwich-attacked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"zV6ObOLXLEdNmyGs8JxB","title":"#42382 [SC-Critical] Calling `StakeV2::executeRewardDistributionYeet` by manager during an ongoing unstaking period for stakers can result in them being unable to unstake permanently","pathname":"/yeet/42382-sc-critical-calling-stakev2-executerewarddistributionyeet-by-manager-during-an-ongoing-unstaki","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"5f9lP6GISYiTJDlGoeUt","title":"#42388 [SC-Insight] Discrepancy between number of Yeetback winners in contract and documentation","pathname":"/yeet/42388-sc-insight-discrepancy-between-number-of-yeetback-winners-in-contract-and-documentation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"PRWU9XhOpFgqOly6LIiB","title":"#42407 [SC-Low] Updating MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR impacts unclaimed rewards of past epochs","pathname":"/yeet/42407-sc-low-updating-max_cap_per_wallet_per_epoch_factor-impacts-unclaimed-rewards-of-past-epochs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"a4vGPYBNecVweX1PXPq3","title":"42439 sc insight insight report for stakev2 contract","pathname":"/yeet/42439-sc-insight-insight-report-for-stakev2-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"Hl4R2AEp8dpiV1thZoGl","title":"#42443 [SC-Critical] Vested `$YEET` are susceptible of being impossible to unstake","pathname":"/yeet/42443-sc-critical-vested-usdyeet-are-susceptible-of-being-impossible-to-unstake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"I0LNBgCVbXXBrQHX0arl","title":"#42462 [SC-Low] Potential loss of unclaimed rewards due to updating setting `MAX_CAP_PER_WALLET_PER_EPOCH_FACTOR`","pathname":"/yeet/42462-sc-low-potential-loss-of-unclaimed-rewards-due-to-updating-setting-max_cap_per_wallet_per_epoc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"jijtQmI6SGqYGpWFv87P","title":"#42487 [SC-Insight] Redundant Slippage Check in `compound` Function","pathname":"/yeet/42487-sc-insight-redundant-slippage-check-in-compound-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"9xbC5YbSFsAPDiYZX9p4","title":"#42469 [SC-Critical] Incorrect computation of excess rewards leads to permanent freezing of user funds","pathname":"/yeet/42469-sc-critical-incorrect-computation-of-excess-rewards-leads-to-permanent-freezing-of-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"H1AsQVrazOK6plgg17w7","title":"#42518 [SC-Critical] Incorrect handling of total staked funds will lead to protocol insolvency","pathname":"/yeet/42518-sc-critical-incorrect-handling-of-total-staked-funds-will-lead-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"np08qjOf0zwRGbiJ33Jo","title":"#42525 [SC-High] Misallocation of leftover token1 in StakeV2.claimRewardsInToken0","pathname":"/yeet/42525-sc-high-misallocation-of-leftover-token1-in-stakev2.claimrewardsintoken0","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"E8NPGJ8to6bKRcRYAmeV","title":"#42527 [SC-Critical] Critical Balance/Supply Desynchronization Leading to Protocol Insolvency and Loss of User Funds","pathname":"/yeet/42527-sc-critical-critical-balance-supply-desynchronization-leading-to-protocol-insolvency-and-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"ArajhUQojwSplBaGlk1Q","title":"#42532 [SC-High] Compound function in MoneyBrinter can lead to loss of yield","pathname":"/yeet/42532-sc-high-compound-function-in-moneybrinter-can-lead-to-loss-of-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"eV8Wno1X2HNhLxp8rzIj","title":"#42538 [SC-Insight] Incorrect value in events emitted in StakeV2","pathname":"/yeet/42538-sc-insight-incorrect-value-in-events-emitted-in-stakev2","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"D8Ca6SavLT475l7ALFcd","title":"#42539 [SC-Low] Incorrect `maxWithdraw()` returns lead to user failed withdrawals of returned maximum amount","pathname":"/yeet/42539-sc-low-incorrect-maxwithdraw-returns-lead-to-user-failed-withdrawals-of-returned-maximum-amoun","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"t813OjiBkM6kJQtScCmq","title":"#42548 [SC-High] Remaining token0 and token1 sent from Zapper to StakeV2 will be permanently locked in StakeV2 forever.","pathname":"/yeet/42548-sc-high-remaining-token0-and-token1-sent-from-zapper-to-stakev2-will-be-permanently-locked-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"8aeczxU6z3DteJ8TzCg4","title":"#42553 [SC-Medium] Sandwich attack on `MoneyBrinter_compound` allows extracting rewards intended for LPs","pathname":"/yeet/42553-sc-medium-sandwich-attack-on-moneybrinter_compound-allows-extracting-rewards-intended-for-lps","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"hMIVOD06Xz86ib2m0lKA","title":"#42598 [SC-High] When claiming rewards from `StakeV2` left-over debt is sent to `StakeV2` instead of the user","pathname":"/yeet/42598-sc-high-when-claiming-rewards-from-stakev2-left-over-debt-is-sent-to-stakev2-instead-of-the-us","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"fhHnnyl4VA2Q5IlA3bQP","title":"#42581 [SC-Critical] Miscalculated Balances Lead to Protocol Insolvency","pathname":"/yeet/42581-sc-critical-miscalculated-balances-lead-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"R5KQ2skQXpKyGKeAaaMs","title":"#42602 [SC-Medium] Some of the Compounded Reward Island token can be stolen by sandwiching the compound() function call","pathname":"/yeet/42602-sc-medium-some-of-the-compounded-reward-island-token-can-be-stolen-by-sandwiching-the-compound","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"x28dQbsy4BYOYT414CAC","title":"#42623 [SC-Critical] Potential Loss of Staked Tokens During Unstaking, Incorrect calculation of excess tokens in`accumulatedDeptRewardsYeet`","pathname":"/yeet/42623-sc-critical-potential-loss-of-staked-tokens-during-unstaking-incorrect-calculation-of-excess-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"dRcrnNQYafpqfkVBAWzn","title":"#42604 [SC-Low] `MoneyBrinter` vault does not conform to ERC4626","pathname":"/yeet/42604-sc-low-moneybrinter-vault-does-not-conform-to-erc4626","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"EDkTzQBNvkzh5pch0x6r","title":"#42637 [SC-Insight] When there is sufficient liquidity for executing reward distribution, token swapping should be skipped to avoid slippage loss","pathname":"/yeet/42637-sc-insight-when-there-is-sufficient-liquidity-for-executing-reward-distribution-token-swapping","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"bkASk6S0BY2jRCrmNmaP","title":"#42682 [SC-Critical] Loss of funds during the reward distribution in executeRewardDistributionYeet() of StakeV2 contract","pathname":"/yeet/42682-sc-critical-loss-of-funds-during-the-reward-distribution-in-executerewarddistributionyeet-of-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"ZirhSnBjWXlUM0OjJqSn","title":"#42710 [SC-Medium] Modulo opation introduces bias during the winning yeet calculation","pathname":"/yeet/42710-sc-medium-modulo-opation-introduces-bias-during-the-winning-yeet-calculation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"B3HNHRoMQqujJ51bFCkC","title":"#42718 [SC-High] zapOut methods in zapper contract incorrectly use _msgSender() instead of receiver when sending back remainder tokens","pathname":"/yeet/42718-sc-high-zapout-methods-in-zapper-contract-incorrectly-use-_msgsender-instead-of-receiver-when","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"rB8uPgcft8KXUNoewARF","title":"#42711 [SC-Insight] Incorrect Index Handling in `unstake` and `rageQuit` Leading to Potential Fund Loss","pathname":"/yeet/42711-sc-insight-incorrect-index-handling-in-unstake-and-ragequit-leading-to-potential-fund-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"0ZmSph7j1m1FHWPXea9m","title":"#42723 [SC-Critical] Unstaked Tokens Included in Excess Reward Calculation Can Cause DoS for Unstaking Users","pathname":"/yeet/42723-sc-critical-unstaked-tokens-included-in-excess-reward-calculation-can-cause-dos-for-unstaking","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"fsyEhnW8vvtKBwF4I24i","title":"#42725 [SC-Critical] startUnstake() Reduces Total Supply, but StakingToken Balance in contract Remains Constant, Leading to Inflated accumulatedDeptRewardsYeet()","pathname":"/yeet/42725-sc-critical-startunstake-reduces-total-supply-but-stakingtoken-balance-in-contract-remains-con","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"9XoQMs1j7hhnPztAwkYL","title":"#42732 [SC-High] Incomplete token return whena user claim his rewards leads to rewards fund loss","pathname":"/yeet/42732-sc-high-incomplete-token-return-whena-user-claim-his-rewards-leads-to-rewards-fund-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Yeet"}]},{"id":"hncrCCwn4c97JY00OpHI","title":"Shardeum Core III","pathname":"/shardeum-core-iii","siteSpaceId":"sitesp_stpzW"},{"id":"CGfqo5aOCoktwmfsOFCG","title":"#39811 [BC-Critical] inducing large memory allocation via join endpoint","pathname":"/shardeum-core-iii/39811-bc-critical-inducing-large-memory-allocation-via-join-endpoint","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"RcpKPwRRF8bSP6bLI1C1","title":"#39873 [BC-Critical] Lack of validation of node activation time in `InitRewardTimes` allows to steal rewards","pathname":"/shardeum-core-iii/39873-bc-critical-lack-of-validation-of-node-activation-time-in-initrewardtimes-allows-to-steal-rewa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"h47MMQuMILpWb28tOZwg","title":"#39921 [BC-Critical] accountDeserializer isn't type safe","pathname":"/shardeum-core-iii/39921-bc-critical-accountdeserializer-isnt-type-safe","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"hFgCkuVTdKkHZa9qQ9er","title":"#39913 [BC-Medium] No rate Limiting in resource-intensive endpoint","pathname":"/shardeum-core-iii/39913-bc-medium-no-rate-limiting-in-resource-intensive-endpoint","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"GnTyjz2VSMJPeJl1lhU2","title":"#39885 [BC-Critical] Signature forgery on behalf of network nodes using binary_sign_app_data endpoint","pathname":"/shardeum-core-iii/39885-bc-critical-signature-forgery-on-behalf-of-network-nodes-using-binary_sign_app_data-endpoint","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"lPWH2z6wLBQZ7WXwD7G1","title":"#39871 [BC-Critical] Lack of consensus voting in best cycle calculation allows a malicious validator to fake cycle data and crash all nodes","pathname":"/shardeum-core-iii/39871-bc-critical-lack-of-consensus-voting-in-best-cycle-calculation-allows-a-malicious-validator-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"DQwjCX91ocWfbxXf8pVM","title":"#39876 [BC-Critical] Receiving rewards multiple times for the same period","pathname":"/shardeum-core-iii/39876-bc-critical-receiving-rewards-multiple-times-for-the-same-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"XxYtmJuom8XxE039f7Pb","title":"#39838 [BC-Critical] Bypass certificate signing validation by double counting signatures due to signature malleability","pathname":"/shardeum-core-iii/39838-bc-critical-bypass-certificate-signing-validation-by-double-counting-signatures-due-to-signatu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"YwrksENB06orihFEtMjI","title":"#39813 [BC-Critical] Bypass `SetCertTime` transaction signature check #2","pathname":"/shardeum-core-iii/39813-bc-critical-bypass-setcerttime-transaction-signature-check-2","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"1a7UWKMoyo5jHhCcE6B5","title":"#39791 [BC-Critical] Filling the queue with \"setCertTime\" stop the network from processing new transactions","pathname":"/shardeum-core-iii/39791-bc-critical-filling-the-queue-with-setcerttime-stop-the-network-from-processing-new-transactio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"oeo1MRpkrcad1JGBTa4j","title":"#39103 [BC-Insight] Unchecked data size in \"getStakeTxBlobFromEVMTx()\" can use lots of CPU resources","pathname":"/shardeum-core-iii/39103-bc-insight-unchecked-data-size-in-getstaketxblobfromevmtx-can-use-lots-of-cpu-resources","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"veGi9G7ggRfq4Vqa3eRR","title":"#39679 [BC-Critical] bypass certificate signing validation by double counting signatures","pathname":"/shardeum-core-iii/39679-bc-critical-bypass-certificate-signing-validation-by-double-counting-signatures","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"Zrzh01IFevcMtIzpG86Y","title":"#39678 [BC-Critical] Bypass certificate signing validation by double counting signatures due to capitalization","pathname":"/shardeum-core-iii/39678-bc-critical-bypass-certificate-signing-validation-by-double-counting-signatures-due-to-capital","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"CFJAF52LaxxcwVberXGN","title":"#39675 [BC-Critical] Reward Exploitation via Unvalidated Node Status in \"initRewardTX\"","pathname":"/shardeum-core-iii/39675-bc-critical-reward-exploitation-via-unvalidated-node-status-in-initrewardtx","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"t8A86QvrQYUZLoDSKB5H","title":"#39164 [BC-Insight] service point exhaustion","pathname":"/shardeum-core-iii/39164-bc-insight-service-point-exhaustion","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"4wVS5dOOFaFuMFBui6qi","title":"#39875 [BC-Critical] Lack of validation of node deactivation time in `ClaimRewards` allows to steal rewards","pathname":"/shardeum-core-iii/39875-bc-critical-lack-of-validation-of-node-deactivation-time-in-claimrewards-allows-to-steal-rewar","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"xIFXK0AKHtv1tLjSHqvf","title":"#39027 [BC-Insight] abusive join request handler node","pathname":"/shardeum-core-iii/39027-bc-insight-abusive-join-request-handler-node","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"GcJEQcGzoteNUmWau5vX","title":"#39149 [BC-High] EIP-2930 transactions with 20k-address overload the nodes and force the network into \"safety\" mode","pathname":"/shardeum-core-iii/39149-bc-high-eip-2930-transactions-with-20k-address-overload-the-nodes-and-force-the-network-into-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"Qyay1cd6muaWIQdpqsKj","title":"#39850 [BC-Medium] Bypass TransferFromSecureAccount transaction validations","pathname":"/shardeum-core-iii/39850-bc-medium-bypass-transferfromsecureaccount-transaction-validations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"P7y8XOF4DVHLRJvm9g6g","title":"#39364 [BC-Critical] Trusting heavily on \"appData\" enables infinite SHM duplication through double-spend exploit","pathname":"/shardeum-core-iii/39364-bc-critical-trusting-heavily-on-appdata-enables-infinite-shm-duplication-through-double-spend","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"5ulQqAIdLPnGqawR1b2v","title":"#39882 [BC-Insight] data unsubscribe same node replay","pathname":"/shardeum-core-iii/39882-bc-insight-data-unsubscribe-same-node-replay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"16z1Fv4WkKKPZbI5sjOt","title":"#39812 [BC-Critical] Bypass `SetCertTime` transaction signature check #1","pathname":"/shardeum-core-iii/39812-bc-critical-bypass-setcerttime-transaction-signature-check-1","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"tYr5BtJOiYXgU1Me3GTe","title":"#39507 [BC-Critical] Insufficient validation on ClaimReward transaction allows attacker to claim an inflated reward OR prevent all nodes from being rewarded","pathname":"/shardeum-core-iii/39507-bc-critical-insufficient-validation-on-claimreward-transaction-allows-attacker-to-claim-an-inf","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"ck61rG7vDLtrSyxJAE1f","title":"#39355 [BC-Critical] tricking legit node to sign their own apoptosis request payload","pathname":"/shardeum-core-iii/39355-bc-critical-tricking-legit-node-to-sign-their-own-apoptosis-request-payload","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"XzTmc8o8AA4DgqGSJMFd","title":"#39994 [BC-Critical] Tricking nodes into signing nearly-arbitrary data","pathname":"/shardeum-core-iii/39994-bc-critical-tricking-nodes-into-signing-nearly-arbitrary-data","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"1UvJA58JDEUrjnosaYs3","title":"#40005 [BC-Critical] removal of node out of network via remove by app gossip and signature","pathname":"/shardeum-core-iii/40005-bc-critical-removal-of-node-out-of-network-via-remove-by-app-gossip-and-signature","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"pIRr17fBVLIto1uPvVsu","title":"#39973 [BC-Critical] Standard node rewarding flow can be blocked","pathname":"/shardeum-core-iii/39973-bc-critical-standard-node-rewarding-flow-can-be-blocked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"f9piphcCC9ZaU6aEzmqM","title":"#40000 [BC-Critical] Improper input validation in fixDeserializedWrappedEVMAccount leads to DOS and total network shutdown","pathname":"/shardeum-core-iii/40000-bc-critical-improper-input-validation-in-fixdeserializedwrappedevmaccount-leads-to-dos-and-tot","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"xQRpPCalAVaYhNe3p9Q2","title":"#39511 [BC-Critical] malicious node can drain balance of other node s nominator evm address","pathname":"/shardeum-core-iii/39511-bc-critical-malicious-node-can-drain-balance-of-other-node-s-nominator-evm-address","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"U4JfcnmaK5i3oiIYZLly","title":"#39463 [BC-Insight] `multiSendWithHeader` and `sendWithHeader` have JSON injection vulnerability","pathname":"/shardeum-core-iii/39463-bc-insight-multisendwithheader-and-sendwithheader-have-json-injection-vulnerability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"8sb4dL83jTikGxty6SYD","title":"#39465 [BC-Critical] Lack of authorization on InitClaimReward transaction allows attacker to prevent all nodes from being rewarded","pathname":"/shardeum-core-iii/39465-bc-critical-lack-of-authorization-on-initclaimreward-transaction-allows-attacker-to-prevent-al","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"7czuXHJW9xW4pDkRyNTC","title":"#39395 [BC-Medium] got.get without response limit","pathname":"/shardeum-core-iii/39395-bc-medium-got.get-without-response-limit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"VjcUO1g7Tj8FPyvlgQdw","title":"#39752 [BC-Insight] There is an issue related to incorrect version parsing and comparison logic lead to incorrect node validation,","pathname":"/shardeum-core-iii/39752-bc-insight-there-is-an-issue-related-to-incorrect-version-parsing-and-comparison-logic-lead-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"SEq1TwNfrkJzN0e7r0eQ","title":"#39191 [BC-Critical] JoinRoute: Attacker reachable input serialization","pathname":"/shardeum-core-iii/39191-bc-critical-joinroute-attacker-reachable-input-serialization","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"7q90T4aMa0ARAnygfqlZ","title":"#39979 [BC-Critical] Total network shutdown via fixDeserializedWrappedEVMAccount call through binary_repair_oos_accounts endpoint","pathname":"/shardeum-core-iii/39979-bc-critical-total-network-shutdown-via-fixdeserializedwrappedevmaccount-call-through-binary_re","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"Igv0cMSLNtKVfGsyKeFV","title":"#40007 [BC-Critical] Drain node staking account due to improper validation of SetCertTime internal transaction","pathname":"/shardeum-core-iii/40007-bc-critical-drain-node-staking-account-due-to-improper-validation-of-setcerttime-internal-tran","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Shardeum Core III"}]},{"id":"olcRuOpJlwBwRHuCAYbt","title":"Ethereum Protocol | Attackathon","pathname":"/ethereum-protocol-or-attackathon","siteSpaceId":"sitesp_stpzW"},{"id":"zr3iQBHzRCkNtUPzy58Y","title":"#38146 [BC-Medium] nimbus-eth2 remote crash","pathname":"/ethereum-protocol-or-attackathon/38146-bc-medium-nimbus-eth2-remote-crash","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"oRAknttNqGEByMnH6CgQ","title":"#37577 [BC-Insight] `tx.origin` Usage in Group Management Contract Allows Phishing Attack for Unauthorized Actions","pathname":"/ethereum-protocol-or-attackathon/37577-bc-insight-tx.origin-usage-in-group-management-contract-allows-phishing-attack-for-unauthorize","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"txzqDV2bmBDfVwrnvohk","title":"#38318 [BC-Low] nimbus-eth2: Gossipsub misconfiguration allows malicious peers gossip malformed data without penalization","pathname":"/ethereum-protocol-or-attackathon/38318-bc-low-nimbus-eth2-gossipsub-misconfiguration-allows-malicious-peers-gossip-malformed-data-wit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"fO6U491NPkqs0sx9uBJP","title":"#38693 [SC-Insight] BytesM to Bytes conversion does not match the reference implementation","pathname":"/ethereum-protocol-or-attackathon/38693-sc-insight-bytesm-to-bytes-conversion-does-not-match-the-reference-implementation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"qx6GC638TAeIz7cbxwcU","title":"#38278 [BC-Low] Potential DoS to Mempool Due to Missing Gas Limit Check","pathname":"/ethereum-protocol-or-attackathon/38278-bc-low-potential-dos-to-mempool-due-to-missing-gas-limit-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"c0s2vEmQbCiBD4opepl9","title":"#37153 [BC-Insight] Malicious validator can bring down honest nodes","pathname":"/ethereum-protocol-or-attackathon/37153-bc-insight-malicious-validator-can-bring-down-honest-nodes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"9rnhUWqutFIUCJ8vYr0q","title":"#37594 [SC-Insight] Nimbus incorrectly rejects non-minimally encoded snappy data length's due to spec. ambiguity","pathname":"/ethereum-protocol-or-attackathon/37594-sc-insight-nimbus-incorrectly-rejects-non-minimally-encoded-snappy-data-lengths-due-to-spec.-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"QFblQVcEOD4poyvYngAc","title":"#38319 [BC-Insight] Edge case difference for GETH and NETHERMIND when calculating memory expansion gas","pathname":"/ethereum-protocol-or-attackathon/38319-bc-insight-edge-case-difference-for-geth-and-nethermind-when-calculating-memory-expansion-gas","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"HYYKVccM30emSfIHi1zG","title":"#37186 [BC-Insight] Missing Validation for Fixed-Size bytes Types in ABI Parsing","pathname":"/ethereum-protocol-or-attackathon/37186-bc-insight-missing-validation-for-fixed-size-bytes-types-in-abi-parsing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"jvPr6kCm1gLwXNisLdBL","title":"#38015 [BC-Insight] Violation of EIP-2681 in Create Transaction","pathname":"/ethereum-protocol-or-attackathon/38015-bc-insight-violation-of-eip-2681-in-create-transaction","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"jOmf9smeHKkpkBHdyOKw","title":"#38948 [BC-Low] lighthouse remote DoS","pathname":"/ethereum-protocol-or-attackathon/38948-bc-low-lighthouse-remote-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"kuua7kktmtwbZdzAMlSi","title":"#37104 [BC-Insight] Reth RPC is vulnerable to DNS rebinding attacks","pathname":"/ethereum-protocol-or-attackathon/37104-bc-insight-reth-rpc-is-vulnerable-to-dns-rebinding-attacks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"4fOu31BIjZ5WbIdgvbKz","title":"#37350 [BC-Insight] `null` Is Not Unmarshalled Correctly Into json.RawMessage","pathname":"/ethereum-protocol-or-attackathon/37350-bc-insight-null-is-not-unmarshalled-correctly-into-json.rawmessage","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"BHl4cs7iZrOS4dfxOAXD","title":"#37210 [BC-Insight] Missing Check of HTTP Batch Response Length","pathname":"/ethereum-protocol-or-attackathon/37210-bc-insight-missing-check-of-http-batch-response-length","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"hLtoc3BDoUKPKX5G6buy","title":"#38902 [BC-Low] No check on the maximum size of the encoded ENR on ENR_RESPONSE packet","pathname":"/ethereum-protocol-or-attackathon/38902-bc-low-no-check-on-the-maximum-size-of-the-encoded-enr-on-enr_response-packet","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"YH6EXCr9JLhAYfMhO5Qh","title":"#38581 [SC-Insight] Incorrect unwrap on Bytes and String","pathname":"/ethereum-protocol-or-attackathon/38581-sc-insight-incorrect-unwrap-on-bytes-and-string","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"vScyjQ4XPNfg5gliIQg2","title":"#38427 [BC-Low] Discrepancy in Intrinsic Gas Calculation between Txpool and EVM Execution","pathname":"/ethereum-protocol-or-attackathon/38427-bc-low-discrepancy-in-intrinsic-gas-calculation-between-txpool-and-evm-execution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"q6YUNpxzfDK5c4kMn2oc","title":"#37584 [SC-Insight] Nonpayable Not Respected For Internal Function","pathname":"/ethereum-protocol-or-attackathon/37584-sc-insight-nonpayable-not-respected-for-internal-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"33vzkjnZaAMbwaUjjTgr","title":"#38557 [BC-Insight] Function `IsPush()` Misses Opcode PUSH0","pathname":"/ethereum-protocol-or-attackathon/38557-bc-insight-function-ispush-misses-opcode-push0","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"eWMy2mswAwnKzjHjzTuj","title":"#37148 [BC-Insight] `wantedPeerDials()` branch will never be executed","pathname":"/ethereum-protocol-or-attackathon/37148-bc-insight-wantedpeerdials-branch-will-never-be-executed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"FDQsHHlh873yfJVDaEkt","title":"#38920 [BC-Medium] teku remote DoS","pathname":"/ethereum-protocol-or-attackathon/38920-bc-medium-teku-remote-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"aQD3ElZHVsPZiqA7LoJs","title":"#38733 [BC-Medium] nibmus-eth2 remote crash","pathname":"/ethereum-protocol-or-attackathon/38733-bc-medium-nibmus-eth2-remote-crash","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"wJq86Q4frJz1c8IL1ROB","title":"#37634 [SC-Low] Incorrect Builtin ERC4626 Call Signature","pathname":"/ethereum-protocol-or-attackathon/37634-sc-low-incorrect-builtin-erc4626-call-signature","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"jMTHaWS0ywSR0vWcwVfp","title":"#37246 [BC-Low] lodestar snappy checksum issue","pathname":"/ethereum-protocol-or-attackathon/37246-bc-low-lodestar-snappy-checksum-issue","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"JVHvEwsp7UMcy1PQFxQp","title":"#37286 [SC-Insight] Elimination of Security Checks in ForkCreator Class","pathname":"/ethereum-protocol-or-attackathon/37286-sc-insight-elimination-of-security-checks-in-forkcreator-class","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"o06OODC2khyyNHtnnIVd","title":"#38459 [BC-Low] erigon remote DoS","pathname":"/ethereum-protocol-or-attackathon/38459-bc-low-erigon-remote-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"w92US50X83etNV2us9E8","title":"#37113 [BC-Low] https://github.com/erigontech/erigon ), though it does not seem to be exploitable at","pathname":"/ethereum-protocol-or-attackathon/37113-bc-low-https-github.com-erigontech-erigon-though-it-does-not-seem-to-be-exploitable-at","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"VqfmSfKg3WFq5AAIxbl1","title":"#38682 [SC-Medium] AugAssign evaluation order causing OOB write within the object","pathname":"/ethereum-protocol-or-attackathon/38682-sc-medium-augassign-evaluation-order-causing-oob-write-within-the-object","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"pekP76WEqQOJns7q0FTH","title":"#38828 [BC-Low] Decode RLP of Legacy Transaction Allows Tailing Bytes","pathname":"/ethereum-protocol-or-attackathon/38828-bc-low-decode-rlp-of-legacy-transaction-allows-tailing-bytes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"atme6iHkN6u36nrDxeOl","title":"#39018 [BC-Insight] Rate Limiting Under-Specification and Consequences","pathname":"/ethereum-protocol-or-attackathon/39018-bc-insight-rate-limiting-under-specification-and-consequences","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"7Hh1wy1N79sFL7r7o6XD","title":"#38292 [SC-Medium] Incorrect Sqrt Calculation Result","pathname":"/ethereum-protocol-or-attackathon/38292-sc-medium-incorrect-sqrt-calculation-result","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"j1W60FAMfD8PqFBoo7lC","title":"#38958 [BC-Low] EELS cant handle overflow gas calculation in modexp precompile","pathname":"/ethereum-protocol-or-attackathon/38958-bc-low-eels-cant-handle-overflow-gas-calculation-in-modexp-precompile","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"EkfmnBkYa7R8EK04gGIb","title":"#38908 [BC-Insight] Missing Failed Subcalls in Erigon Tracers When Encountering `ErrInsufficientBalance` Error","pathname":"/ethereum-protocol-or-attackathon/38908-bc-insight-missing-failed-subcalls-in-erigon-tracers-when-encountering-errinsufficientbalance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"1qxR0zqwByjotw7f4QHB","title":"#37300 [BC-Insight] Incorrect Encoding of Negative *big.Int Values in MakeTopics","pathname":"/ethereum-protocol-or-attackathon/37300-bc-insight-incorrect-encoding-of-negative-big.int-values-in-maketopics","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"JiJL2z0sO1bQeHkPCJFr","title":"#38277 [BC-Insight] Potential Out-of-Range Panic in `UnmarshalJSON()` of `HexOrDecimal256`","pathname":"/ethereum-protocol-or-attackathon/38277-bc-insight-potential-out-of-range-panic-in-unmarshaljson-of-hexordecimal256","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"QgOWZKD8fEkEFgPaSw1a","title":"#37583 [SC-Low] Incorrect For Annotation Parsing","pathname":"/ethereum-protocol-or-attackathon/37583-sc-low-incorrect-for-annotation-parsing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"c9rGw4VaxCfbqkScPvcz","title":"#37582 [SC-Low] Incorrect HexString Parsing Leads To Compilation Error Or Type Confusion","pathname":"/ethereum-protocol-or-attackathon/37582-sc-low-incorrect-hexstring-parsing-leads-to-compilation-error-or-type-confusion","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"cEe4lAZzQZgNnHiCGqpF","title":"#38275 [BC-Low] Evil-client P2P headers-traversal leads to D/DoS and total peer removal","pathname":"/ethereum-protocol-or-attackathon/38275-bc-low-evil-client-p2p-headers-traversal-leads-to-d-dos-and-total-peer-removal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"M6GcBzsrZOA7O5p0aTVt","title":"#38894 [BC-Low] Missing expiration check for Pong and Neighbors packets and not refreshing the endpoint proof","pathname":"/ethereum-protocol-or-attackathon/38894-bc-low-missing-expiration-check-for-pong-and-neighbors-packets-and-not-refreshing-the-endpoint","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"DrPjZzsL4xM6LVmIei1p","title":"#37568 [BC-Insight] missing specification logic","pathname":"/ethereum-protocol-or-attackathon/37568-bc-insight-missing-specification-logic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"XLD1BVj1fqHBv2U3oRB1","title":"#38855 [SC-Low] Evaluation order is not respected in `log` function","pathname":"/ethereum-protocol-or-attackathon/38855-sc-low-evaluation-order-is-not-respected-in-log-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"t11qbeOa07clSw7QsN1d","title":"#37505 [BC-Insight] Remotely spamming 1 byte leads to full peer removal and desync in both execution and consensus clients","pathname":"/ethereum-protocol-or-attackathon/37505-bc-insight-remotely-spamming-1-byte-leads-to-full-peer-removal-and-desync-in-both-execution-an","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"TBMqXhsgr8mhUmz9M9uZ","title":"#38850 [BC-Low] Remote P2P OOM Crash (GetBlockHeaders) / Reth","pathname":"/ethereum-protocol-or-attackathon/38850-bc-low-remote-p2p-oom-crash-getblockheaders-reth","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"12mrEWIFZe3fGjXcd8sK","title":"#37483 [BC-Insight] There is a trace discrepancy for Nethermind when handling EOF from PUSH opcode","pathname":"/ethereum-protocol-or-attackathon/37483-bc-insight-there-is-a-trace-discrepancy-for-nethermind-when-handling-eof-from-push-opcode","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"ZGhwTFoNOFrcODRJmKGA","title":"#38169 [SC-Insight] Deferred Evaluation Of `Default_Return_Value` May Skip Side Effect Execution","pathname":"/ethereum-protocol-or-attackathon/38169-sc-insight-deferred-evaluation-of-default_return_value-may-skip-side-effect-execution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"vjw6InTtKfOS4MU22PBN","title":"#37462 [BC-Low] Invalid RLP decoding for single bytes","pathname":"/ethereum-protocol-or-attackathon/37462-bc-low-invalid-rlp-decoding-for-single-bytes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"Et7JzknXcbIKxs5aNjb9","title":"#37442 [BC-Insight] Potential Address Collision with Precompile Contract During Contract Deployment","pathname":"/ethereum-protocol-or-attackathon/37442-bc-insight-potential-address-collision-with-precompile-contract-during-contract-deployment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"NdUfnmNBDc5fd7q9ohvL","title":"#38807 [BC-Low] DoS any reth node via ban logic exploit","pathname":"/ethereum-protocol-or-attackathon/38807-bc-low-dos-any-reth-node-via-ban-logic-exploit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"yiaZyeAmPVVDlJRvnJBP","title":"#38766 [BC-Insight] Nil Pointer Dereference Panics in encodePayload() of Blob Tx’s Encoding","pathname":"/ethereum-protocol-or-attackathon/38766-bc-insight-nil-pointer-dereference-panics-in-encodepayload-of-blob-txs-encoding","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"Bn2QCTkIdcV8SHbusyDQ","title":"#37351 [BC-Insight] Resubscribe Deadlocks When Unsubscribing Within An Unblock Channel","pathname":"/ethereum-protocol-or-attackathon/37351-bc-insight-resubscribe-deadlocks-when-unsubscribing-within-an-unblock-channel","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"KNSAdNfahR3utnzxrBbF","title":"#37359 [BC-Insight] Failure to Generate ABI Binding in Golang","pathname":"/ethereum-protocol-or-attackathon/37359-bc-insight-failure-to-generate-abi-binding-in-golang","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"9c1LQEEK5lHW2Sbjn0CZ","title":"#37352 [BC-Insight] Missing Liveness Check in `collectTableNodes()`","pathname":"/ethereum-protocol-or-attackathon/37352-bc-insight-missing-liveness-check-in-collecttablenodes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"sUYOc9EN1t5iSz7FLbP1","title":"#37466 [BC-Medium] Evil-client OOM crash (fast P2P crash)","pathname":"/ethereum-protocol-or-attackathon/37466-bc-medium-evil-client-oom-crash-fast-p2p-crash","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"CjN8XXK8YgFG8EEEqRJj","title":"#37593 [BC-Insight] Inconsistent Address Collision Check Against Precompile Contracts During Contract Deployment","pathname":"/ethereum-protocol-or-attackathon/37593-bc-insight-inconsistent-address-collision-check-against-precompile-contracts-during-contract-d","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"OGEoFJD3ZVjtrNxxKU4d","title":"#38598 [BC-Insight] GetReceiptsMsg abuse leads to the DoS and/or crash of every EL client in the Ethereum network","pathname":"/ethereum-protocol-or-attackathon/38598-bc-insight-getreceiptsmsg-abuse-leads-to-the-dos-and-or-crash-of-every-el-client-in-the-ethere","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"hKWNxYOEdAAJzItjmswx","title":"#37985 [SC-Low] Incorrectly Eliminate Code With Side Effect In Slice Args","pathname":"/ethereum-protocol-or-attackathon/37985-sc-low-incorrectly-eliminate-code-with-side-effect-in-slice-args","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"tl6UamEUNroP3XE3W1Kc","title":"#38686 [BC-Low] Nodes with trusted peers vulnerable to pending peer flooding and DoS","pathname":"/ethereum-protocol-or-attackathon/38686-bc-low-nodes-with-trusted-peers-vulnerable-to-pending-peer-flooding-and-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"eZcPkduvxegLDPoLFNxd","title":"#37199 [BC-Low] Potential Chain Fork Due to Shallow Copy of Byte Slice","pathname":"/ethereum-protocol-or-attackathon/37199-bc-low-potential-chain-fork-due-to-shallow-copy-of-byte-slice","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"xY5MhiUcC96VmXjvv2DI","title":"#37191 [BC-Insight] Unvalidated Field Names in Tuple ABI Parsing Causes Runtime Panic via reflect.StructOf","pathname":"/ethereum-protocol-or-attackathon/37191-bc-insight-unvalidated-field-names-in-tuple-abi-parsing-causes-runtime-panic-via-reflect.struc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"zaBjNOcRoIE8oVj0JCqq","title":"#37120 [BC-Insight] Remote handshake-based TCP/30303 flooding leads to an out-of-memory crash","pathname":"/ethereum-protocol-or-attackathon/37120-bc-insight-remote-handshake-based-tcp-30303-flooding-leads-to-an-out-of-memory-crash","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"uzlS6y9DKdvY9pKMhgin","title":"#37695 [BC-Insight] Executing transaction that has a wrong nonce might triggered a chain split due to mismatch stateroot","pathname":"/ethereum-protocol-or-attackathon/37695-bc-insight-executing-transaction-that-has-a-wrong-nonce-might-triggered-a-chain-split-due-to-m","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"C64BvGQaKjX8wsh8RDqA","title":"#37134 [BC-Insight] Improper secp256k sanitization","pathname":"/ethereum-protocol-or-attackathon/37134-bc-insight-improper-secp256k-sanitization","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"40AW5lZrnXK9c6nT1f4L","title":"#38554 [BC-Low] Incorrect Transaction Fee Check in `SendRawTransaction()`","pathname":"/ethereum-protocol-or-attackathon/38554-bc-low-incorrect-transaction-fee-check-in-sendrawtransaction","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"9inaXu1aRfmF5S0CK9Nn","title":"#38530 [SC-Low] Incorrectly Eliminated Code With Side Effect In Concat Args","pathname":"/ethereum-protocol-or-attackathon/38530-sc-low-incorrectly-eliminated-code-with-side-effect-in-concat-args","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"wAtdWsMWPXlmsOw40Hb0","title":"#38505 [SC-Low] IRNode Multi-Evaluation In For List Iter","pathname":"/ethereum-protocol-or-attackathon/38505-sc-low-irnode-multi-evaluation-in-for-list-iter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"2QRRVGpmw8hv86KqvkDc","title":"#38502 [BC-Low] Pending pool subtraction overflow causes node halt/shutdown","pathname":"/ethereum-protocol-or-attackathon/38502-bc-low-pending-pool-subtraction-overflow-causes-node-halt-shutdown","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"j8QXeajBbxFTcefxPkw1","title":"#37646 [BC-Insight] No implementation of BLOB_SIDECAR_SUBNET_COUNT with no issue and no PR in the GitHub","pathname":"/ethereum-protocol-or-attackathon/37646-bc-insight-no-implementation-of-blob_sidecar_subnet_count-with-no-issue-and-no-pr-in-the-githu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Ethereum Protocol | Attackathon"}]},{"id":"t7YxNp4j1gfuD0D2DRaZ","title":"Stacks II Attackathon","pathname":"/stacks-ii-attackathon","siteSpaceId":"sitesp_stpzW"},{"id":"mHjJWtlHKWvBEmlQxvqh","title":"#40692 [BC-High] Calling multiple withdrawals on a single transaction causes Signers to halt and the network to stop","pathname":"/stacks-ii-attackathon/40692-bc-high-calling-multiple-withdrawals-on-a-single-transaction-causes-signers-to-halt-and-the-ne","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"MLD7cEagGj16LXLabdxH","title":"#40655 [BC-Medium] Malicious signers can give different votes to other Signers to prevent sBTC withdrawal","pathname":"/stacks-ii-attackathon/40655-bc-medium-malicious-signers-can-give-different-votes-to-other-signers-to-prevent-sbtc-withdraw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"c9HgtrKe7pofHqDcCnnI","title":"#40731 [BC-Medium] A malicious signer can force a panic in the coordinator by sending `DkgFailure::BadPrivateShares` with an invalid signer ID","pathname":"/stacks-ii-attackathon/40731-bc-medium-a-malicious-signer-can-force-a-panic-in-the-coordinator-by-sending-dkgfailure-badpri","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"caXprudtmUc64CW24oz9","title":"#40770 [BC-Low] Unvalidated withdrawal events allow data manipulation and denial of service in Emily","pathname":"/stacks-ii-attackathon/40770-bc-low-unvalidated-withdrawal-events-allow-data-manipulation-and-denial-of-service-in-emily","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"qsSNAy9N4MNFIP25ghRj","title":"#41014 [BC-Low] The signer can submit multi-tx first to make the coordinator's submission fail","pathname":"/stacks-ii-attackathon/41014-bc-low-the-signer-can-submit-multi-tx-first-to-make-the-coordinators-submission-fail","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"lCuwFOmQF35uBHK0VFDe","title":"#40806 [BC-High] Users can submit deposits containing large `reclaim_scripts` to DoS Emily and Signers","pathname":"/stacks-ii-attackathon/40806-bc-high-users-can-submit-deposits-containing-large-reclaim_scripts-to-dos-emily-and-signers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"crNDjCtXHw4vwSqUfT6D","title":"#41111 [BC-Medium] A malicious signer could manipulate withdrawal decisions preventing accepted and rejected withdrawals from getting confirmed on Stacks chain","pathname":"/stacks-ii-attackathon/41111-bc-medium-a-malicious-signer-could-manipulate-withdrawal-decisions-preventing-accepted-and-rej","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"hVANfsHVGR1hQvGcPP6G","title":"#41202 [BC-Insight] A malicious signer can force a failure of the signature round by providing a key ID they don't own","pathname":"/stacks-ii-attackathon/41202-bc-insight-a-malicious-signer-can-force-a-failure-of-the-signature-round-by-providing-a-key-id","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"U1mcGNGUDI1hNoFDZTfd","title":"#41340 [BC-Insight] There is insecure Exposure of TRUSTED_REORG_API_KEY in Lambda and is can lead to Potential sBTC Withdrawal Manipulation","pathname":"/stacks-ii-attackathon/41340-bc-insight-there-is-insecure-exposure-of-trusted_reorg_api_key-in-lambda-and-is-can-lead-to-po","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"91gN0QnpNoSY0FjPSuNi","title":"#41597 [BC-Insight] Emily server can crash their connected Stacks node when processing a large number of events","pathname":"/stacks-ii-attackathon/41597-bc-insight-emily-server-can-crash-their-connected-stacks-node-when-processing-a-large-number-o","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"1tXIevT6ds9AeHK0sG0T","title":"#42404 [BC-Medium] A signer can OOM kill other signers during DKG verification","pathname":"/stacks-ii-attackathon/42404-bc-medium-a-signer-can-oom-kill-other-signers-during-dkg-verification","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"ZX5FkC1dKpDVySGR2P47","title":"#42747 [BC-High] Large BTC transactions with many sbtc deposits can permanently crash/halt all signers","pathname":"/stacks-ii-attackathon/42747-bc-high-large-btc-transactions-with-many-sbtc-deposits-can-permanently-crash-halt-all-signers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"dnofFzMyXQfleodIU2ac","title":"#42750 [BC-Insight] Subtraction overflow risk in WSTS FIRE coordinator","pathname":"/stacks-ii-attackathon/42750-bc-insight-subtraction-overflow-risk-in-wsts-fire-coordinator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"pSeGxpjHDRTCtXT8YoAT","title":"#42752 [BC-High] Signer can be DOSed through their libp2p component","pathname":"/stacks-ii-attackathon/42752-bc-high-signer-can-be-dosed-through-their-libp2p-component","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"4sQSpyZ1K1mRf7vDMjFi","title":"#42764 [BC-Low] A BTC wallet on signer blocklists can cause network DoS","pathname":"/stacks-ii-attackathon/42764-bc-low-a-btc-wallet-on-signer-blocklists-can-cause-network-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"p1AvGwoUI5AwJn6VWGqn","title":"#42773 [BC-Medium] Signers can be compromised by a libp2p DoS attack","pathname":"/stacks-ii-attackathon/42773-bc-medium-signers-can-be-compromised-by-a-libp2p-dos-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Stacks II Attackathon"}]},{"id":"h5pcaa4wHIyHKjjmGoWN","title":"Movement Labs Attackathon","pathname":"/movement-labs-attackathon","siteSpaceId":"sitesp_stpzW"},{"id":"NncUn0j8L9AcVHwvIhC2","title":"#41023 [BC-Insight] Incomplete transaction decrementing leading to undesired behaviour","pathname":"/movement-labs-attackathon/41023-bc-insight-incomplete-transaction-decrementing-leading-to-undesired-behaviour","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"wuANgDmI0oUoj3M5b3YZ","title":"#41012 [BC-Critical] Unintended Chain Split in Movement Full Node","pathname":"/movement-labs-attackathon/41012-bc-critical-unintended-chain-split-in-movement-full-node","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"PH7CUgxDls0wgqGZdAUK","title":"#41235 [BC-Insight] Incorrect celestia bridge keyring flag causes network partition in data availability layer","pathname":"/movement-labs-attackathon/41235-bc-insight-incorrect-celestia-bridge-keyring-flag-causes-network-partition-in-data-availabilit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"OqgRWrLwEQpENsvX6xpd","title":"#41255 [BC-Medium] Blocking sleep in async context leads to thread pool exhaustion and DoS","pathname":"/movement-labs-attackathon/41255-bc-medium-blocking-sleep-in-async-context-leads-to-thread-pool-exhaustion-and-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"1Mgcs3XjqdUesRmv2emS","title":"#41243 [BC-Insight] The mempool garbage collector doesn't fully execute garbage collection on each iteration","pathname":"/movement-labs-attackathon/41243-bc-insight-the-mempool-garbage-collector-doesnt-fully-execute-garbage-collection-on-each-itera","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"eqzSmlc8M48QUAbDzZwo","title":"#41324 [BC-Insight] Celestia auth tokens can be stolen by sniffing websocket requests","pathname":"/movement-labs-attackathon/41324-bc-insight-celestia-auth-tokens-can-be-stolen-by-sniffing-websocket-requests","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"osa3ay7nNkIHIEmcLcrj","title":"#41334 [BC-Critical] Attacker can publish a blob that cannot be deserialized and shut down the movement chain","pathname":"/movement-labs-attackathon/41334-bc-critical-attacker-can-publish-a-blob-that-cannot-be-deserialized-and-shut-down-the-movement","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"olNgqa21hBJV2yHfbrpK","title":"#41337 [BC-Insight] Channel buffer size in block proposer is too low leading to network delays and resource exhaustion","pathname":"/movement-labs-attackathon/41337-bc-insight-channel-buffer-size-in-block-proposer-is-too-low-leading-to-network-delays-and-reso","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"7XCjozZINcTbzxYaXSYK","title":"#41368 [BC-High] RPC server takedown","pathname":"/movement-labs-attackathon/41368-bc-high-rpc-server-takedown","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"kE0OAObmlKcFeXVCW3nH","title":"#41373 [BC-High] Premature transaction acceptance to mempool/DA without signature validation","pathname":"/movement-labs-attackathon/41373-bc-high-premature-transaction-acceptance-to-mempool-da-without-signature-validation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"2BivMvpOn5nyEwfeIxkZ","title":"41437 [BC-High] an edge case allows duplicate transactions to be added to the mempool of the sequencer","pathname":"/movement-labs-attackathon/41437-bc-high-an-edge-case-allows-duplicate-transactions-to-be-added-to-the-mempool-of-the-sequencer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"sRral9ybT7KMKpeoqF87","title":"#41466 [BC-Medium] Incorrect sequence number tracking in mempool commit","pathname":"/movement-labs-attackathon/41466-bc-medium-incorrect-sequence-number-tracking-in-mempool-commit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"mt6CsdaJglIdtr5w4rdR","title":"#41489 [BC-Critical] Blob sizes remain unchecked leading to chain halt","pathname":"/movement-labs-attackathon/41489-bc-critical-blob-sizes-remain-unchecked-leading-to-chain-halt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"HcTyLfkD7z56f03Qk2UB","title":"#41516 [BC-High] The attacker exceeds the number of transactions TOO_NEW_TOLERANCE and performs a DoS attack.","pathname":"/movement-labs-attackathon/41516-bc-high-the-attacker-exceeds-the-number-of-transactions-too_new_tolerance-and-performs-a-dos-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"q60UXVs9lWI9WmFc1Mqh","title":"#41518 [BC-High] The transaction to modify the gas price was not processed.","pathname":"/movement-labs-attackathon/41518-bc-high-the-transaction-to-modify-the-gas-price-was-not-processed.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"4KVdv47aSVjUPkoaeKcU","title":"#41531 [BC-Critical] Attackers can drain the sequencer’s wallet and DoS network by submitting transactions from unfunded accounts","pathname":"/movement-labs-attackathon/41531-bc-critical-attackers-can-drain-the-sequencers-wallet-and-dos-network-by-submitting-transactio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"xp5zoBO2OfSB168pR0Xn","title":"#41560 [BC-Insight] BlobType of BlobResponse can never be SequencedBlobBlock","pathname":"/movement-labs-attackathon/41560-bc-insight-blobtype-of-blobresponse-can-never-be-sequencedblobblock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"JAfHcXbYkXJpUrxecBRt","title":"#41594 [BC-Insight] Invalid URL format in TcpListener binding prevents REST API from starting","pathname":"/movement-labs-attackathon/41594-bc-insight-invalid-url-format-in-tcplistener-binding-prevents-rest-api-from-starting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"PIvXEDjlEZPnpGc1pfrt","title":"#41618 [BC-Insight] Timestamp unit doesn't match in GcCounter which causes premature transaction eviction","pathname":"/movement-labs-attackathon/41618-bc-insight-timestamp-unit-doesnt-match-in-gccounter-which-causes-premature-transaction-evictio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"sQCjcKIdzZ1h5oZDjFxP","title":"#41669 [BC-Medium] Incorrect Gas Cost Used for BLS12381 Subgroup Check Causes ~70% Undercharge","pathname":"/movement-labs-attackathon/41669-bc-medium-incorrect-gas-cost-used-for-bls12381-subgroup-check-causes-70-undercharge","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Od8IfbJPZYpKAXp0e3jt","title":"#41678 [BC-Medium] Transactions directly sent to the passthrough will cause the mempool to accept more transactions than the `inflight_limit`","pathname":"/movement-labs-attackathon/41678-bc-medium-transactions-directly-sent-to-the-passthrough-will-cause-the-mempool-to-accept-more","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"XuJBvdtjFLL3Z5poqNnH","title":"#41686 [BC-High] The passthrough DA light node streams transactions instead of blocks which means that the block cannot be deserialized","pathname":"/movement-labs-attackathon/41686-bc-high-the-passthrough-da-light-node-streams-transactions-instead-of-blocks-which-means-that","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Yz1098LhhqsmKAzSp8P1","title":"41714 [BC-High] tampering the id of signed transactions to prevent others from executing","pathname":"/movement-labs-attackathon/41714-bc-high-tampering-the-id-of-signed-transactions-to-prevent-others-from-executing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"lgTNi8IK2ZS7QIgrBzrs","title":"41715 [BC-High] manipulating the sequence number of signed transactions to reorder them or prevent their execution","pathname":"/movement-labs-attackathon/41715-bc-high-manipulating-the-sequence-number-of-signed-transactions-to-reorder-them-or-prevent-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"BJJJskEQgy1quMlvBUPF","title":"#41722 [BC-High] The passthrough DA light node does not prevalidate transactions which leads to non-deserializable transactions that prevent execution","pathname":"/movement-labs-attackathon/41722-bc-high-the-passthrough-da-light-node-does-not-prevalidate-transactions-which-leads-to-non-des","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"MF5tAhkXRIQNsaUcj6C3","title":"#41731 [BC-Insight] Race Condition in try_to_sign can lead to unverifiable blocks and/or blobs","pathname":"/movement-labs-attackathon/41731-bc-insight-race-condition-in-try_to_sign-can-lead-to-unverifiable-blocks-and-or-blobs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"smCcLxama4jbGqWh1K2d","title":"#41794 [BC-High] Not having any whitelisted account completely disables the prevalidator leading to transactions that cannot be deserialized","pathname":"/movement-labs-attackathon/41794-bc-high-not-having-any-whitelisted-account-completely-disables-the-prevalidator-leading-to-tra","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"IZKByEJwwKdxleij1qlM","title":"#41811 [BC-Insight] Configuration data loss in configfile's `try_set_with_guard` due to missing file cursor reset","pathname":"/movement-labs-attackathon/41811-bc-insight-configuration-data-loss-in-configfiles-try_set_with_guard-due-to-missing-file-curso","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"oXWm17J0g4hdgOSVk0cp","title":"#41855 [SC-Insight] User is able to circumvent blocklist check by utilizing Solidity's implementation","pathname":"/movement-labs-attackathon/41855-sc-insight-user-is-able-to-circumvent-blocklist-check-by-utilizing-soliditys-implementation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"C4HbjVEpTLIzl6ppIaJq","title":"#41864 [BC-Medium] When Memseq selects a transaction from a particular user to include in a block, it does not remove transactions from Memseq that have a sequence_number less than or equal to the t...","pathname":"/movement-labs-attackathon/41864-bc-medium-when-memseq-selects-a-transaction-from-a-particular-user-to-include-in-a-block-it-do","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"PUfyfKRZiKVhVkaPHVGx","title":"41878 [BC-High] edge case allows replaying user transactions to fill the mempool","pathname":"/movement-labs-attackathon/41878-bc-high-edge-case-allows-replaying-user-transactions-to-fill-the-mempool","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"4wHRwIwRwQ7hgYcImXU9","title":"#41945 [BC-Insight] Optimization in `to_eip55_checksumed_address()` in `aptos_framework::ethereum::()` module","pathname":"/movement-labs-attackathon/41945-bc-insight-optimization-in-to_eip55_checksumed_address-in-aptos_framework-ethereum-module","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"sBUky3jxT3hRoIB3IPgC","title":"#41899 [BC-Insight] NatSpec of several functions in `ethereum.move` is wrong","pathname":"/movement-labs-attackathon/41899-bc-insight-natspec-of-several-functions-in-ethereum.move-is-wrong","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"PhjHjF8w3o54EPYMpkUb","title":"#41978 [BC-Insight] Values of the current gc_slot can be garbage collected in edge case","pathname":"/movement-labs-attackathon/41978-bc-insight-values-of-the-current-gc_slot-can-be-garbage-collected-in-edge-case","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"97M457SO8TaamJRa3ZWx","title":"#41980 [BC-Insight] Full nodes panic in read-only mode whenever a transaction is sent","pathname":"/movement-labs-attackathon/41980-bc-insight-full-nodes-panic-in-read-only-mode-whenever-a-transaction-is-sent","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"l4ebhoj6Mfp4DpsHUBeY","title":"#41985 [BC-Insight] Using the test keyring backend is insecure","pathname":"/movement-labs-attackathon/41985-bc-insight-using-the-test-keyring-backend-is-insecure","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"KslaDfh4C8CUsYCzSg3S","title":"41987 bc critical oversized blocks split the chain","pathname":"/movement-labs-attackathon/41987-bc-critical-oversized-blocks-split-the-chain","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"MyULkUX3bF6sCYXJaB8j","title":"#42011 [BC-High] Duplicate tx IDs in blockchain blocks are possible","pathname":"/movement-labs-attackathon/42011-bc-high-duplicate-tx-ids-in-blockchain-blocks-are-possible","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"ieUWhY2co5i2r0ktTBq7","title":"#42102 [BC-High] uncontrolled resource consumption is resulting in OOM via RPC (public one)","pathname":"/movement-labs-attackathon/42102-bc-high-uncontrolled-resource-consumption-is-resulting-in-oom-via-rpc-public-one","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"elJYMMSJsUzo6H6wDt6n","title":"#42112 [BC-Critical] Using `blob.GetAll` instead of `blob.Get` for Celestia DA opens full nodes to fraudulent block attacks","pathname":"/movement-labs-attackathon/42112-bc-critical-using-blob.getall-instead-of-blob.get-for-celestia-da-opens-full-nodes-to-fraudule","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"0uYoSOea4fBvVKk5x2vv","title":"#42143 [BC-Critical] Decompressing a maliciously crafted blob leads to shutting down all Movement DA Light Nodes in a Movement based network which using a centralized Sequencer.","pathname":"/movement-labs-attackathon/42143-bc-critical-decompressing-a-maliciously-crafted-blob-leads-to-shutting-down-all-movement-da-li","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"0Qi4CiwdSprNRjRX7wlY","title":"42153 [BC-Critical] attackers can exploit bug in blob verification to execute replay attack by re executing blobs","pathname":"/movement-labs-attackathon/42153-bc-critical-attackers-can-exploit-bug-in-blob-verification-to-execute-replay-attack-by-re-exec","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"OyjnrifDNqQECnnaGF96","title":"#42222 [BC-Insight] Garbage Collector can fail to run in a timely manner if building_time_ms is set to a low value","pathname":"/movement-labs-attackathon/42222-bc-insight-garbage-collector-can-fail-to-run-in-a-timely-manner-if-building_time_ms-is-set-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"FbItOXlILkuIXsphIe6N","title":"42233 [BC-Critical] critical dos vulnerability in movement network s da layer due to zstd bomb blob exploit ","pathname":"/movement-labs-attackathon/42233-bc-critical-critical-dos-vulnerability-in-movement-network-s-da-layer-due-to-zstd-bomb-blob-ex","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"338XfH1SZPRGYz2UHSYQ","title":"#42234 [BC-Insight] Missing Match Arm in to_single_key_authenticators() Allows WebAuthn Signatures Despite WEBAUTHN_SIGNATURE Being Disabled","pathname":"/movement-labs-attackathon/42234-bc-insight-missing-match-arm-in-to_single_key_authenticators-allows-webauthn-signatures-despit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"GcSClI2bSQQiVa06N1hw","title":"#42395 [BC-High] Movement does not allow overwriting transactions with a higher priority, breaking Aptos mempool logic","pathname":"/movement-labs-attackathon/42395-bc-high-movement-does-not-allow-overwriting-transactions-with-a-higher-priority-breaking-aptos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"MDkw6X2yVViqI7q6ZeI1","title":"#42298 [BC-Critical] Blocks from Celestia are not executed in order which breaks sequencer logic and application priorities","pathname":"/movement-labs-attackathon/42298-bc-critical-blocks-from-celestia-are-not-executed-in-order-which-breaks-sequencer-logic-and-ap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"5vz2EJz4E98iQ0XKkuUw","title":"#42430 [BC-Insight] `add_mempool_transaction()` does not check if the transaction already exist in the mempool","pathname":"/movement-labs-attackathon/42430-bc-insight-add_mempool_transaction-does-not-check-if-the-transaction-already-exist-in-the-memp","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Z5o4WW7mK6GSpCyjr9zq","title":"#42480 [BC-Medium] Unable to deposit the gas fee into the `governed_gas_pool` when using `deposit_from_fungible_store`","pathname":"/movement-labs-attackathon/42480-bc-medium-unable-to-deposit-the-gas-fee-into-the-governed_gas_pool-when-using-deposit_from_fun","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"hbEcl5nhZLQTfhrD5CGC","title":"#42495 [BC-High] The Tonic Request/Response Size Limit prevents data from being submitted to the da_light_node","pathname":"/movement-labs-attackathon/42495-bc-high-the-tonic-request-response-size-limit-prevents-data-from-being-submitted-to-the-da_lig","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"X63vr7aYHhpjk8e9Fuki","title":"42513 [BC-High] users might loose storage gas fee refund due to governed gas pool feature of movement logic bug ","pathname":"/movement-labs-attackathon/42513-bc-high-users-might-loose-storage-gas-fee-refund-due-to-governed-gas-pool-feature-of-movement","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"VfGtMsgupsNuf792GeyP","title":"#42535 [BC-High] Garbage collecting in flight transactions can lead to spiraling network delays","pathname":"/movement-labs-attackathon/42535-bc-high-garbage-collecting-in-flight-transactions-can-lead-to-spiraling-network-delays","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"GiA6rXakM9oup84t0fTB","title":"#42557 [BC-Low] Remote signing methods can fail which will turn off the light node block proposer","pathname":"/movement-labs-attackathon/42557-bc-low-remote-signing-methods-can-fail-which-will-turn-off-the-light-node-block-proposer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"x66LXUvI31vFPKoKl0Fu","title":"#42648 [BC-High] Altering the application_priority to fill a block, temporary freezing user transactions","pathname":"/movement-labs-attackathon/42648-bc-high-altering-the-application_priority-to-fill-a-block-temporary-freezing-user-transactions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"6o1A4M62ZkYVZe7ZhyVj","title":"#42761 [BC-High] Memseq does not verify client-specified expiration for transactions before including them in DA (Data Availability).","pathname":"/movement-labs-attackathon/42761-bc-high-memseq-does-not-verify-client-specified-expiration-for-transactions-before-including-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"xsjpC5GDCeM94hD9EEcd","title":"#42749 [BC-Critical] Attacker can send digests directly to Celestia to reorder block execution","pathname":"/movement-labs-attackathon/42749-bc-critical-attacker-can-send-digests-directly-to-celestia-to-reorder-block-execution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"IOYJkWfWJ0geFbloOIf9","title":"42762 [BC-High] new accounts break the pipe mempool invariant that prevents duplicate transactions from filling the mempool","pathname":"/movement-labs-attackathon/42762-bc-high-new-accounts-break-the-pipe-mempool-invariant-that-prevents-duplicate-transactions-fro","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"1ywNDsbqsRTOrboPDD4p","title":"#42837 [BC-Critical] total network shutdown","pathname":"/movement-labs-attackathon/42837-bc-critical-total-network-shutdown","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"kcnFObtDEmq0n0eYLuJV","title":"#42859 [BC-Insight] Pub key format mismatch in `InKnownSignersVerifier`","pathname":"/movement-labs-attackathon/42859-bc-insight-pub-key-format-mismatch-in-inknownsignersverifier","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"xjse1xg7Ubs4ZZBN2fWR","title":"#42895 [BC-Insight] Misuse of error","pathname":"/movement-labs-attackathon/42895-bc-insight-misuse-of-error","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"yLgFac120vGYZ2iTC45Q","title":"#42896 [BC-High] attackers can exploit sequence number tolerance mechanism to to cause movement network da lightnode loose money for submitting failed blocks to celestia ","pathname":"/movement-labs-attackathon/42896-bc-high-attackers-can-exploit-sequence-number-tolerance-mechanism-to-to-cause-movement-network","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"8louV0QIjBOadNyvmCpA","title":"#42903 [BC-High] Attackers are able to submit multiple dupplicate transactions due to mismatched Mempool Implementation","pathname":"/movement-labs-attackathon/42903-bc-high-attackers-are-able-to-submit-multiple-dupplicate-transactions-due-to-mismatched-mempoo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"CzsZhsobXdFdguqSTXao","title":"#42925 [BC-Insight] Transactions won't be included on Celestia when the gas price is high, and the transactions on Movement will be forgotten","pathname":"/movement-labs-attackathon/42925-bc-insight-transactions-wont-be-included-on-celestia-when-the-gas-price-is-high-and-the-transa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"0nTev1NuAViiGJiYEjqU","title":"#42930 [BC-High] Users are unable to increase their gas resulting in stuck funds","pathname":"/movement-labs-attackathon/42930-bc-high-users-are-unable-to-increase-their-gas-resulting-in-stuck-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"a08G8Rgjbk6DF9tuvZlS","title":"#42928 [BC-Medium] Depositing gas fees into the governed gas pool does not work when the CoinStore is frozen","pathname":"/movement-labs-attackathon/42928-bc-medium-depositing-gas-fees-into-the-governed-gas-pool-does-not-work-when-the-coinstore-is-f","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"OGVqto7381T0YxH6hkVJ","title":"#42933 [BC-Medium] Integer Underflow in Garbage Collection Logic of UsedSequenceNumberPool disrupting transaction processing","pathname":"/movement-labs-attackathon/42933-bc-medium-integer-underflow-in-garbage-collection-logic-of-usedsequencenumberpool-disrupting-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"uVObPPbtKfkBhIvOwtti","title":"#42934 [BC-High] Improper input validation in KeylessSignature causes full-node panic","pathname":"/movement-labs-attackathon/42934-bc-high-improper-input-validation-in-keylesssignature-causes-full-node-panic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"6lf6n1TD838niBiKd66w","title":"#42936 [BC-Critical] Potential Deadlock or Panic Due to Concurrent Lock Acquisition in `TransactionPipe`","pathname":"/movement-labs-attackathon/42936-bc-critical-potential-deadlock-or-panic-due-to-concurrent-lock-acquisition-in-transactionpipe","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"gUsMVE2po65KDm4CdpoE","title":"#42937 [BC-Insight] Public Exposure of Validator Signer Private Key in Executor Struct","pathname":"/movement-labs-attackathon/42937-bc-insight-public-exposure-of-validator-signer-private-key-in-executor-struct","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"XupbQgZP6hyqDp0yMWvg","title":"#42938 [BC-Insight] Inefficient Garbage Collection Implementation in `UsedSequenceNumberPool`","pathname":"/movement-labs-attackathon/42938-bc-insight-inefficient-garbage-collection-implementation-in-usedsequencenumberpool","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Siezn77X9awEHDtdY7DK","title":"#42939 [BC-Insight] Transaction expiration is not validated correctly in mempool and sequencer","pathname":"/movement-labs-attackathon/42939-bc-insight-transaction-expiration-is-not-validated-correctly-in-mempool-and-sequencer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"kYI2zhOvrAnX0lHb8afm","title":"#42940 [BC-Medium] Suboptimal Lock Holding During Logging in `decrement_transactions_in_flight`","pathname":"/movement-labs-attackathon/42940-bc-medium-suboptimal-lock-holding-during-logging-in-decrement_transactions_in_flight","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"jrIEUHbgT2qeQwlQltW8","title":"#42991 [BC-High] User can reuse sequence number causing DOS & breaking core invariant","pathname":"/movement-labs-attackathon/42991-bc-high-user-can-reuse-sequence-number-causing-dos-and-breaking-core-invariant","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"PhaVxF6Hji87aFKmLzPt","title":"#42941 [BC-Critical] [Critical] Network-Wide Denial of Service Through Unrecoverable Block Execution Failures","pathname":"/movement-labs-attackathon/42941-bc-critical-critical-network-wide-denial-of-service-through-unrecoverable-block-execution-fail","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"075npKvgX5rFjZbtP0Ux","title":"#43017 [BC-High] Prevalidation does not validate application priority, sequence number and ID","pathname":"/movement-labs-attackathon/43017-bc-high-prevalidation-does-not-validate-application-priority-sequence-number-and-id","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"frL2ylsdKUG0cvGWGVR8","title":"#43014 [BC-Critical] finite Deadlock of Transactions (No Automatic Timeout + Sequential Execution) on multisig implementation","pathname":"/movement-labs-attackathon/43014-bc-critical-finite-deadlock-of-transactions-no-automatic-timeout-+-sequential-execution-on-mul","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"ICWnmgbOF0eqLh6Er8yN","title":"#43054 [BC-High] malicious light node can dos the full node","pathname":"/movement-labs-attackathon/43054-bc-high-malicious-light-node-can-dos-the-full-node","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"a0bqg9xnTKnIJAtQT3H5","title":"#43038 [BC-Insight] There is a permanent operator lockout came from an unsafe key rotation","pathname":"/movement-labs-attackathon/43038-bc-insight-there-is-a-permanent-operator-lockout-came-from-an-unsafe-key-rotation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"mWaOgy3Ybi3MsZwkk9mV","title":"#43108 [BC-Critical] attackers can front run transactions in celestia mempool to cause transactions of many users revert unexpectedly ","pathname":"/movement-labs-attackathon/43108-bc-critical-attackers-can-front-run-transactions-in-celestia-mempool-to-cause-transactions-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"pb2g8z1pJF95Q2OAU4f5","title":"#43110 [BC-Critical] Validator can DoS the DA Layer by requesting a big range of blobs","pathname":"/movement-labs-attackathon/43110-bc-critical-validator-can-dos-the-da-layer-by-requesting-a-big-range-of-blobs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"H2KTmIHdr2RnCFCX54pe","title":"#43132 [BC-Medium] upgrade_burn_percentage Resets Block Proposer, Blocking Fee Distribution","pathname":"/movement-labs-attackathon/43132-bc-medium-upgrade_burn_percentage-resets-block-proposer-blocking-fee-distribution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"vRZnhnnBovzsflnhFp8Y","title":"#43114 [BC-Critical] attackers can cause total shutdown network by exploiting missing of blob size check in da lightnode","pathname":"/movement-labs-attackathon/43114-bc-critical-attackers-can-cause-total-shutdown-network-by-exploiting-missing-of-blob-size-chec","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"fnQvXRbYM2ZQuQSMSJ2T","title":"#43135 [BC-High] `epilogue_gas_payer` Silently Drops Excess Storage Fee Refunds Under Governed Gas Pool","pathname":"/movement-labs-attackathon/43135-bc-high-epilogue_gas_payer-silently-drops-excess-storage-fee-refunds-under-governed-gas-pool","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"xd1Yo8BLDoy5FYxzaMjj","title":"#43136 [BC-High] Multiple transactions sent by the same account in the same block timeframe can get stuck in the TranactionPipe core_mempool","pathname":"/movement-labs-attackathon/43136-bc-high-multiple-transactions-sent-by-the-same-account-in-the-same-block-timeframe-can-get-stu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"cgrM20aMOUMvWJdJcXOL","title":"#43137 [BC-Medium] Multiple Transactions from the same account with increasing sequence number and priorities will be sorted incorrectly in the block causing some to fail","pathname":"/movement-labs-attackathon/43137-bc-medium-multiple-transactions-from-the-same-account-with-increasing-sequence-number-and-prio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"ucrXuemF3KF49l7f5c8Y","title":"#43148 [BC-Medium] Potential unhandled panic in protocol-units::execution::maptos::opt-executor::executor/mod::decrement_transactions_in_flight","pathname":"/movement-labs-attackathon/43148-bc-medium-potential-unhandled-panic-in-protocol-units-execution-maptos-opt-executor-executor-m","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Zn9bLrqyebI38CCfvgws","title":"#43150 [BC-High] Excessive transaction processing caused by a faulty garbage collector in transaction_pipe.rs","pathname":"/movement-labs-attackathon/43150-bc-high-excessive-transaction-processing-caused-by-a-faulty-garbage-collector-in-transaction_p","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"PYmZURNYozQgWMQrAxjt","title":"#43177 [BC-Critical] dos vulnerability in da light node via unbounded height parameter","pathname":"/movement-labs-attackathon/43177-bc-critical-dos-vulnerability-in-da-light-node-via-unbounded-height-parameter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Xr12vZJ0NTSvrliKWLoA","title":"#43184 [BC-Insight] Vulnerable `Secp256k1` version allows validation of malformed signatures","pathname":"/movement-labs-attackathon/43184-bc-insight-vulnerable-secp256k1-version-allows-validation-of-malformed-signatures","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"zJNxJf8jLlBlptaDvWrg","title":"#43168 [BC-Insight] Under normal usage of the blockchain, transactions will not be persisted","pathname":"/movement-labs-attackathon/43168-bc-insight-under-normal-usage-of-the-blockchain-transactions-will-not-be-persisted","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"0LHyWcLAqMUJoo40kOvX","title":"#43186 [BC-Insight] Flawed documentation when streaming da blobs leads to confusion","pathname":"/movement-labs-attackathon/43186-bc-insight-flawed-documentation-when-streaming-da-blobs-leads-to-confusion","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"poPKEbo9Xk093NQ7Wb5n","title":"#43190 [BC-Critical] Deadlock in `submit_transaction()`","pathname":"/movement-labs-attackathon/43190-bc-critical-deadlock-in-submit_transaction","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"YQvgntm2WWdNWbo3IZpZ","title":"#43187 [BC-Insight] Movement Full Node Panics and Crashes Uncleanly on Connection failure with DA Light Node","pathname":"/movement-labs-attackathon/43187-bc-insight-movement-full-node-panics-and-crashes-uncleanly-on-connection-failure-with-da-light","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"kEBMWqbv7aE5bSa1FAyp","title":"#43214 [BC-Critical] Unchecked transaction size allows malicious users to DOS honest users transactions","pathname":"/movement-labs-attackathon/43214-bc-critical-unchecked-transaction-size-allows-malicious-users-to-dos-honest-users-transactions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"DsJsNyrEwF1Hwp30CiAi","title":"#43191 [BC-High] DOS attack by sending transactions that pass the sufficient balance test when entering mempool but fail it in execution","pathname":"/movement-labs-attackathon/43191-bc-high-dos-attack-by-sending-transactions-that-pass-the-sufficient-balance-test-when-entering","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"mOPpLeDhnNy2dkGGxSIt","title":"#43217 [BC-Insight] Incorrect public key notification after key rotation","pathname":"/movement-labs-attackathon/43217-bc-insight-incorrect-public-key-notification-after-key-rotation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Qy3lj3AnjiGoFWR4dJjP","title":"#43220 [BC-Insight] The GC_INTERVAL might not be fitting for the configured sequence_number_ttl_ms","pathname":"/movement-labs-attackathon/43220-bc-insight-the-gc_interval-might-not-be-fitting-for-the-configured-sequence_number_ttl_ms","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"1MwfTeeAIOHWHsEGj43H","title":"#43221 [BC-Insight] Expired transactions prevent new submissions due to delayed garbage collection","pathname":"/movement-labs-attackathon/43221-bc-insight-expired-transactions-prevent-new-submissions-due-to-delayed-garbage-collection","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"RKAp0PufqPdqxQMBL22i","title":"#43222 [BC-High] A transaction with sequence number 0 can be submitted multiple times","pathname":"/movement-labs-attackathon/43222-bc-high-a-transaction-with-sequence-number-0-can-be-submitted-multiple-times","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"zc22zQNp7A18WHOVvRyJ","title":"#43229 [BC-High] There is a bug can allows malicious data to enter the DA layer and be signed by a legitimate node","pathname":"/movement-labs-attackathon/43229-bc-high-there-is-a-bug-can-allows-malicious-data-to-enter-the-da-layer-and-be-signed-by-a-legi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"MBbm95qOA16fiJ0XQ04m","title":"#43241 [BC-High] Attackers can drain TIA from nodes in networks running in passthrough mode","pathname":"/movement-labs-attackathon/43241-bc-high-attackers-can-drain-tia-from-nodes-in-networks-running-in-passthrough-mode","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"wQ5g7zFlpj2VJimy0zra","title":"#43243 [BC-Critical] Attacker can halt chains operating in sequencer mode","pathname":"/movement-labs-attackathon/43243-bc-critical-attacker-can-halt-chains-operating-in-sequencer-mode","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"BefV9XYTXahTbJ2JV1RW","title":"#43244 [BC-Critical] Lack of TCP timeout allows attacker to crash the sequencer via the Light Node Service","pathname":"/movement-labs-attackathon/43244-bc-critical-lack-of-tcp-timeout-allows-attacker-to-crash-the-sequencer-via-the-light-node-serv","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"bWt3yJKR5e4jVbOAa91G","title":"#43250 [BC-Critical] Excessive TCP timeout allows attacker to crash the sequencer via the indexer service","pathname":"/movement-labs-attackathon/43250-bc-critical-excessive-tcp-timeout-allows-attacker-to-crash-the-sequencer-via-the-indexer-servi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"DhQBdLsy51RY8er3Wu4b","title":"#43251 [BC-Critical] Lack of TCP timeout allows attacker to crash the sequencer via the finality viewer service","pathname":"/movement-labs-attackathon/43251-bc-critical-lack-of-tcp-timeout-allows-attacker-to-crash-the-sequencer-via-the-finality-viewer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"ga9Annraow8J0HPnuKxN","title":"#43246 [BC-Critical] Lack of TCP timeout allows attacker to crash the sequencer via the maptos-opt-executor service","pathname":"/movement-labs-attackathon/43246-bc-critical-lack-of-tcp-timeout-allows-attacker-to-crash-the-sequencer-via-the-maptos-opt-exec","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"BfeG38ItRXB440CKrdN6","title":"#43253 [BC-Critical] Attackers can drain TIA from nodes in networks running in sequencer mode","pathname":"/movement-labs-attackathon/43253-bc-critical-attackers-can-drain-tia-from-nodes-in-networks-running-in-sequencer-mode","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Jnqpv3S4JtmCsuHQx2Zk","title":"#43255 [BC-Medium] user transactions might be lost due to missing error handling in celestia rpc client requests blob submit failure ","pathname":"/movement-labs-attackathon/43255-bc-medium-user-transactions-might-be-lost-due-to-missing-error-handling-in-celestia-rpc-client","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"rPKSak3rs55DWJsTIN8R","title":"#43267 [BC-Insight] Potential Indefinite Hang (Denial of Service) in Full Node DA Sync Due to Missing Stream Timeout For Light Node Connection","pathname":"/movement-labs-attackathon/43267-bc-insight-potential-indefinite-hang-denial-of-service-in-full-node-da-sync-due-to-missing-str","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"g9jlAI0Jn521arelqxyx","title":"#43287 [BC-Low] Certain fees are unaccounted for causing failed transactions","pathname":"/movement-labs-attackathon/43287-bc-low-certain-fees-are-unaccounted-for-causing-failed-transactions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"mNBYKXJX1KergliQ5AHr","title":"#43288 [BC-Critical] Attackers could force Nodes to process TraAttackers could force Nodes to process Transactions in wrong order, by attacking moveRocks/sequencing implementation","pathname":"/movement-labs-attackathon/43288-bc-critical-attackers-could-force-nodes-to-process-traattackers-could-force-nodes-to-process-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"dyCapjtIRTW5jWKCz3cE","title":"#43290 [BC-Critical] Anyone can send a write_batch to the DA node, enabling a DOS attack that shuts down the network","pathname":"/movement-labs-attackathon/43290-bc-critical-anyone-can-send-a-write_batch-to-the-da-node-enabling-a-dos-attack-that-shuts-down","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"vz2r2QuP6s0ixI7Yqe4G","title":"#43303 [BC-Medium] The call to `commit_transaction()` includes the wrong sequence number","pathname":"/movement-labs-attackathon/43303-bc-medium-the-call-to-commit_transaction-includes-the-wrong-sequence-number","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"uVOnqMkc8pI2OKSHkA7n","title":"#43307 [BC-High] Not verifying the signatures upon execution leads to direct loss of funds","pathname":"/movement-labs-attackathon/43307-bc-high-not-verifying-the-signatures-upon-execution-leads-to-direct-loss-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"HMlkmR32Xz1pAJ2aQrS7","title":"#43312 [BC-Medium] get_state_proof() is called with the current version leading to the epoch_changes of the StateProof always being empty","pathname":"/movement-labs-attackathon/43312-bc-medium-get_state_proof-is-called-with-the-current-version-leading-to-the-epoch_changes-of-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"Zv2KeLFm8vhhSzL5ofR8","title":"#43315 [BC-Critical] DA Light Node Can Be DoSed Due to Lack of Batch Validation","pathname":"/movement-labs-attackathon/43315-bc-critical-da-light-node-can-be-dosed-due-to-lack-of-batch-validation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"hPA4gC0RfPH9i8WYaCjS","title":"#43322 [BC-High] inadequate transaction validation in da light node allows unprocessable block creation","pathname":"/movement-labs-attackathon/43322-bc-high-inadequate-transaction-validation-in-da-light-node-allows-unprocessable-block-creation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"8DvCEOx9h8pPEKSm1kWD","title":"#43324 [BC-High] insufficient validation in da light node allows malicious override of application priority ","pathname":"/movement-labs-attackathon/43324-bc-high-insufficient-validation-in-da-light-node-allows-malicious-override-of-application-prio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"eVlknqg3TMKKxHVaeqMw","title":"#43326 [BC-Insight] stale transaction state in mempool when sender receiver pipe fails","pathname":"/movement-labs-attackathon/43326-bc-insight-stale-transaction-state-in-mempool-when-sender-receiver-pipe-fails","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"RCZmsrvsUKgT8ccxjFzC","title":"#43323 [BC-High] inadequate sequence number validation in da light node enables transaction censorship","pathname":"/movement-labs-attackathon/43323-bc-high-inadequate-sequence-number-validation-in-da-light-node-enables-transaction-censorship","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"FZ7sRsNXklitgoKP7nHH","title":"#43330 [BC-Critical] Freezing new transaction processing by sending invalid requests to movement DA light node","pathname":"/movement-labs-attackathon/43330-bc-critical-freezing-new-transaction-processing-by-sending-invalid-requests-to-movement-da-lig","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"CuoDnS7hGwdVv0OTeERx","title":"#43333 [BC-Critical] Missing Depths Checks in Cached TypeLayout leads to Network Divergence","pathname":"/movement-labs-attackathon/43333-bc-critical-missing-depths-checks-in-cached-typelayout-leads-to-network-divergence","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"uVo7vjqWGOUWYmsVmFwb","title":"#43346 [BC-Insight] Transactions arriving at the node out of sequence order will be rejected due to the has_invalid_sequence_number function","pathname":"/movement-labs-attackathon/43346-bc-insight-transactions-arriving-at-the-node-out-of-sequence-order-will-be-rejected-due-to-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Movement Labs Attackathon"}]},{"id":"mAL80anLbFBiaEBiWnDu","title":"CircuitDAO | IOP","pathname":"/circuitdaoiop","siteSpaceId":"sitesp_stpzW"},{"id":"zOtrZL7ombS3toHpRQ92","title":"#43705 [SC-Critical] attackers can exploit lack of validation in byc coin issuance process to issue arbitrary amount of byc coin","pathname":"/circuitdaoiop/43705-sc-critical-attackers-can-exploit-lack-of-validation-in-byc-coin-issuance-process-to-issue-arb","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"CircuitDAO | IOP"}]},{"id":"eajXqFW7dmZQavJ4tVm9","title":"#44324 [SC-Medium] atom announcer owner can nulify financial penalty by self penalizing ","pathname":"/circuitdaoiop/44324-sc-medium-atom-announcer-owner-can-nulify-financial-penalty-by-self-penalizing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"CircuitDAO | IOP"}]},{"id":"DBMLuJIzmC1QAoE1odqQ","title":"#44355 [SC-High] announcer owner can inflate announcers registry entries via mutate and register loop to claim most of rewards","pathname":"/circuitdaoiop/44355-sc-high-announcer-owner-can-inflate-announcers-registry-entries-via-mutate-and-register-loop-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"CircuitDAO | IOP"}]},{"id":"nofeAYixVcaJ11oyMojZ","title":"Spectra Finance","pathname":"/spectra-finance","siteSpaceId":"sitesp_stpzW"},{"id":"LmHtq1lPQcm6tC9Gg6Qg","title":"#43971 [SC-Insight] Incorrect NatSpec Tag in removeRateOracle() Misrepresents Function Reference","pathname":"/spectra-finance/43971-sc-insight-incorrect-natspec-tag-in-removerateoracle-misrepresents-function-reference","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"eQM22wyHxuVx5v7sNZFp","title":"#43803 [SC-Low] Boolean success returned from address.call{value: amount}() not checked","pathname":"/spectra-finance/43803-sc-low-boolean-success-returned-from-address.call-value-amount-not-checked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"QzNJ2m0VBghx9wjTxBu6","title":"#44167 [SC-Medium] Incorrect balance check in PT redemption commands","pathname":"/spectra-finance/44167-sc-medium-incorrect-balance-check-in-pt-redemption-commands","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"GZuOhOxknDJI0X50IiQe","title":"#44091 [SC-Low] Lack of ETH transfer check leads to stolen funds","pathname":"/spectra-finance/44091-sc-low-lack-of-eth-transfer-check-leads-to-stolen-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"owWviSfdfBz7sA5fttlp","title":"#43469 [SC-Low] Return value of low level call not checked can cause silent Reverts","pathname":"/spectra-finance/43469-sc-low-return-value-of-low-level-call-not-checked-can-cause-silent-reverts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"jAr0yhDwFsTKVQatCkS2","title":"#43314 [SC-Insight] Oracle functions mislead integrators as it is not compatible with Chainlink Price feed behaviour","pathname":"/spectra-finance/43314-sc-insight-oracle-functions-mislead-integrators-as-it-is-not-compatible-with-chainlink-price-f","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"7nEPQxw1VvZOM5Sk8X0s","title":"#43659 [SC-Low] Silent ETH transfer failure in `Dispatcher.sol` leads to permament freezing of funds","pathname":"/spectra-finance/43659-sc-low-silent-eth-transfer-failure-in-dispatcher.sol-leads-to-permament-freezing-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"ctvfZcDx3oAEbJnrtjJz","title":"#44161 [SC-Low] Return value of low level call not ckecked in `Dispatcher.sol` contract","pathname":"/spectra-finance/44161-sc-low-return-value-of-low-level-call-not-ckecked-in-dispatcher.sol-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"eFJvDZy2XhnkWf80cBNn","title":"#44101 [SC-Low] `_dispatch()` incorrectly assumes revert bubbling when transferring native tokens.","pathname":"/spectra-finance/44101-sc-low-_dispatch-incorrectly-assumes-revert-bubbling-when-transferring-native-tokens.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"MTL45yucIGhlG37EpZHo","title":"#44064 [SC-Medium] Dispatcher incorrect validation causes principal tokens to be stuck in inheriting contract allowing attacker to steal user funds","pathname":"/spectra-finance/44064-sc-medium-dispatcher-incorrect-validation-causes-principal-tokens-to-be-stuck-in-inheriting-co","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"uo0dStZUJdRLFSI1H1ml","title":"#43981 [SC-Low] Silent ETH transfer failure in `TRANSFER_NATIVE` command can permanently lock user funds","pathname":"/spectra-finance/43981-sc-low-silent-eth-transfer-failure-in-transfer_native-command-can-permanently-lock-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"IkHaOOxrkXi7YkLFYcMv","title":"#43712 [SC-Low] Silent ETH transfer failure in `TRANSFER_NATIVE` command leads to permament locking of user funds","pathname":"/spectra-finance/43712-sc-low-silent-eth-transfer-failure-in-transfer_native-command-leads-to-permament-locking-of-us","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"Jmu3R3k19fXDRSRBbXhD","title":"#44081 [SC-Low] Users ETH could be stuck forever without a way to recover it","pathname":"/spectra-finance/44081-sc-low-users-eth-could-be-stuck-forever-without-a-way-to-recover-it","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"TIPxvHG2M7emBtWWnaz8","title":"#44158 [SC-Low] Dispatcher does not check if native transfers are successful","pathname":"/spectra-finance/44158-sc-low-dispatcher-does-not-check-if-native-transfers-are-successful","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"rq6DCSR5VSPCi6Ot5kdY","title":"#43856 [SC-Low] Dispatcher._dispatch() does not revert on failure of transfer of funds when called with the TRANSFER_NATIVE command","pathname":"/spectra-finance/43856-sc-low-dispatcher._dispatch-does-not-revert-on-failure-of-transfer-of-funds-when-called-with-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"utNmq2qdGOTQYX1USAHy","title":"#44035 [SC-Low] Lack of validation in native transfer allows attacker to steal user funds","pathname":"/spectra-finance/44035-sc-low-lack-of-validation-in-native-transfer-allows-attacker-to-steal-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"JA5FGrTMCTQyCKHINDj1","title":"#43987 [SC-Low] Unchecked low-level ETH transfer in `Dispatcher.sol` may lead to undetected failures","pathname":"/spectra-finance/43987-sc-low-unchecked-low-level-eth-transfer-in-dispatcher.sol-may-lead-to-undetected-failures","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"WCyqioqsJtCCM0boqQ10","title":"#43528 [SC-Low] fund freeze scenario","pathname":"/spectra-finance/43528-sc-low-fund-freeze-scenario","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"x5RYQojFrqtOBvJDJlac","title":"#43611 [SC-Low] Unchecked ETH Transfer in TRANSFER_NATIVE Command Risks Silent Failures","pathname":"/spectra-finance/43611-sc-low-unchecked-eth-transfer-in-transfer_native-command-risks-silent-failures","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"SrTUrE4iuCNnHVjnKccY","title":"#43380 [SC-Low] Missing Error Check in TRANSFER_NATIVE Command","pathname":"/spectra-finance/43380-sc-low-missing-error-check-in-transfer_native-command","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"17sNvGUbOeT1tNGEwvuY","title":"#43490 [SC-Low] TRANSFER_NATIVE in Dispatcher can lead to loss of funds due to not checking user can receive ETH","pathname":"/spectra-finance/43490-sc-low-transfer_native-in-dispatcher-can-lead-to-loss-of-funds-due-to-not-checking-user-can-re","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"LKCOSg8reLtO1HzBkuZf","title":"#43408 [SC-Low] Not checking call success in `TRANSFER_NATIVE`","pathname":"/spectra-finance/43408-sc-low-not-checking-call-success-in-transfer_native","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"rTPmfl4TkwtHKBrCs268","title":"#43402 [SC-Insight] Function `getPTUnderlyingUnit` could be marked external","pathname":"/spectra-finance/43402-sc-insight-function-getptunderlyingunit-could-be-marked-external","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"Q9F0pmPGjqAyKfxrqmlp","title":"#43464 [SC-Insight] Refactoring `Router.sol` for gas savings and reducing code redundancy from two different `Router::execute()` which can result in undesirable outcomes for potentially delayed tra...","pathname":"/spectra-finance/43464-sc-insight-refactoring-router.sol-for-gas-savings-and-reducing-code-redundancy-from-two-differ","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"ZhWVxTYk6ehsil0VAaTP","title":"#44083 [SC-Insight] Inconsistency in `CurvePoolUtil`","pathname":"/spectra-finance/44083-sc-insight-inconsistency-in-curvepoolutil","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"WHRdORDuxiqsbCNa4CCa","title":"#43912 [SC-Low] Lack of ETH Success Transfer Checks in Dispatcher.sol","pathname":"/spectra-finance/43912-sc-low-lack-of-eth-success-transfer-checks-in-dispatcher.sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"BFNJM7ndGazkHkeWFIMJ","title":"#44170 [SC-Low] Missing Check for Native ETH Transfer Success Allows Silent Failures and Potential Theft of Funds","pathname":"/spectra-finance/44170-sc-low-missing-check-for-native-eth-transfer-success-allows-silent-failures-and-potential-thef","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"gHFM1GnlvhuO3ukH8AK3","title":"#44173 [SC-Low] Unchecked Low-Level Call in TRANSFER_NATIVE in `Dispatcher::_dispatch` Can Lead to Locked Ether and Potential Theft","pathname":"/spectra-finance/44173-sc-low-unchecked-low-level-call-in-transfer_native-in-dispatcher-_dispatch-can-lead-to-locked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"K8P8FmvMmv3MOL93dr07","title":"#43274 [SC-Low] `TRANSFER_NATIVE` Command in Dispatcher Does Not Check Return Value of Low-Level Call","pathname":"/spectra-finance/43274-sc-low-transfer_native-command-in-dispatcher-does-not-check-return-value-of-low-level-call","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"3cxRiLFwFNF4zA4LZL0H","title":"#44131 [SC-Low] An attacker can steal frozen user ETH due to Dispatcher error","pathname":"/spectra-finance/44131-sc-low-an-attacker-can-steal-frozen-user-eth-due-to-dispatcher-error","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"liMbR5D9kiiTpx0IdiQq","title":"#43195 [SC-Insight] `Dispatcher.sol` uses `initializer` modifier instead of `onlyInitializing`","pathname":"/spectra-finance/43195-sc-insight-dispatcher.sol-uses-initializer-modifier-instead-of-onlyinitializing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"mqnSt4XPdV8CKuXvYfNe","title":"#44084 [SC-Insight] Incorrect Nat spec in `calcIBTsToTokenizeForCurvePool` and `calcIBTsToTokenizeForCurvePoolCustomProp`","pathname":"/spectra-finance/44084-sc-insight-incorrect-nat-spec-in-calcibtstotokenizeforcurvepool-and-calcibtstotokenizeforcurve","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"ufVyLp7x5zzGrsqB4CKm","title":"#43729 [SC-Low] Silent execution failure on `Dispatcher::_dispatch` due to unchecked return value on `Dispatcher:TRANSFER_NATIVE` operation","pathname":"/spectra-finance/43729-sc-low-silent-execution-failure-on-dispatcher-_dispatch-due-to-unchecked-return-value-on-dispa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"Ty45ro73mNIp451Se4Oq","title":"#44175 [SC-Low] Missing Success Check for payable(recipient).call","pathname":"/spectra-finance/44175-sc-low-missing-success-check-for-payable-recipient-.call","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Spectra Finance"}]},{"id":"Kst1v9xiFZ1JovNNNayT","title":"Term Structure Institutional | IOP","pathname":"/term-structure-institutional_iop","siteSpaceId":"sitesp_stpzW"},{"id":"4QPcs77eAbSOp4qUJOmp","title":"#46819 [SC-Critical] direct theft of users funds when expired loan get liquidated","pathname":"/term-structure-institutional_iop/46819-sc-critical-direct-theft-of-users-funds-when-expired-loan-get-liquidated","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"zI64bQzts3RT6LUXFeBq","title":"#46608 [SC-Medium] Any call to the repay function can potentially be front-run by a malicious actor, lead to prevent users from repaying on time.","pathname":"/term-structure-institutional_iop/46608-sc-medium-any-call-to-the-repay-function-can-potentially-be-front-run-by-a-malicious-actor-lea","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"7JnDpemIBPTje6FujBef","title":"#46903 [SC-Critical] malicious borrower can take theft of other borrower collateral","pathname":"/term-structure-institutional_iop/46903-sc-critical-malicious-borrower-can-take-theft-of-other-borrower-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"shxfjcKfHUcPijhZRAfD","title":"#46893 [SC-High] settlement functionality can be break forever and blocking settlement actions.","pathname":"/term-structure-institutional_iop/46893-sc-high-settlement-functionality-can-be-break-forever-and-blocking-settlement-actions.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"E8XkSJ6bb1cTq13SWZxk","title":"#47008 [SC-High] any users with expired loan(not settled) can take theft of lenders collateral when the collateral price increase","pathname":"/term-structure-institutional_iop/47008-sc-high-any-users-with-expired-loan-not-settled-can-take-theft-of-lenders-collateral-when-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"KHT1gjc4LfEB0HGz491g","title":"#47009 [SC-Low] Any position can be closed (by repaying the debt) even after the maturity date has passed","pathname":"/term-structure-institutional_iop/47009-sc-low-any-position-can-be-closed-by-repaying-the-debt-even-after-the-maturity-date-has-passed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"a2oLpNAEsAEhtDx9Act9","title":"#47100 [SC-Insight] some checks should be added even if the operator checks each input parameters","pathname":"/term-structure-institutional_iop/47100-sc-insight-some-checks-should-be-added-even-if-the-operator-checks-each-input-parameters","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"jMmxrtIbPCGmGmNTtekf","title":"#47112 [SC-Critical] addCollateral causes double economic loss through premature asset transfer and inflated settlement requirements","pathname":"/term-structure-institutional_iop/47112-sc-critical-addcollateral-causes-double-economic-loss-through-premature-asset-transfer-and-inf","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"VVBMTSIt9NQrgVDEnAR7","title":"#47115 [SC-Critical] Missing Settlement Status Validation in Loan Operations","pathname":"/term-structure-institutional_iop/47115-sc-critical-missing-settlement-status-validation-in-loan-operations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"VDuM6WADtyUFGqu0Joda","title":"#47118 [SC-High] Incorrect Allowance Validation in addCollateralBeforeSettle","pathname":"/term-structure-institutional_iop/47118-sc-high-incorrect-allowance-validation-in-addcollateralbeforesettle","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"XwQ0Gr6JzY1SxbvTbO8f","title":"#47122 [SC-Medium] Array Length Mismatch Enables Partial Settlement Processing","pathname":"/term-structure-institutional_iop/47122-sc-medium-array-length-mismatch-enables-partial-settlement-processing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"zRfcDeCUcM7ahaqrrIGJ","title":"#47124 [SC-Insight] Minimum Debt Value Updates Trigger Instant Liquidation Condition Changes","pathname":"/term-structure-institutional_iop/47124-sc-insight-minimum-debt-value-updates-trigger-instant-liquidation-condition-changes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"TmyMbROck1fJJfKB7ee8","title":"#47125 [SC-Medium] Cross-Chain Signature Replay Attack in Settlement Contract","pathname":"/term-structure-institutional_iop/47125-sc-medium-cross-chain-signature-replay-attack-in-settlement-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Term Structure Institutional | IOP"}]},{"id":"BtR15FjvWx5uNM49Mvxv","title":"Zano Trade | IOP","pathname":"/zano-trade-iop","siteSpaceId":"sitesp_stpzW"},{"id":"6YRTsBOjoDssRs1HhIq3","title":"#47728 [W&A-Critical] Server-Side Request Forgery (SSRF) Vulnerability in Next.js _app.tsx component","pathname":"/zano-trade-iop/47728-w-and-a-critical-server-side-request-forgery-ssrf-vulnerability-in-next.js-_app.tsx-component","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Zano Trade | IOP"}]},{"id":"sIUmIRCFXdxwVg9Ka7mj","title":"#47725 [W&A-Insight] Non-Expiring Tokens and CSRF Exposure","pathname":"/zano-trade-iop/47725-w-and-a-insight-non-expiring-tokens-and-csrf-exposure","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Zano Trade | IOP"}]},{"id":"Lx7iZxSlRgj37SYOI9M0","title":"#47729 [W&A-Insight] Insecure Token Storage in SessionStorage","pathname":"/zano-trade-iop/47729-w-and-a-insight-insecure-token-storage-in-sessionstorage","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Zano Trade | IOP"}]},{"id":"mlh87i6L2tTkpgOg8FPj","title":"#47731 [W&A-Insight] Offer Listings N+1 Query Performance Vulnerability","pathname":"/zano-trade-iop/47731-w-and-a-insight-offer-listings-n+1-query-performance-vulnerability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Zano Trade | IOP"}]},{"id":"kuIlXVGDA27b4ezVcYuO","title":"#47740 [W&A-Critical] Server-Side Request Forgery (SSRF) in `./src/pages/_app.tsx` via the Host header","pathname":"/zano-trade-iop/47740-w-and-a-critical-server-side-request-forgery-ssrf-in-.-src-pages-_app.tsx-via-the-host-header","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Zano Trade | IOP"}]},{"id":"N5BRQ0pcfyw7WDHOhwIq","title":"#47741 [W&A-Insight] Missing JWT_SECRET in Env Allows Token Forgery via Empty Secret","pathname":"/zano-trade-iop/47741-w-and-a-insight-missing-jwt_secret-in-env-allows-token-forgery-via-empty-secret","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Zano Trade | IOP"}]},{"id":"JLKjmUpPuwSbzvvFUwj2","title":"#48436 [W&A-Critical] Dos is possible through the order creation api","pathname":"/zano-trade-iop/48436-w-and-a-critical-dos-is-possible-through-the-order-creation-api","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Zano Trade | IOP"}]},{"id":"8wNlDf8Y33Lt6JY43wdi","title":"Paradex | IOP","pathname":"/iop-paradex","siteSpaceId":"sitesp_stpzW"},{"id":"JnHQUjRvsmTAIdLq08kj","title":"#46611 [SC-Insight] Missing staleness checks in oracle queries","pathname":"/iop-paradex/46611-sc-insight-missing-staleness-checks-in-oracle-queries","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"rIJStSnOYKHBJkkl6BB8","title":"#46570 [SC-Insight] account list DoS issue","pathname":"/iop-paradex/46570-sc-insight-account-list-dos-issue","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"zmGa6a4QKrTe63arBJpr","title":"#46639 [SC-Low] The `_settlement_fee_payments` function contains a calculation error that leads to abnormal user balances.","pathname":"/iop-paradex/46639-sc-low-the-_settlement_fee_payments-function-contains-a-calculation-error-that-leads-to-abnorm","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"HtjJMpymaAVFHm8rkIIB","title":"#46675 [SC-Insight] Insufficient Time Validation in function settle_trade_v2","pathname":"/iop-paradex/46675-sc-insight-insufficient-time-validation-in-function-settle_trade_v2","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"RS7a7BPFGEAH7jSmG0jU","title":"#46676 [SC-Insight] Unrestricted Minimum Lockup Period","pathname":"/iop-paradex/46676-sc-insight-unrestricted-minimum-lockup-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"IZvq0PUp1wKm9cM98k8A","title":"#46747 [SC-Insight] Self-Referral Vulnerability in Account Referral System","pathname":"/iop-paradex/46747-sc-insight-self-referral-vulnerability-in-account-referral-system","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"vms1IUKoZ8eNkrBSnEtJ","title":"#46839 [SC-Low] `max_withdraw` and `max_withdraw` do not fully consider global restrictions.","pathname":"/iop-paradex/46839-sc-low-max_withdraw-and-max_withdraw-do-not-fully-consider-global-restrictions.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"tIFdAlDpPTFvu97Di8a3","title":"#46843 [SC-Critical] Bypass of Restrictions When Paraclear_transfer_registry Is Unregistered","pathname":"/iop-paradex/46843-sc-critical-bypass-of-restrictions-when-paraclear_transfer_registry-is-unregistered","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"6ca7HftjgFGbI3zumNPE","title":"#46856 [SC-Medium] The calculation of shares obtained through token trades will be incorrect, causing users to pay excessive yield fees.","pathname":"/iop-paradex/46856-sc-medium-the-calculation-of-shares-obtained-through-token-trades-will-be-incorrect-causing-us","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"aqeZJIdFlSmVMqJCCZm4","title":"#46867 [SC-Insight] The `is_liquidation` field in `transfer_internal` is not properly differentiated.","pathname":"/iop-paradex/46867-sc-insight-the-is_liquidation-field-in-transfer_internal-is-not-properly-differentiated.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"EO0iciZBhfGbYQNOe2uG","title":"#46888 [SC-High] account_transfer_partial: lack of input validation when working with signed integers","pathname":"/iop-paradex/46888-sc-high-account_transfer_partial-lack-of-input-validation-when-working-with-signed-integers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"apI9muLjfCszkvqFaaqD","title":"#46892 [SC-High] small deposits could prevent users from withdrawing their funds","pathname":"/iop-paradex/46892-sc-high-small-deposits-could-prevent-users-from-withdrawing-their-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"0b4n6doEMz0MblU8fLSj","title":"#46910 [SC-Insight] Token Balance Event Data Inconsistency in Position Transfers","pathname":"/iop-paradex/46910-sc-insight-token-balance-event-data-inconsistency-in-position-transfers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"KjU9WNhZusezVowhYZY1","title":"#46942 [SC-Low] set perpetual asset balance link there is no cycle checks","pathname":"/iop-paradex/46942-sc-low-set-perpetual-asset-balance-link-there-is-no-cycle-checks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"leEZPaa4dWCmIf0QjFuI","title":"#46960 [SC-Insight] trade order sizes are not validated properly","pathname":"/iop-paradex/46960-sc-insight-trade-order-sizes-are-not-validated-properly","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"N6fFfaGBIQrgeFWQQI4W","title":"#46989 [SC-Insight] Invalid trade side check","pathname":"/iop-paradex/46989-sc-insight-invalid-trade-side-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"PFkYd2diyPxhIdLOUnbW","title":"#46997 [SC-Medium] The vault performs an unsafe conversion on the getAccountValue result.","pathname":"/iop-paradex/46997-sc-medium-the-vault-performs-an-unsafe-conversion-on-the-getaccountvalue-result.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"DqWMrowQvRbB0AuuvySX","title":"#47198 [SC-Critical] The operator can perform unauthorized fund transfers.","pathname":"/iop-paradex/47198-sc-critical-the-operator-can-perform-unauthorized-fund-transfers.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"yNvEgZDcNS4DE7LZJL7S","title":"#47257 [SC-Insight] Lack of position quantity limit for a single account.","pathname":"/iop-paradex/47257-sc-insight-lack-of-position-quantity-limit-for-a-single-account.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"EbsK1xUxrxzXcgBpd9QB","title":"#47291 [SC-Insight] Serveal bugs in function set_prices_and_funding_snapshot","pathname":"/iop-paradex/47291-sc-insight-serveal-bugs-in-function-set_prices_and_funding_snapshot","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"CLk5aKqycYJsh5l0L0Rh","title":"#47295 [SC-Insight] Configurator Can Manipulate Critical Parameters to Force Mass Liquidations and Drain Protocol Funds","pathname":"/iop-paradex/47295-sc-insight-configurator-can-manipulate-critical-parameters-to-force-mass-liquidations-and-drai","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"6wMA8mtRiQCoJaN9AoWL","title":"#47299 [SC-Insight] The `is_risky` check is improper.","pathname":"/iop-paradex/47299-sc-insight-the-is_risky-check-is-improper.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"BfM4rwAcHW4651oCcDEk","title":"#47309 [SC-Medium] Type mishandling allows for users to withdraw FAST from vault instead of STANDARD","pathname":"/iop-paradex/47309-sc-medium-type-mishandling-allows-for-users-to-withdraw-fast-from-vault-instead-of-standard","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"f0SQmQ3OgzI0aU9B9Pvi","title":"#47310 [SC-Medium] Integer to Felt conversion completely ruins the Vaults accounting","pathname":"/iop-paradex/47310-sc-medium-integer-to-felt-conversion-completely-ruins-the-vaults-accounting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"bbPbmbqvaiOMNVX1BNZO","title":"#47314 [SC-Medium] account_transfer_partial(...) function doesn't check sender's health after transferring balances","pathname":"/iop-paradex/47314-sc-medium-account_transfer_partial-...-function-doesnt-check-senders-health-after-transferring","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"5S69Tzo5foiUwAS9azLc","title":"#47313 [SC-Insight] Transfer(...) function doesn't account for current USDC price","pathname":"/iop-paradex/47313-sc-insight-transfer-...-function-doesnt-account-for-current-usdc-price","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"luJR0qqBRjwxAlhm2Mqh","title":"#47316 [SC-Low] account_transfer_partial(...) function doesn't check that receiver has a registered account in the system","pathname":"/iop-paradex/47316-sc-low-account_transfer_partial-...-function-doesnt-check-that-receiver-has-a-registered-accou","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"FZEezBfj3X0k3aL1ikKe","title":"#47317 [SC-Low] Transfer function only allows collateral transfers from free balance but can be bypassed","pathname":"/iop-paradex/47317-sc-low-transfer-function-only-allows-collateral-transfers-from-free-balance-but-can-be-bypasse","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"4QiBNPyFAwasZbiLjqfo","title":"#47330 [SC-Low] The fee calculation in `settle_market` is unreasonable.","pathname":"/iop-paradex/47330-sc-low-the-fee-calculation-in-settle_market-is-unreasonable.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"GJEV0rkIbdY9mjLvfN7z","title":"#47318 [SC-Insight] If the counterparty happens to be their own referrer, the protocol does not take the referral fee into account during the risk check.","pathname":"/iop-paradex/47318-sc-insight-if-the-counterparty-happens-to-be-their-own-referrer-the-protocol-does-not-take-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"PjXi1CLsqRxkkKBTpkSr","title":"#47370 [SC-Critical] `account_transfer_partial` should not be enabled when `transfer_registry_address` is not configured.","pathname":"/iop-paradex/47370-sc-critical-account_transfer_partial-should-not-be-enabled-when-transfer_registry_address-is-n","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"2iWgNHDw0l4tS3sdXezl","title":"#47351 [SC-Low] Funds get stuck in the bridge if attempted to be deposited into a restricted address","pathname":"/iop-paradex/47351-sc-low-funds-get-stuck-in-the-bridge-if-attempted-to-be-deposited-into-a-restricted-address","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"AmpWxxbfJrPj78MNWVYT","title":"#47377 [SC-Insight] No Restriction on Self Transfer","pathname":"/iop-paradex/47377-sc-insight-no-restriction-on-self-transfer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"YKoZ0DmbSb9qu359A7vI","title":"#47380 [SC-Insight] Incorrect token_assets_value in AccountLiquidated Event","pathname":"/iop-paradex/47380-sc-insight-incorrect-token_assets_value-in-accountliquidated-event","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Paradex | IOP"}]},{"id":"BmrvDyoWMtW2iG6peymq","title":"Flare FAssets | Mainnet Audit Comp","pathname":"/flare-fassets-or-mainnet-audit-comp","siteSpaceId":"sitesp_stpzW"},{"id":"SK4fEPzlvV1sLMHp6gwZ","title":"#45309 [SC-Insight] Gas Optimization in `_burnForAtNow` Function for efficient balance retrieval","pathname":"/flare-fassets-or-mainnet-audit-comp/45309-sc-insight-gas-optimization-in-_burnforatnow-function-for-efficient-balance-retrieval","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"oWy7FQiwGCfHHu0UHiLB","title":"#45310 [SC-Insight] `IWNat(address(token)).governanceVotePower().undelegate()` is redundant after `undelegateGovernance()`","pathname":"/flare-fassets-or-mainnet-audit-comp/45310-sc-insight-iwnat-address-token-.governancevotepower-.undelegate-is-redundant-after-undelegateg","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"FzX6xMHuwfaM3kTDmAYF","title":"#45357 [SC-Insight] Increase in the usedTokens array","pathname":"/flare-fassets-or-mainnet-audit-comp/45357-sc-insight-increase-in-the-usedtokens-array","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"bjCpyhnJjdCL7bn4j3a3","title":"#45368 [SC-Insight] Corruptible Upgradability Pattern","pathname":"/flare-fassets-or-mainnet-audit-comp/45368-sc-insight-corruptible-upgradability-pattern","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"WDAuf6UHWu407KGkKoeE","title":"#45377 [SC-Insight] Missing pause modifier in `beforeCollateralWithdrawal` allows collateral theft during a pause","pathname":"/flare-fassets-or-mainnet-audit-comp/45377-sc-insight-missing-pause-modifier-in-beforecollateralwithdrawal-allows-collateral-theft-during","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"gtNEcEdgFEHSsI74Ierf","title":"#45379 [SC-Low] Frontrunning Vulnerability in createAgentVault Suffix Reservation","pathname":"/flare-fassets-or-mainnet-audit-comp/45379-sc-low-frontrunning-vulnerability-in-createagentvault-suffix-reservation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"eVZfSLVuw8YsDawB0NQ1","title":"#45405 [SC-Insight] Insufficient Documentation for Governance-Controlled Functions and Critical Parameters in 'CoreVaultManager.sol'","pathname":"/flare-fassets-or-mainnet-audit-comp/45405-sc-insight-insufficient-documentation-for-governance-controlled-functions-and-critical-paramet","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"AkWFd45TSxw7svgHpyIy","title":"#45439 [SC-Low] Empty String Allowed as Pool Token Suffix in _reserveAndValidatePoolTokenSuffix","pathname":"/flare-fassets-or-mainnet-audit-comp/45439-sc-low-empty-string-allowed-as-pool-token-suffix-in-_reserveandvalidatepooltokensuffix","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"VZ1WTURDurGDNbfHQ9oE","title":"#45447 [SC-Medium] Executor cannot execute minting while the agent can execute the transaction and steal executor fee","pathname":"/flare-fassets-or-mainnet-audit-comp/45447-sc-medium-executor-cannot-execute-minting-while-the-agent-can-execute-the-transaction-and-stea","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"4L8fgjQh6Dl9Ghs9AKWH","title":"#45450 [SC-Insight] Outdated underlying chain data lead to shortened minting windows or DoS when minting fAssets","pathname":"/flare-fassets-or-mainnet-audit-comp/45450-sc-insight-outdated-underlying-chain-data-lead-to-shortened-minting-windows-or-dos-when-mintin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"PUrQs6E0sT3seTE2lKbW","title":"#45478 [SC-Medium] Minting Cap Check Doesn't Include `poolFeeUBA` in `selfMint` and `mintFromUnderlying`","pathname":"/flare-fassets-or-mainnet-audit-comp/45478-sc-medium-minting-cap-check-doesnt-include-poolfeeuba-in-selfmint-and-mintfromunderlying","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"3FEdz6UalEhxpclRUyLr","title":"#45485 [SC-Insight] Comments above `reserveCollateral` indicate collateral reservation fee is burned, which is not the case","pathname":"/flare-fassets-or-mainnet-audit-comp/45485-sc-insight-comments-above-reservecollateral-indicate-collateral-reservation-fee-is-burned-whic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"iN7dcc9ijfUK4bOPRkLK","title":"#45499 [SC-Low] Malicious user can prevent agent to be destroyed and lock up his funds","pathname":"/flare-fassets-or-mainnet-audit-comp/45499-sc-low-malicious-user-can-prevent-agent-to-be-destroyed-and-lock-up-his-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Lw9eZdwZ9NWddmTaBn3V","title":"#45514 [SC-Medium] malicious agents can trap stakers by raising the exit collateral ratio","pathname":"/flare-fassets-or-mainnet-audit-comp/45514-sc-medium-malicious-agents-can-trap-stakers-by-raising-the-exit-collateral-ratio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"lh9avKb4Zzd6elaVTB2M","title":"#45517 [SC-Insight] Partial Documentation for Self-Close Exit Fee Handling and Redemption Workflow in 'CollateralPool.sol'","pathname":"/flare-fassets-or-mainnet-audit-comp/45517-sc-insight-partial-documentation-for-self-close-exit-fee-handling-and-redemption-workflow-in-c","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"jLJKmB6FAGXF3XeGHzWZ","title":"#45533 [SC-Low] Incorrect gas allowance comparison in CoreVault transfer function leads to user fund loss","pathname":"/flare-fassets-or-mainnet-audit-comp/45533-sc-low-incorrect-gas-allowance-comparison-in-corevault-transfer-function-leads-to-user-fund-lo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"4MQBr1MrJ4kmhZ5y4PaY","title":"#45554 [SC-Medium] Fee loss during Agent's feeBIPS reduction in `selfMint` function","pathname":"/flare-fassets-or-mainnet-audit-comp/45554-sc-medium-fee-loss-during-agents-feebips-reduction-in-selfmint-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"HqEPu747fBqEl6ErMtRm","title":"#45550 [SC-Medium] [H-01] `illegalPaymentChallenge` is vulnerable to frontrunning by external challengers stealing the reward","pathname":"/flare-fassets-or-mainnet-audit-comp/45550-sc-medium-h-01-illegalpaymentchallenge-is-vulnerable-to-frontrunning-by-external-challengers-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"DpanDga4VYQHxHc1mi8J","title":"#45574 [SC-Insight] Redundant Per‑Item Upper Bound Check in `validateLiquidationFactors`","pathname":"/flare-fassets-or-mainnet-audit-comp/45574-sc-insight-redundant-per-item-upper-bound-check-in-validateliquidationfactors","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"7bmaxzbTdNk1YqTk5k4w","title":"#45665 [SC-Medium] [H-02] Minting Cap Bypass via Pool Fee Exclusion during Self Mint","pathname":"/flare-fassets-or-mainnet-audit-comp/45665-sc-medium-h-02-minting-cap-bypass-via-pool-fee-exclusion-during-self-mint","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"BYC1OnMsdhYragXQtRC9","title":"#45674 [SC-Insight] `executeMinting()` allows impersonation of minter during chain-reorg due to deterministic `crtId` and lack of minter binding","pathname":"/flare-fassets-or-mainnet-audit-comp/45674-sc-insight-executeminting-allows-impersonation-of-minter-during-chain-reorg-due-to-determinist","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"vXIiZ3gVC4Ev1XcfMbnp","title":"#45604 [SC-Low] User Overpayment in `transferToCoreVault` Fee Handling","pathname":"/flare-fassets-or-mainnet-audit-comp/45604-sc-low-user-overpayment-in-transfertocorevault-fee-handling","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"CxWincOF2MQbVgv4Ao1f","title":"#45731 [SC-Insight] Off-by-One Logic in Escrow End Timestamp Calculation May Cause Unintended Escrow Delay","pathname":"/flare-fassets-or-mainnet-audit-comp/45731-sc-insight-off-by-one-logic-in-escrow-end-timestamp-calculation-may-cause-unintended-escrow-de","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"73J1jBuaXzdD5N65fiMq","title":"#45685 [SC-Insight] Incorrect comments in finishRedemptionWithoutPayment","pathname":"/flare-fassets-or-mainnet-audit-comp/45685-sc-insight-incorrect-comments-in-finishredemptionwithoutpayment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"5haxhh6MvDu9NsU3w3uC","title":"#45769 [SC-Medium] Permanent blocking of Agent's fund by allowed minters","pathname":"/flare-fassets-or-mainnet-audit-comp/45769-sc-medium-permanent-blocking-of-agents-fund-by-allowed-minters","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"25tjnxCKehVm8PMkRL6D","title":"#45772 [SC-Insight] NatSpec Mismatch in CoreVault Redemption Logic","pathname":"/flare-fassets-or-mainnet-audit-comp/45772-sc-insight-natspec-mismatch-in-corevault-redemption-logic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"yfoYO4RqJ3H1pIYBQT2O","title":"#45830 [SC-Medium] Incorrect amount passed to checkMintingCap in self-minting allows bypassing of config minting cap","pathname":"/flare-fassets-or-mainnet-audit-comp/45830-sc-medium-incorrect-amount-passed-to-checkmintingcap-in-self-minting-allows-bypassing-of-confi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"SjgddvA7FJFctm9SN0mN","title":"#45813 [SC-Insight] Missing `setAutoClaiming` Function","pathname":"/flare-fassets-or-mainnet-audit-comp/45813-sc-insight-missing-setautoclaiming-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"wgJObyWE2gACBM6DSsRf","title":"#45864 [SC-Insight] Minter's underlying token can get stuck if the agent calls mintingDefault before the minter’s transaction is recorded on the underlying blockchain.","pathname":"/flare-fassets-or-mainnet-audit-comp/45864-sc-insight-minters-underlying-token-can-get-stuck-if-the-agent-calls-mintingdefault-before-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"G1iJ8hPAG4zvcTQm6eks","title":"#45893 [SC-High] Agent role can stolen nat token from protocol users","pathname":"/flare-fassets-or-mainnet-audit-comp/45893-sc-high-agent-role-can-stolen-nat-token-from-protocol-users","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"2PNKOp7629lJqN1NpKyf","title":"#45897 [SC-Low] Executor Fee Lost in `rejectInvalidRedemption()` Due to Missing Handling Logic","pathname":"/flare-fassets-or-mainnet-audit-comp/45897-sc-low-executor-fee-lost-in-rejectinvalidredemption-due-to-missing-handling-logic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"IKztXSjw2QSzDYviYnBX","title":"#45904 [SC-High] Malicious agent can forge a non-payment proof despite user's valid payment and fraudulently trigger `mintingPaymentDefault`","pathname":"/flare-fassets-or-mainnet-audit-comp/45904-sc-high-malicious-agent-can-forge-a-non-payment-proof-despite-users-valid-payment-and-fraudule","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"wouKavGmDgian7ckBV9C","title":"#45910 [SC-Medium] Changing collateral ratio makes Agents prone to liquidation","pathname":"/flare-fassets-or-mainnet-audit-comp/45910-sc-medium-changing-collateral-ratio-makes-agents-prone-to-liquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"6Fv241H1jLFVQKKAfbk5","title":"#45943 [SC-Low] rejectInvalidRedemption fee is not awarded to agent, resulting in stuck or misallocated funds","pathname":"/flare-fassets-or-mainnet-audit-comp/45943-sc-low-rejectinvalidredemption-fee-is-not-awarded-to-agent-resulting-in-stuck-or-misallocated","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"XZGlHiQfNjYqyQu0uVqN","title":"#45949 [SC-Insight] Mismatch between doc and implementation for `confirmationByOthersAfterSeconds` minimum on XRP","pathname":"/flare-fassets-or-mainnet-audit-comp/45949-sc-insight-mismatch-between-doc-and-implementation-for-confirmationbyothersafterseconds-minimu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"DSyi2gUL7AkPZOX33ue9","title":"#45956 [SC-Insight] EOA only on smart contract chains bypassed on ETH","pathname":"/flare-fassets-or-mainnet-audit-comp/45956-sc-insight-eoa-only-on-smart-contract-chains-bypassed-on-eth","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Uf03dXdtvL7AYuW57iTu","title":"#45978 [SC-Insight] Failed Transactions Trigger Invalid Double Payment Challenges Causing Loss of Funds for Legitimate Agents","pathname":"/flare-fassets-or-mainnet-audit-comp/45978-sc-insight-failed-transactions-trigger-invalid-double-payment-challenges-causing-loss-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"iwZac8BRpimIRGVpy6Qm","title":"#45961 [SC-Insight] `selfMint()` Can Lead to Permanent Loss of Agents' Funds During Emergency Pause","pathname":"/flare-fassets-or-mainnet-audit-comp/45961-sc-insight-selfmint-can-lead-to-permanent-loss-of-agents-funds-during-emergency-pause","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"PZ0uC3s1MqeZwP7Xcx4I","title":"#45987 [SC-Medium] A malicious user can fill up the redemption queue with the minimum size (1 lot), making legitimate redeemers to redeem always multiple times","pathname":"/flare-fassets-or-mainnet-audit-comp/45987-sc-medium-a-malicious-user-can-fill-up-the-redemption-queue-with-the-minimum-size-1-lot-making","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"AgDDEOU0Lkpfh0P2uErO","title":"#45979 [SC-High] Agent can steal funds from FLR holders who have deposited in agent's collateral pool","pathname":"/flare-fassets-or-mainnet-audit-comp/45979-sc-high-agent-can-steal-funds-from-flr-holders-who-have-deposited-in-agents-collateral-pool","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"M0lB2w222mv9rUNbdM9U","title":"#46068 [SC-Low] selfCloseExitTo is lack of slippage protect","pathname":"/flare-fassets-or-mainnet-audit-comp/46068-sc-low-selfcloseexitto-is-lack-of-slippage-protect","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"s6N4f3SD3DfWX79SQVxG","title":"#46081 [SC-Medium] Wrong check in `redeemFromCoreVault` will result in unnecessary revert","pathname":"/flare-fassets-or-mainnet-audit-comp/46081-sc-medium-wrong-check-in-redeemfromcorevault-will-result-in-unnecessary-revert","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Q9nRTwAPOBJfKD3RiLl5","title":"#46071 [SC-Low] Ultra-low amount of total shares in collateral pool","pathname":"/flare-fassets-or-mainnet-audit-comp/46071-sc-low-ultra-low-amount-of-total-shares-in-collateral-pool","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Z9KbUYZJJi33CopvEQgv","title":"#46092 [SC-Insight] AgentVault::destroy mismatch between comment documentation and contract behavior","pathname":"/flare-fassets-or-mainnet-audit-comp/46092-sc-insight-agentvault-destroy-mismatch-between-comment-documentation-and-contract-behavior","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Lnu1tGwMOkaNmPWF8zbz","title":"#46108 [SC-Medium] Minting Cap can by bypassed while self minting","pathname":"/flare-fassets-or-mainnet-audit-comp/46108-sc-medium-minting-cap-can-by-bypassed-while-self-minting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"8ed52xIxWRsCqYmI2rND","title":"#46121 [SC-High] Malicious agent can manipulate the totalCollateral to cause damage to the protocol","pathname":"/flare-fassets-or-mainnet-audit-comp/46121-sc-high-malicious-agent-can-manipulate-the-totalcollateral-to-cause-damage-to-the-protocol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"brXJU0leNOxiFjPut2HD","title":"#46119 [SC-Low] Incorrect `msg.Value` check in `CoreVault` Transfer","pathname":"/flare-fassets-or-mainnet-audit-comp/46119-sc-low-incorrect-msg.value-check-in-corevault-transfer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"d4411onpEky7pGgrgevR","title":"#46122 [SC-Insight] Incorrect Minimum Lots Validation in CoreVault Redemption","pathname":"/flare-fassets-or-mainnet-audit-comp/46122-sc-insight-incorrect-minimum-lots-validation-in-corevault-redemption","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"SLOieoIrjq4OHAYiJQj9","title":"#46198 [SC-Insight] Redemption Blocked if Agent Refuses to Confirm Core Vault Payment","pathname":"/flare-fassets-or-mainnet-audit-comp/46198-sc-insight-redemption-blocked-if-agent-refuses-to-confirm-core-vault-payment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"3vHUToZhHH52ifHCv1um","title":"#46210 [SC-Insight] Incorrect timestamp comparison in function \"beforeCollateralWithdrawal\" allows agent to withdraw at last second without being challenged","pathname":"/flare-fassets-or-mainnet-audit-comp/46210-sc-insight-incorrect-timestamp-comparison-in-function-beforecollateralwithdrawal-allows-agent","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"6HKCD1RK9fNchtm0eq8j","title":"#46218 [SC-Insight] Documentation-Implementation Discrepancy in Agent Vault Access Control","pathname":"/flare-fassets-or-mainnet-audit-comp/46218-sc-insight-documentation-implementation-discrepancy-in-agent-vault-access-control","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"rcsorPh9MzpZFYgVHPVx","title":"#46220 [SC-Insight] Missing Documented Function in the CollateralPool Contract","pathname":"/flare-fassets-or-mainnet-audit-comp/46220-sc-insight-missing-documented-function-in-the-collateralpool-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"SP7mKzzYOc4B32LM7ncN","title":"#46241 [SC-Insight] Misleading definition in Core-Vault documentation (“CV operators submit proof”)","pathname":"/flare-fassets-or-mainnet-audit-comp/46241-sc-insight-misleading-definition-in-core-vault-documentation-cv-operators-submit-proof","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"wmPBN8PBx0nMxeU6CeUI","title":"#46247 [SC-Medium] Token transfer can revert in unstickMinting because of insufficient funds in the vault.","pathname":"/flare-fassets-or-mainnet-audit-comp/46247-sc-medium-token-transfer-can-revert-in-unstickminting-because-of-insufficient-funds-in-the-vau","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"dQQmOil7hRS9cf0qFEDx","title":"#46266 [SC-Insight] Cannot use a pool token suffix of MAX_SUFFIX_LEN","pathname":"/flare-fassets-or-mainnet-audit-comp/46266-sc-insight-cannot-use-a-pool-token-suffix-of-max_suffix_len","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"OoVzUYBvmOnC7JpgnQJq","title":"#46265 [SC-Medium] Logic flaw in transferToCoreVault allows creation of zero-value redemption request","pathname":"/flare-fassets-or-mainnet-audit-comp/46265-sc-medium-logic-flaw-in-transfertocorevault-allows-creation-of-zero-value-redemption-request","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Prq7uPv0kOzCo6VKk9vR","title":"#46282 [SC-High] Wrong implementation of `payout` would lead to loss of fee share of `AgentVault`","pathname":"/flare-fassets-or-mainnet-audit-comp/46282-sc-high-wrong-implementation-of-payout-would-lead-to-loss-of-fee-share-of-agentvault","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"zEqZ4MaHuCHh4zrz8CcK","title":"#46311 [SC-Insight] Unbacked Redemptions Due to Donation- Attack on CoreVault Can Freeze Agent Collateral","pathname":"/flare-fassets-or-mainnet-audit-comp/46311-sc-insight-unbacked-redemptions-due-to-donation-attack-on-corevault-can-freeze-agent-collatera","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"UPA04NmQFtRDehijV7WC","title":"#46320 [SC-Low] Executor fee will be stuck in the contract when rejectInvalidRedemption is called","pathname":"/flare-fassets-or-mainnet-audit-comp/46320-sc-low-executor-fee-will-be-stuck-in-the-contract-when-rejectinvalidredemption-is-called","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"KGWpeyDrBxh1hs5hJEI7","title":"#46271 [SC-Medium] Rewards claiming functionality is broken.","pathname":"/flare-fassets-or-mainnet-audit-comp/46271-sc-medium-rewards-claiming-functionality-is-broken.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"hJ5r5b86sPWMNASjQG1l","title":"#46326 [SC-Medium] Incorrect Minting Cap Check in Minting Process","pathname":"/flare-fassets-or-mainnet-audit-comp/46326-sc-medium-incorrect-minting-cap-check-in-minting-process","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"bmnNHEb7of8X8DQYKLyn","title":"#46378 [SC-High] Unconditional F-Asset burn during partial collateral redemptions enables direct theft of user funds","pathname":"/flare-fassets-or-mainnet-audit-comp/46378-sc-high-unconditional-f-asset-burn-during-partial-collateral-redemptions-enables-direct-theft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"2zmFmsd0pdHBfBXs0SoK","title":"#46442 [SC-Low] Agent collateral pool is vulnerable to inflation attack","pathname":"/flare-fassets-or-mainnet-audit-comp/46442-sc-low-agent-collateral-pool-is-vulnerable-to-inflation-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"MT5nTPZlSyARnTtLWlZv","title":"#46437 [SC-High] Agent can circumvent double payment challenge on XRP chain using other types of transaction","pathname":"/flare-fassets-or-mainnet-audit-comp/46437-sc-high-agent-can-circumvent-double-payment-challenge-on-xrp-chain-using-other-types-of-transa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"wRmVg7JuqJxuX84BFqZ9","title":"#46486 [SC-Low] Faulty logic in `transferToCoreVault` makes users pay more for the refund transaction than the amount being refunded.","pathname":"/flare-fassets-or-mainnet-audit-comp/46486-sc-low-faulty-logic-in-transfertocorevault-makes-users-pay-more-for-the-refund-transaction-tha","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"AhRTBMt7fjAwkVFJ6DwD","title":"#46462 [SC-Low] Malicious collateral provider can steal funds from agent collateral pool by donating a large amount of native token to the pool (inflation attack)","pathname":"/flare-fassets-or-mainnet-audit-comp/46462-sc-low-malicious-collateral-provider-can-steal-funds-from-agent-collateral-pool-by-donating-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"NDqhj72LXAeZsiAtBYX9","title":"#46493 [SC-Insight] ADDRESS_STORAGE_POSITION is not ERC7201 compliant","pathname":"/flare-fassets-or-mainnet-audit-comp/46493-sc-insight-address_storage_position-is-not-erc7201-compliant","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Mh3usUCIduANNV2Z5y1D","title":"#46520 [SC-Low] ETH loss on `selfCloseExitTo` when redeeming to collateral","pathname":"/flare-fassets-or-mainnet-audit-comp/46520-sc-low-eth-loss-on-selfcloseexitto-when-redeeming-to-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"WpA6OjtOv989JRYnEv61","title":"#46534 [SC-Insight] Missing Validation to Prevent Self-Assignment of Work Address","pathname":"/flare-fassets-or-mainnet-audit-comp/46534-sc-insight-missing-validation-to-prevent-self-assignment-of-work-address","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Y4Zej7EtaEnhFLvfxZxQ","title":"#46541 [SC-High] Historical Payment Transaction Exploitation Leading to Instant Agent Liquidation","pathname":"/flare-fassets-or-mainnet-audit-comp/46541-sc-high-historical-payment-transaction-exploitation-leading-to-instant-agent-liquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"IKCSaaZv984MJ7eNLq6o","title":"#46546 [SC-Insight] Accounting Mismatches in AgentVault.sol Due to Non-Standard ERC20 Tokens","pathname":"/flare-fassets-or-mainnet-audit-comp/46546-sc-insight-accounting-mismatches-in-agentvault.sol-due-to-non-standard-erc20-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Nt7YMaRK3i1QQYknmahI","title":"#46587 [SC-Low] Overpayment loss in `transferToCoreVault` due to incorrect refund condition","pathname":"/flare-fassets-or-mainnet-audit-comp/46587-sc-low-overpayment-loss-in-transfertocorevault-due-to-incorrect-refund-condition","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"FhuctSzvvSxtvBoPOTqA","title":"#46592 [SC-High] The return value of redeemFromAgent/redeemFromAgentInCollateral in the selfCloseExitTo is not checked","pathname":"/flare-fassets-or-mainnet-audit-comp/46592-sc-high-the-return-value-of-redeemfromagent-redeemfromagentincollateral-in-the-selfcloseexitto","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"KfmjE6j44vKT7ULfqIQZ","title":"#46643 [SC-Low] `destroyAgent` in `AgentsCreateDestroy` is prone to DOS","pathname":"/flare-fassets-or-mainnet-audit-comp/46643-sc-low-destroyagent-in-agentscreatedestroy-is-prone-to-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Ba3cu5GSOskOPM739wqs","title":"#46677 [SC-Insight] Wrong comment in _getFAssetRequiredToNotSpoilCR","pathname":"/flare-fassets-or-mainnet-audit-comp/46677-sc-insight-wrong-comment-in-_getfassetrequiredtonotspoilcr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"42ihbdqBYqYKLJoZfACu","title":"#46681 [SC-Low] malicious actor can prevent agent from being destroyed","pathname":"/flare-fassets-or-mainnet-audit-comp/46681-sc-low-malicious-actor-can-prevent-agent-from-being-destroyed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"pziyc4S1AtUs7ztlfKD2","title":"#46688 [SC-High] `claimAirdropDistribution()` Allows Arbitrary Inflation of `totalCollateral`","pathname":"/flare-fassets-or-mainnet-audit-comp/46688-sc-high-claimairdropdistribution-allows-arbitrary-inflation-of-totalcollateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"zYZaG5rfJcr6e0FPr5LI","title":"#46702 [SC-Insight] `executeMinting()` Enables Cross-Contract Reentrancy to Manipulate Collateral Pool Pricing","pathname":"/flare-fassets-or-mainnet-audit-comp/46702-sc-insight-executeminting-enables-cross-contract-reentrancy-to-manipulate-collateral-pool-pric","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"2mxZ9JPxW9X03SdRatGo","title":"#46714 [SC-Medium] Agent can frontrun executor to steal unclaimed executor fee in minting process","pathname":"/flare-fassets-or-mainnet-audit-comp/46714-sc-medium-agent-can-frontrun-executor-to-steal-unclaimed-executor-fee-in-minting-process","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"IzYUB1ynxCB3JwhaQTuU","title":"#46721 [SC-Insight] Inconsistencies for agentTimelockedOperationWindowSeconds value checks between SettingsInitializer.sol::_validateSettings and SettingsManagementFacet.sol::setAgentTimelockedOpera...","pathname":"/flare-fassets-or-mainnet-audit-comp/46721-sc-insight-inconsistencies-for-agenttimelockedoperationwindowseconds-value-checks-between-sett","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"ov9vElhbCAJ9yafjt2ey","title":"#46758 [SC-Low] Collateral Reservation Fee Calculation Inconsistent with Actual Reserved Value","pathname":"/flare-fassets-or-mainnet-audit-comp/46758-sc-low-collateral-reservation-fee-calculation-inconsistent-with-actual-reserved-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Xu2zYCak9XDzyFlLuQtN","title":"#46771 [SC-Insight] Incorrect Collateral Ratio Check Due to Rounding Error","pathname":"/flare-fassets-or-mainnet-audit-comp/46771-sc-insight-incorrect-collateral-ratio-check-due-to-rounding-error","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"tgOTXUdHttWnZVNLYzCj","title":"#46826 [SC-Medium] transferFeeWei + Transfers.TRANSFER_GAS_ALLOWANCE` when `CoreVault::transferToCoreVault()` is called.","pathname":"/flare-fassets-or-mainnet-audit-comp/46826-sc-medium-transferfeewei-+-transfers.transfer_gas_allowance-when-corevault-transfertocorevault","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"sn9UudW9AUkpiChG6Kk3","title":"#46838 [SC-Low] Agent Destruction Can Be Blocked by Malicious Collateral Pool Entries","pathname":"/flare-fassets-or-mainnet-audit-comp/46838-sc-low-agent-destruction-can-be-blocked-by-malicious-collateral-pool-entries","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"xEOA5GvoAhLiE5Fp7pu9","title":"#46836 [SC-Low] buybackAgentCollateral will revert due to overflow","pathname":"/flare-fassets-or-mainnet-audit-comp/46836-sc-low-buybackagentcollateral-will-revert-due-to-overflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"kYRw7LtKTbOG4I7J9zyv","title":"#46847 [SC-Low] executor fee is not paid or burned in `rejectInvalidRedemption`","pathname":"/flare-fassets-or-mainnet-audit-comp/46847-sc-low-executor-fee-is-not-paid-or-burned-in-rejectinvalidredemption","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"Tc1wnWCmXgDTxtczomRc","title":"#46848 [SC-Insight] Minters can grief agents by deliberately fragmenting the agent's redemption ticket queue with minimal size tickets, preventing or delaying large transfers to core vault","pathname":"/flare-fassets-or-mainnet-audit-comp/46848-sc-insight-minters-can-grief-agents-by-deliberately-fragmenting-the-agents-redemption-ticket-q","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"CxgsK8XP9xgs08nv1sN8","title":"#46886 [SC-Low] `destroyAgent()` functionality can easily be bricked due to Frontrunning Attack","pathname":"/flare-fassets-or-mainnet-audit-comp/46886-sc-low-destroyagent-functionality-can-easily-be-bricked-due-to-frontrunning-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"OHDPYjMhYEAeCU9HPxsl","title":"#46858 [SC-High] The agent owner can exploit a malicious rewardManager to steal tokens from the protocol","pathname":"/flare-fassets-or-mainnet-audit-comp/46858-sc-high-the-agent-owner-can-exploit-a-malicious-rewardmanager-to-steal-tokens-from-the-protoco","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"euso6eFDwnB2HRG5Hj0a","title":"#46924 [SC-Low] Last user may exit with almost all of his values, but he'll purposefully leave a small 1e18 or a little more to grief `destroy()`","pathname":"/flare-fassets-or-mainnet-audit-comp/46924-sc-low-last-user-may-exit-with-almost-all-of-his-values-but-hell-purposefully-leave-a-small-1e","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"7LvotecO2GooXYY6r07g","title":"#46930 [SC-Low] `depositNat()` in `CollateralPool` Fails to Notify Asset Manager, By not calling the `updateCollateral`","pathname":"/flare-fassets-or-mainnet-audit-comp/46930-sc-low-depositnat-in-collateralpool-fails-to-notify-asset-manager-by-not-calling-the-updatecol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"JUCHI99zy4V6UIK9sPHx","title":"#46929 [SC-Medium] Incorrect required underlying value check used in mintFromFreeUnderlying function","pathname":"/flare-fassets-or-mainnet-audit-comp/46929-sc-medium-incorrect-required-underlying-value-check-used-in-mintfromfreeunderlying-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"XiTxFdyJyZ7LkQqjSu7C","title":"#46943 [SC-Medium] Agents can prevent user CoreVault redemptions by sandwiching them with a requestReturnFromCoreVault and a cancelReturnFromCoreVault","pathname":"/flare-fassets-or-mainnet-audit-comp/46943-sc-medium-agents-can-prevent-user-corevault-redemptions-by-sandwiching-them-with-a-requestretu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"fjSeYGdgGxgKUh82UBfW","title":"#46949 [SC-High] Top-up discount miscalculation allows minting excess pool tokens via repeated small deposits in `CollateralPool::enter`","pathname":"/flare-fassets-or-mainnet-audit-comp/46949-sc-high-top-up-discount-miscalculation-allows-minting-excess-pool-tokens-via-repeated-small-de","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"rbp8zSy5cYdQLsetWoO5","title":"#46953 [SC-High] agents who create agents with prior transactions can be instantly unfairly liquidated","pathname":"/flare-fassets-or-mainnet-audit-comp/46953-sc-high-agents-who-create-agents-with-prior-transactions-can-be-instantly-unfairly-liquidated","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"qkzCo8kuCHGuGVv6ShJH","title":"#46969 [SC-Low] Inconsistent Use of poolFeeShareBIPS Between Collateral Reservation and Distribution","pathname":"/flare-fassets-or-mainnet-audit-comp/46969-sc-low-inconsistent-use-of-poolfeesharebips-between-collateral-reservation-and-distribution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"eorrYckcVbnng20nBNqH","title":"#46976 [SC-Low] Agent Destruction Can Permanently Lock Unclaimed Transfer Fees","pathname":"/flare-fassets-or-mainnet-audit-comp/46976-sc-low-agent-destruction-can-permanently-lock-unclaimed-transfer-fees","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"77zxbfiRpofqvnFuQEii","title":"#46982 [SC-Insight] Spread calculation discrepancy allows wildly divergent prices to be accepted","pathname":"/flare-fassets-or-mainnet-audit-comp/46982-sc-insight-spread-calculation-discrepancy-allows-wildly-divergent-prices-to-be-accepted","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"WuLqej8rLn9UTCMBLh2k","title":"#46984 [SC-Low] Incomplete Token Supply Check After Token Share Recalculation in `_selfCloseExitTo`","pathname":"/flare-fassets-or-mainnet-audit-comp/46984-sc-low-incomplete-token-supply-check-after-token-share-recalculation-in-_selfcloseexitto","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"R2eH2PSzEcl9FpijfyIY","title":"#46985 [SC-High] CollateralPool::totalCollateral can be increased to arbitrary value","pathname":"/flare-fassets-or-mainnet-audit-comp/46985-sc-high-collateralpool-totalcollateral-can-be-increased-to-arbitrary-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"N6PuApSblJOAdj9a6OUZ","title":"#46993 [SC-Low] Malicious agent with large capital can abuse `cancelReturnFromCoreVault` to block access to core vault liquidity during high redemption demand","pathname":"/flare-fassets-or-mainnet-audit-comp/46993-sc-low-malicious-agent-with-large-capital-can-abuse-cancelreturnfromcorevault-to-block-access","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"zxFQwUbVWoA6628JpJKL","title":"#46999 [SC-Insight] Absence of event emission in critical functions","pathname":"/flare-fassets-or-mainnet-audit-comp/46999-sc-insight-absence-of-event-emission-in-critical-functions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"e2NZ6bfdEZmiJWIJJG5b","title":"#47010 [SC-Low] `CollateralPool::donateNat` manipulation enables arbitrary pool‐token value inflation and fee‐debt evasion","pathname":"/flare-fassets-or-mainnet-audit-comp/47010-sc-low-collateralpool-donatenat-manipulation-enables-arbitrary-pool-token-value-inflation-and","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"2UVJyh4yI8jGUKbdYpI6","title":"#47020 [SC-High] A malicious agent can extract funds from the collateral pool by diluting the value of existing collateral providers' shares.","pathname":"/flare-fassets-or-mainnet-audit-comp/47020-sc-high-a-malicious-agent-can-extract-funds-from-the-collateral-pool-by-diluting-the-value-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"2BMTL3jTuU8a9qttnSKy","title":"#47034 [SC-Medium] check minting cap function checks on incorrect amount in mintFromFreeUnderlying function","pathname":"/flare-fassets-or-mainnet-audit-comp/47034-sc-medium-check-minting-cap-function-checks-on-incorrect-amount-in-mintfromfreeunderlying-func","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"yie7jgr2mV89kG8JRZE2","title":"#47039 [SC-Medium] `poolMintFee` is not considered for or checked against the`mintingCapAMG` limits.","pathname":"/flare-fassets-or-mainnet-audit-comp/47039-sc-medium-poolmintfee-is-not-considered-for-or-checked-against-the-mintingcapamg-limits.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"PLUfOvoZQNCZKodMvzfk","title":"#47033 [SC-Low] Incorrect calculation of total available amount in core vault in a certain case when a user redeems from the core vault","pathname":"/flare-fassets-or-mainnet-audit-comp/47033-sc-low-incorrect-calculation-of-total-available-amount-in-core-vault-in-a-certain-case-when-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"AFflqVll4eGr7Nsrz0mD","title":"#47053 [SC-Low] `transferToCoreVault()` allows agents to have unbacked synthetic assets by extracting underlying value without burning","pathname":"/flare-fassets-or-mainnet-audit-comp/47053-sc-low-transfertocorevault-allows-agents-to-have-unbacked-synthetic-assets-by-extracting-under","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"GxbNT3ukmutFEjZeS4dE","title":"#47060 [SC-High] Unchecked Partial Payout on selfCloseExit Allows User Underpayment","pathname":"/flare-fassets-or-mainnet-audit-comp/47060-sc-high-unchecked-partial-payout-on-selfcloseexit-allows-user-underpayment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"MF2PPxFY32LxDdEhagbq","title":"#47082 [SC-Low] Zero collateral payout despite burned fAssets","pathname":"/flare-fassets-or-mainnet-audit-comp/47082-sc-low-zero-collateral-payout-despite-burned-fassets","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"B3nas0aw6Oxfy9Ss3JAq","title":"#47087 [SC-Insight] CollateralTypesFacet.sol::deprecateCollateralType allows to break CollateralTypes.sol::initialize invariant because it allows to deprecate all token collateral vaults leading to ...","pathname":"/flare-fassets-or-mainnet-audit-comp/47087-sc-insight-collateraltypesfacet.sol-deprecatecollateraltype-allows-to-break-collateraltypes.so","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"GLCaoyogX4osc05mjlvJ","title":"#47091 [SC-Insight] `setWorkAddress()` enables front-running attacks to hijack work addresses","pathname":"/flare-fassets-or-mainnet-audit-comp/47091-sc-insight-setworkaddress-enables-front-running-attacks-to-hijack-work-addresses","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"LsvhLvthSjzZe9vcnT8m","title":"#47106 [SC-Low] Collateral Reservation Fee distribution uses current poolFeeShareBips instead of value stored during during time of collateral reservation","pathname":"/flare-fassets-or-mainnet-audit-comp/47106-sc-low-collateral-reservation-fee-distribution-uses-current-poolfeesharebips-instead-of-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"UnXckE4KgIxe3ATViidP","title":"#47094 [SC-Insight] Missing Event Emission in `AgentVault` and `CollateralPoolToken` Factory Contracts","pathname":"/flare-fassets-or-mainnet-audit-comp/47094-sc-insight-missing-event-emission-in-agentvault-and-collateralpooltoken-factory-contracts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"CGOnkt7ujRhPgx4VTTOA","title":"#47108 [SC-High] selfCloseExitTo() can cause users to receive partial payments without validation, leading to permanent asset loss","pathname":"/flare-fassets-or-mainnet-audit-comp/47108-sc-high-selfcloseexitto-can-cause-users-to-receive-partial-payments-without-validation-leading","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"1k1H1hLvXtaMTyMUBGAH","title":"#47116 [SC-Insight] Undocumented Redemption Pool Fee Share potentially leading to confusion","pathname":"/flare-fassets-or-mainnet-audit-comp/47116-sc-insight-undocumented-redemption-pool-fee-share-potentially-leading-to-confusion","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"oCsaDLaANJPmhiFzf9nT","title":"#47121 [SC-Insight] Incorrect documentation on pool Top-up feature","pathname":"/flare-fassets-or-mainnet-audit-comp/47121-sc-insight-incorrect-documentation-on-pool-top-up-feature","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"tYhRZ49Ps79PQ7dBqSVn","title":"#47150 [SC-Insight] XRP Deposit Authorization Griefing Attack on Minting Process","pathname":"/flare-fassets-or-mainnet-audit-comp/47150-sc-insight-xrp-deposit-authorization-griefing-attack-on-minting-process","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"DuUEQ2LASD2EdSrv8nla","title":"#47159 [SC-Insight] Lack of Access Control on `triggerInstructions()` Allows Unauthorized Transfers Post-Deletion","pathname":"/flare-fassets-or-mainnet-audit-comp/47159-sc-insight-lack-of-access-control-on-triggerinstructions-allows-unauthorized-transfers-post-de","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"NgEkldCkcIxycr2hQD4r","title":"#45336 [SC-Low] Malicious Agent could repeatedly create and destroy vaults reserving different suffixes and grief other agents","pathname":"/flare-fassets-or-mainnet-audit-comp/45336-sc-low-malicious-agent-could-repeatedly-create-and-destroy-vaults-reserving-different-suffixes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mainnet Audit Comp"}]},{"id":"e14101c5d3088bd7b2512582a963ba15793057af","title":"Flare FAssets | Mitigation Audit","pathname":"/flare-fassets-or-mitigation-audit","siteSpaceId":"sitesp_stpzW"},{"id":"2c703bf8a3a624aea544342fac1823880a4905fc","title":"#54887 [SC-Insight] mitigation regression pool token suffix length excludes valid 1 and 20 char values the fix rejects valid edge lengths and breaks agent creation ","pathname":"/flare-fassets-or-mitigation-audit/54887-sc-insight-mitigation-regression-pool-token-suffix-length-excludes-valid-1-and-20-char-values","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"ed697674b9c138dd3a1c19e1ebd74f157ed71860","title":"#55046 [SC-Insight] claimed rewards paid in legacy wnat after an upgrade are silently ignored by the balance delta fix","pathname":"/flare-fassets-or-mitigation-audit/55046-sc-insight-claimed-rewards-paid-in-legacy-wnat-after-an-upgrade-are-silently-ignored-by-the-ba","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"8e71a79a411a0d62b3b9fa1b0599e779dceddbcc","title":"#54955 [SC-Insight] malicious agents can trap stakers by raising exit collateral ratio","pathname":"/flare-fassets-or-mitigation-audit/54955-sc-insight-malicious-agents-can-trap-stakers-by-raising-exit-collateral-ratio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"03d0377b4fccf356e9587a112db5876aa57d3b86","title":"#55025 [SC-Insight] corevault refund failure can permanently freeze overpaid nat on assetmanager","pathname":"/flare-fassets-or-mitigation-audit/55025-sc-insight-corevault-refund-failure-can-permanently-freeze-overpaid-nat-on-assetmanager","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"c2bf69fbeb54056a250b47b7cc39657ee726276f","title":"#54916 [SC-Low] minting cap can be surpassed via redemption fee","pathname":"/flare-fassets-or-mitigation-audit/54916-sc-low-minting-cap-can-be-surpassed-via-redemption-fee","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"6f52f7d3166d5446298614e0cb6f16912d131de1","title":"#55002 [SC-Low] rewards claims increase pool collateral but do not notify assetmanager stale cr accounting after fix for 45893 ","pathname":"/flare-fassets-or-mitigation-audit/55002-sc-low-rewards-claims-increase-pool-collateral-but-do-not-notify-assetmanager-stale-cr-account","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"aca09d0f71e37e3435e6247810fc60d47f424649","title":"#55174 [SC-Insight] over assignment of payable in claimairdropdistribution function could cause confusion regarding native token handling","pathname":"/flare-fassets-or-mitigation-audit/55174-sc-insight-over-assignment-of-payable-in-claimairdropdistribution-function-could-cause-confusi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"5761b171f50c41af18a8978b5667f798f286d6d0","title":"#55230 [SC-Insight] there is a sub gwei executor fee can be bypass and freezes eth in redemptionrequests","pathname":"/flare-fassets-or-mitigation-audit/55230-sc-insight-there-is-a-sub-gwei-executor-fee-can-be-bypass-and-freezes-eth-in-redemptionrequest","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"55a7346037429899c83b9169b22b07fbf95d2d96","title":"#55241 [SC-Insight] insufficient validation of pool token suffix allows consecutive hyphens enables token symbol impersonation and user confusion","pathname":"/flare-fassets-or-mitigation-audit/55241-sc-insight-insufficient-validation-of-pool-token-suffix-allows-consecutive-hyphens-enables-tok","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"f5137d55cbc7649a150978bfff3220f20d0a1b41","title":"#55049 [SC-Insight] there is a issue related that the msg value not returned to payer in self close exit","pathname":"/flare-fassets-or-mitigation-audit/55049-sc-insight-there-is-a-issue-related-that-the-msg-value-not-returned-to-payer-in-self-close-exi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"21f58ccecbe4b2f3b1fa64ab7eab0a6862a2d452","title":"#55242 [SC-Low] selfcloseexitto vulnerable to frontrunning griefing via exit ","pathname":"/flare-fassets-or-mitigation-audit/55242-sc-low-selfcloseexitto-vulnerable-to-frontrunning-griefing-via-exit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"db7933487491d8c740f0e42b7013064e978315ad","title":"#55208 [SC-Low] executors receive a greater reward than the assigned value","pathname":"/flare-fassets-or-mitigation-audit/55208-sc-low-executors-receive-a-greater-reward-than-the-assigned-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Flare FAssets | Mitigation Audit"}]},{"id":"x4CyKoymX4SS4nP31Ckz","title":"Folks Smart Contract Library | Aud Comp","pathname":"/folks-smart-contract-library","siteSpaceId":"sitesp_stpzW"},{"id":"PNZVSMd8JggDC78zFUFr","title":"#48718 [SC-Insight] Contract Upgrade Completion DoS/Takeover Risk","pathname":"/folks-smart-contract-library/48718-sc-insight-contract-upgrade-completion-dos-takeover-risk","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"2r6y7nEPHgwyOOWUgqhT","title":"#48717 [SC-Insight] RateLimiter current capacity can be permanently held at zero","pathname":"/folks-smart-contract-library/48717-sc-insight-ratelimiter-current-capacity-can-be-permanently-held-at-zero","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"Ps74ImKvyE8nmwBGxk6L","title":"#48747 [SC-Insight] Consider emitting BucketConsumed for infinite buckets in RateLimiter","pathname":"/folks-smart-contract-library/48747-sc-insight-consider-emitting-bucketconsumed-for-infinite-buckets-in-ratelimiter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"iZQHaNDR0kK7bDOxxKEg","title":"#48885 [SC-Low] No items length check in remove_item leads to a revert with an underflow","pathname":"/folks-smart-contract-library/48885-sc-low-no-items-length-check-in-remove_item-leads-to-a-revert-with-an-underflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"R7rF3vYCBdQlBW73dfH5","title":"#48804 [SC-Insight] Accelerated Rate Limit Refill via Block Timestamp Control","pathname":"/folks-smart-contract-library/48804-sc-insight-accelerated-rate-limit-refill-via-block-timestamp-control","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"bxNwgrB9uez7QrEculOx","title":"#48894 [SC-Low] Underflow in index calculation fails remove_item","pathname":"/folks-smart-contract-library/48894-sc-low-underflow-in-index-calculation-fails-remove_item","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"a35ENpxhiQgfudEvBEIZ","title":"#48983 [SC-Low] Potential Underflow in remove_item() on Empty Array","pathname":"/folks-smart-contract-library/48983-sc-low-potential-underflow-in-remove_item-on-empty-array","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"eIbjZ3BZORJoRdQ9PKti","title":"#48990 [SC-Low] Integer underflow in remove_item leads to AVM trap and DoS via empty array call","pathname":"/folks-smart-contract-library/48990-sc-low-integer-underflow-in-remove_item-leads-to-avm-trap-and-dos-via-empty-array-call","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"Yr4WkBH3ScqLABZLRXEf","title":"#48998 [SC-Low] Critical UInt64 underflow in set removal causes permanent denial of service","pathname":"/folks-smart-contract-library/48998-sc-low-critical-uint64-underflow-in-set-removal-causes-permanent-denial-of-service","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"jWENEFGzu5XWemMWqjK8","title":"#49003 [SC-Low] Array Underflow Vulnerability in UInt64SetLib leads to contract failure","pathname":"/folks-smart-contract-library/49003-sc-low-array-underflow-vulnerability-in-uint64setlib-leads-to-contract-failure","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"NG55bDKcbI5Tqy4XYVjB","title":"#49051 [SC-Insight] Improving and expanding documentation to reduce risks","pathname":"/folks-smart-contract-library/49051-sc-insight-improving-and-expanding-documentation-to-reduce-risks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"ZAKOIlqXqZPbgEGLg2OW","title":"#49061 [SC-Insight] The Function `get_current_capacity()` returns wrong value when bucket is infinite","pathname":"/folks-smart-contract-library/49061-sc-insight-the-function-get_current_capacity-returns-wrong-value-when-bucket-is-infinite","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"01KCR0dmduQac985jXfs","title":"#49075 [SC-Low] `SetLib.remove_item()` is not safe on empty Dynamic arrays","pathname":"/folks-smart-contract-library/49075-sc-low-setlib.remove_item-is-not-safe-on-empty-dynamic-arrays","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"6ZU9tHmdMUil3U6fJ34X","title":"#49250 [SC-Insight] `AccessControl`: unnecessary box usage in `_grant_role`","pathname":"/folks-smart-contract-library/49250-sc-insight-accesscontrol-unnecessary-box-usage-in-_grant_role","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"2a9W8VqMl2pErnLeiCDk","title":"#49390 [SC-Low] `UInt64SetLib#remove_item` would revert if the item is empty","pathname":"/folks-smart-contract-library/49390-sc-low-uint64setlib-remove_item-would-revert-if-the-item-is-empty","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"eQOp749h58mwCH87rJL3","title":"#49409 [SC-Insight] Incorrect comment in UInt64SetLib","pathname":"/folks-smart-contract-library/49409-sc-insight-incorrect-comment-in-uint64setlib","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"WdkwK8dIX56g5ywq19p9","title":"#49413 [SC-Insight] discrepancy between document and codebase","pathname":"/folks-smart-contract-library/49413-sc-insight-discrepancy-between-document-and-codebase","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"adxuU4wcaXyDp8sluzGu","title":"#49527 [SC-Low] Edge case Integer UInt64SetLib.py::remove_item leads to int underflow","pathname":"/folks-smart-contract-library/49527-sc-low-edge-case-integer-uint64setlib.py-remove_item-leads-to-int-underflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"uZkbaTiZXDVni6xVgZUr","title":"#49553 [SC-Insight] program_sha256`, Reducing Auditability and Monitoring Efficiency","pathname":"/folks-smart-contract-library/49553-sc-insight-program_sha256-reducing-auditability-and-monitoring-efficiency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"Qj8QLWfdKuozEIGr6tUB","title":"#49437 [SC-Insight] `RateLimiter`: incorrect infinite -> finite bucket transition","pathname":"/folks-smart-contract-library/49437-sc-insight-ratelimiter-incorrect-infinite-greater-than-finite-bucket-transition","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"tSDZYFAqnxHr5Wn8gJC1","title":"#49559 [SC-Low] The remove functionality in `UInt64SetLib::remove_item` underflows on empty array","pathname":"/folks-smart-contract-library/49559-sc-low-the-remove-functionality-in-uint64setlib-remove_item-underflows-on-empty-array","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"DzxTCfQCBNsWNk9Y18kT","title":"#49690 [SC-Low] Integer Underflow in UInt64SetLib.py","pathname":"/folks-smart-contract-library/49690-sc-low-integer-underflow-in-uint64setlib.py","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"RMhh86z83YTOtZeeufln","title":"#49687 [SC-Low] An underflow in `remove_item` function in `Uint64SetLib` Contract.","pathname":"/folks-smart-contract-library/49687-sc-low-an-underflow-in-remove_item-function-in-uint64setlib-contract.","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"fsjEZa6KeAL6afdd8KUy","title":"#49938 [SC-Low] Underflow Revert in `remove_item` When Removing from an Empty Array","pathname":"/folks-smart-contract-library/49938-sc-low-underflow-revert-in-remove_item-when-removing-from-an-empty-array","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"PTYZSCfMETuLy45AgpAp","title":"#49970 [SC-Insight] Malicious upgradable admin can permanently brick contract upgradeability","pathname":"/folks-smart-contract-library/49970-sc-insight-malicious-upgradable-admin-can-permanently-brick-contract-upgradeability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Smart Contract Library | Aud Comp"}]},{"id":"99c1581d23d1bbdb4131270e57c2b383b3eb3a7e","title":"Folks Finance Wormhole NTT on Algorand","pathname":"/folks-finance-wormhole-ntt-on-algorand","siteSpaceId":"sitesp_stpzW"},{"id":"1ad8296575c4d47d7e5b23dcf5c275e08c5c6927","title":"57336 sc insight explicit precise and consistent use of application and address types and variable naming prevents bugs","pathname":"/folks-finance-wormhole-ntt-on-algorand/57336-sc-insight-explicit-precise-and-consistent-use-of-application-and-address-types-and-variable-n","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance Wormhole NTT on Algorand"}]},{"id":"4607f83e894983cf51820dc58191e76829981d96","title":"57333 sc high inconsistent handler address decoding prevents any message from being executed","pathname":"/folks-finance-wormhole-ntt-on-algorand/57333-sc-high-inconsistent-handler-address-decoding-prevents-any-message-from-being-executed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance Wormhole NTT on Algorand"}]},{"id":"6d243c31a6c79400382bc3b383b56ed358891874","title":"57300 sc insight initialization bypasses the max 2 weeks guard for min upgrade delay ","pathname":"/folks-finance-wormhole-ntt-on-algorand/57300-sc-insight-initialization-bypasses-the-max-2-weeks-guard-for-min-upgrade-delay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance Wormhole NTT on Algorand"}]},{"id":"7bbd4fea6c0d3c7834a2926bc219eb0e7de10d7e","title":"57018 sc high handler address format mismatch causes digest divergence and unexecutable messages","pathname":"/folks-finance-wormhole-ntt-on-algorand/57018-sc-high-handler-address-format-mismatch-causes-digest-divergence-and-unexecutable-messages","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance Wormhole NTT on Algorand"}]},{"id":"1b3b12e4319c50eb96ff445cb5b97e65e4ca24ca","title":"57013 sc insight incorrect event parameter in inboundtransferratelimited emits recipient instead of caller","pathname":"/folks-finance-wormhole-ntt-on-algorand/57013-sc-insight-incorrect-event-parameter-in-inboundtransferratelimited-emits-recipient-instead-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance Wormhole NTT on Algorand"}]},{"id":"9ce5f376bb35dfd3d0f41a8b2add877ffa14f84a","title":"56615 sc high inconsistent handler address representation in transceivermanager leads to permanent freezing of incoming transfers","pathname":"/folks-finance-wormhole-ntt-on-algorand/56615-sc-high-inconsistent-handler-address-representation-in-transceivermanager-leads-to-permanent-f","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance Wormhole NTT on Algorand"}]},{"id":"b45d6cdb1881c30009cb07cd7feb06e3d56947be","title":"Plume | Attackathon","pathname":"/plume-or-attackathon","siteSpaceId":"sitesp_stpzW"},{"id":"7dbd7e122ffdf14165d817204341a2652ae865a5","title":"53077 sc high permanent fund lock due to flawed remainder logic in distributeyield","pathname":"/plume-or-attackathon/53077-sc-high-permanent-fund-lock-due-to-flawed-remainder-logic-in-distributeyield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4de560e1a8e9ce47b6208acb01d34d53a5437eee","title":"53072 sc high ceil vs floor rounding mismatch causes systematic underpayment and unclaimed yield leakage","pathname":"/plume-or-attackathon/53072-sc-high-ceil-vs-floor-rounding-mismatch-causes-systematic-underpayment-and-unclaimed-yield-lea","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ced61ea92d7bc70b02342f6b238b79f8e04384bd","title":"53071 sc insight okxhelper function incompatible with the uniswap v3 swap to with permit selector ","pathname":"/plume-or-attackathon/53071-sc-insight-okxhelper-function-incompatible-with-the-uniswap-v3-swap-to-with-permit-selector","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ceb4b8b9e77956da4b7d9632716a1d8cf9e83c6e","title":"53070 sc high validator commission update during max allowed commission change causes incorrect reward calculations","pathname":"/plume-or-attackathon/53070-sc-high-validator-commission-update-during-max-allowed-commission-change-causes-incorrect-rewa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d96a4f45fdc9ee5a992924a87b129110c7cf334a","title":"53069 sc low dynamic cooldown interval changes cause unexpected fund lockup extensions","pathname":"/plume-or-attackathon/53069-sc-low-dynamic-cooldown-interval-changes-cause-unexpected-fund-lockup-extensions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"93ad981b34fedfe4c1c719c264ce9558c0460735","title":"53063 sc low maxvalidatorpercentage can be used to dos protocol staking ","pathname":"/plume-or-attackathon/53063-sc-low-maxvalidatorpercentage-can-be-used-to-dos-protocol-staking","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c248f44e16925949641635534043a5d2e249b05c","title":"53061 sc high asymmetric rounding in commission ceil for users floor for validators enables per segment rounding loss validators can amplify via frequent commission checkpoints ","pathname":"/plume-or-attackathon/53061-sc-high-asymmetric-rounding-in-commission-ceil-for-users-floor-for-validators-enables-per-segm","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b58bdfb072f3dffb8f0d813d95384c8300e92551","title":"53059 sc low reward rate checkpoints are used but are never set","pathname":"/plume-or-attackathon/53059-sc-low-reward-rate-checkpoints-are-used-but-are-never-set","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8cf0e524635c4d9136569576d19a52458eb5874a","title":"53056 sc low native withdraw to msg sender only non payable contract stakers cannot withdraw permanent funds lock ","pathname":"/plume-or-attackathon/53056-sc-low-native-withdraw-to-msg-sender-only-non-payable-contract-stakers-cannot-withdraw-permane","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"431a36ded02cf728a12d2bb870e77ca114dc7b1e","title":"53051 sc high unconsented stakeonbehalf enables third party gas griefing dos by bloating uservalidators breaking withdraw claimall","pathname":"/plume-or-attackathon/53051-sc-high-unconsented-stakeonbehalf-enables-third-party-gas-griefing-dos-by-bloating-uservalidat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"df613e0c7138b1bfd042e14b24a595719346f57f","title":"53048 sc medium approval logic can break on non standard erc 20s usdt style and leave allowances loose","pathname":"/plume-or-attackathon/53048-sc-medium-approval-logic-can-break-on-non-standard-erc-20s-usdt-style-and-leave-allowances-loo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1655ca8d5c19431c28ae2158a7f2e67827b712e9","title":"53047 sc high the jackpot eligibility check uses stale storage data instead of the freshly calculated streak ","pathname":"/plume-or-attackathon/53047-sc-high-the-jackpot-eligibility-check-uses-stale-storage-data-instead-of-the-freshly-calculate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"fe47a3cb26a1ec12f8b60d69d9b4faf028b5f274","title":"53043 sc high handlerandomness doesn t properly account for current streak which could result in the user spinning losing a jackpot","pathname":"/plume-or-attackathon/53043-sc-high-handlerandomness-doesn-t-properly-account-for-current-streak-which-could-result-in-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ff59b90166f4d54395014ea505e6b9c244bf3a45","title":"53039 sc high rewards and commissions accrued in the interval before a slash might be lost","pathname":"/plume-or-attackathon/53039-sc-high-rewards-and-commissions-accrued-in-the-interval-before-a-slash-might-be-lost","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"aa883a9c11fa722775f530a0f02f0deb76a1d368","title":"53038 sc low distributeyield can be frontrun to sandwich rewards we can force ourselves to be the last holder and get unfairly big bonuses","pathname":"/plume-or-attackathon/53038-sc-low-distributeyield-can-be-frontrun-to-sandwich-rewards-we-can-force-ourselves-to-be-the-la","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"fb34835dccb35b035f2d5836ae0c0cfec845f9ef","title":"53037 sc critical commission changes can retroactively affect user rewards","pathname":"/plume-or-attackathon/53037-sc-critical-commission-changes-can-retroactively-affect-user-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3c6158e89e2845e1bc570aa6538bead275d1f954","title":"53035 sc medium share lock applied to wrapper instead of end user breaks transfers or bypasses lock","pathname":"/plume-or-attackathon/53035-sc-medium-share-lock-applied-to-wrapper-instead-of-end-user-breaks-transfers-or-bypasses-lock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f254df11101c1eea8152272b0efa69ee4d182486","title":"53034 sc high arctokenfactory doesn t properly handle role management which allows users to arbitrary upgrade their arctoken s implementation","pathname":"/plume-or-attackathon/53034-sc-high-arctokenfactory-doesn-t-properly-handle-role-management-which-allows-users-to-arbitrar","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"63cdbd056d256c1285ec51033e69501265837158","title":"53028 sc high there is an asymmetric rounding issue that is can cause a theft of unclaimed yield in reward or commission accounting","pathname":"/plume-or-attackathon/53028-sc-high-there-is-an-asymmetric-rounding-issue-that-is-can-cause-a-theft-of-unclaimed-yield-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"71bfa29a24f93bba27c3095d8f774e103600bff8","title":"53025 sc high commission on removed tokens is unclaimable","pathname":"/plume-or-attackathon/53025-sc-high-commission-on-removed-tokens-is-unclaimable","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7edf2798fa92620e8f68bb638b3d5bb6be4c9a23","title":"53022 sc critical funds are not properly refunded to user which calls for swap on the dex aggregator","pathname":"/plume-or-attackathon/53022-sc-critical-funds-are-not-properly-refunded-to-user-which-calls-for-swap-on-the-dex-aggregator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9b6a734b7d31136c2f89be4c97b1bbb09e128e8f","title":"53021 sc medium deposit and bridge workflow bricked by immediate share lock users cannot bridge immediately after deposit","pathname":"/plume-or-attackathon/53021-sc-medium-deposit-and-bridge-workflow-bricked-by-immediate-share-lock-users-cannot-bridge-imme","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1a3e074ee15c696d08eb877aab86dae3e8c4b532","title":"53020 sc high there are functions which when inevitably used could result in wrongly accruing yield for inactive validators which can make the protocol insolvent","pathname":"/plume-or-attackathon/53020-sc-high-there-are-functions-which-when-inevitably-used-could-result-in-wrongly-accruing-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3f86576dfde1983fe663eec346b54bad4fc32a0d","title":"53018 sc high owed rewards could be lost for some users for periods before slashing time due to incorrect logic ","pathname":"/plume-or-attackathon/53018-sc-high-owed-rewards-could-be-lost-for-some-users-for-periods-before-slashing-time-due-to-inco","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5f897a386980cbac01cb88d32ba967350e6223d1","title":"53016 sc high arctokenpurchase doesn t allow rwa token owners to recover accrued yield from stored arctokens waiting for sale ","pathname":"/plume-or-attackathon/53016-sc-high-arctokenpurchase-doesn-t-allow-rwa-token-owners-to-recover-accrued-yield-from-stored-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"40799e8bd48dd9d115e356f3c15f883e139fdb4c","title":"53015 sc low raffle does not invalidate used tickets breaking fairness","pathname":"/plume-or-attackathon/53015-sc-low-raffle-does-not-invalidate-used-tickets-breaking-fairness","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"44631c0c14bca3d8c00964a3700ae5aee8b9afd1","title":"53011 sc critical uncleaned partial approval consumption in dex aggregator integration leads to permanent dos","pathname":"/plume-or-attackathon/53011-sc-critical-uncleaned-partial-approval-consumption-in-dex-aggregator-integration-leads-to-perm","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e9c9b5ac944e422928f45955e0bb34a0130729e0","title":"53001 sc high yield tokens become stuck in arctokenpurchase contract when distributing yield during active sales","pathname":"/plume-or-attackathon/53001-sc-high-yield-tokens-become-stuck-in-arctokenpurchase-contract-when-distributing-yield-during","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c6c163d81bcc3c648b7ebcdcc5bcc277bb97d85e","title":"52998 sc low minor delays from oracle can unfairly reset users streak","pathname":"/plume-or-attackathon/52998-sc-low-minor-delays-from-oracle-can-unfairly-reset-users-streak","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"04f838713039368293271322168427d0d61c774b","title":"52896 sc low pause gate is present but no way to pause","pathname":"/plume-or-attackathon/52896-sc-low-pause-gate-is-present-but-no-way-to-pause","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1c47df38f1bbfa992683a220b5941395000e6dcd","title":"52891 sc low staking and unstaking immediately an amount little less than the original staked amount leaves dust stake amounts in the system ","pathname":"/plume-or-attackathon/52891-sc-low-staking-and-unstaking-immediately-an-amount-little-less-than-the-original-staked-amount","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"933851e29d43893efa6f7bf38ce74ce6b3696e31","title":"52996 sc high users can claim rewards for newly added reward tokens even when the validator they staked for was inactive during some time interval ","pathname":"/plume-or-attackathon/52996-sc-high-users-can-claim-rewards-for-newly-added-reward-tokens-even-when-the-validator-they-sta","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"6c671fc87f232e5eb54db765888335437a59c139","title":"52995 sc high validators lose access to historical reward tokens when tokens are removed","pathname":"/plume-or-attackathon/52995-sc-high-validators-lose-access-to-historical-reward-tokens-when-tokens-are-removed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e8eee4de78a538d269905acd2a9a1d89e548f814","title":"52589 sc low in distribute yield function if there are no legitimate users i e no restricted users the funds will remain stuck","pathname":"/plume-or-attackathon/52589-sc-low-in-distribute-yield-function-if-there-are-no-legitimate-users-i-e-no-restricted-users-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e03b4c3ea4a201324ed23c93a337c742157258f9","title":"52990 sc low uint8 truncation and missing cap on week index can return wrong zero jackpot amounts low contract fails to deliver promised returns ","pathname":"/plume-or-attackathon/52990-sc-low-uint8-truncation-and-missing-cap-on-week-index-can-return-wrong-zero-jackpot-amounts-lo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f4b4929355805f9ccd0a249b67fdf9852e21361b","title":"52890 sc low no recipient yield distribution locks yield tokens on arctoken efftotal 0 ","pathname":"/plume-or-attackathon/52890-sc-low-no-recipient-yield-distribution-locks-yield-tokens-on-arctoken-efftotal-0","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2b94a615c3f31a4b03efafea16eb417031640359","title":"52588 sc high retroactive reward accrual for newly added tokens when validator was inactive ","pathname":"/plume-or-attackathon/52588-sc-high-retroactive-reward-accrual-for-newly-added-tokens-when-validator-was-inactive","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"60d4a899f253c1da449866b952f48dc57685ace9","title":"52988 sc medium deposit function dos","pathname":"/plume-or-attackathon/52988-sc-medium-deposit-function-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"fce04e7a438c17ba63bb39bef9324ce46337e507","title":"52290 sc medium deposit function in tellerwithmultiassetsupportpredicateproxy is completely broken due to wrong share lock","pathname":"/plume-or-attackathon/52290-sc-medium-deposit-function-in-tellerwithmultiassetsupportpredicateproxy-is-completely-broken-d","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"dad027516668dbb7bcdb1898575705fc8ed867e2","title":"52986 sc high jackpot check uses previous streakcount instead of current computed streak denying jackpot on first eligible day","pathname":"/plume-or-attackathon/52986-sc-high-jackpot-check-uses-previous-streakcount-instead-of-current-computed-streak-denying-jac","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b7b8e2d0a8b7e12bcc7e97e55324aa55fe32dce1","title":"52576 sc high flaw in raffle determinereward in jackpot prize calculation after week 12","pathname":"/plume-or-attackathon/52576-sc-high-flaw-in-raffle-determinereward-in-jackpot-prize-calculation-after-week-12","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"85df9ef1a1f23898355bedef43695d9d7a358663","title":"52889 sc high inactive validators accrue rewards for new tokens","pathname":"/plume-or-attackathon/52889-sc-high-inactive-validators-accrue-rewards-for-new-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f43564472ea586911c419be35310d7d294a4a37a","title":"52286 sc high off by one error in jackpot eligibility check leads to denial of legitimate rewards","pathname":"/plume-or-attackathon/52286-sc-high-off-by-one-error-in-jackpot-eligibility-check-leads-to-denial-of-legitimate-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4fcb3fdb351289455b95d2fa42effbcc0991c286","title":"52573 sc high unconsented stakeonbehalf enables unbounded gas consumption via uservalidators growth causing dos at scale in claimall withdraw ","pathname":"/plume-or-attackathon/52573-sc-high-unconsented-stakeonbehalf-enables-unbounded-gas-consumption-via-uservalidators-growth","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"edf7940191afade6b400eefbaf34b71eb25f8091","title":"52983 sc high validator will loose commission for the tokens which are removed from the reward tokens but they still have commission left to be claimed ","pathname":"/plume-or-attackathon/52983-sc-high-validator-will-loose-commission-for-the-tokens-which-are-removed-from-the-reward-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ef496ed75369d99cf9fd6d5ff46bbcbb9e91f58e","title":"52870 sc low cooldown extension logic may lead to locked funds","pathname":"/plume-or-attackathon/52870-sc-low-cooldown-extension-logic-may-lead-to-locked-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2d361eec559003d114828df1d731eed6f8946a9f","title":"52285 sc high incorrect dust handling in yield distribution leads to permanent fund lock","pathname":"/plume-or-attackathon/52285-sc-high-incorrect-dust-handling-in-yield-distribution-leads-to-permanent-fund-lock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"db692e772e1a8fa0ce593711aebd3fbb63dec986","title":"52572 sc high a legitimate arc token holder can be denied his yield ","pathname":"/plume-or-attackathon/52572-sc-high-a-legitimate-arc-token-holder-can-be-denied-his-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9bae32e8e67d2bc56a3017d6ce9f5f37a8c9f3af","title":"52865 sc high inconsistency in how stake cooldown is handled due to off by one error ","pathname":"/plume-or-attackathon/52865-sc-high-inconsistency-in-how-stake-cooldown-is-handled-due-to-off-by-one-error","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d5aabb4633847ab389e3f2f86bfd6406b9437890","title":"51999 sc high logical flaw in validator reactivation and addrewardtoken allows claiming rewards for validators in inactive periods","pathname":"/plume-or-attackathon/51999-sc-high-logical-flaw-in-validator-reactivation-and-addrewardtoken-allows-claiming-rewards-for","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"675938c8e4529fb4115039fc11564e6e4b339aa2","title":"52982 sc medium non standard erc20 approvals usdt like cause repeat call failures after partial fills","pathname":"/plume-or-attackathon/52982-sc-medium-non-standard-erc20-approvals-usdt-like-cause-repeat-call-failures-after-partial-fill","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"afc3186ba4cf24c38d9643329660315d6c0704d2","title":"52278 sc high incorrect streak check in jackpot eligibility leads to unfair reward denial","pathname":"/plume-or-attackathon/52278-sc-high-incorrect-streak-check-in-jackpot-eligibility-leads-to-unfair-reward-denial","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b94ca50487eb4d70fe1fd2a6c0da70d7307092e7","title":"51994 sc high permanent loss of validator commission upon reward token removal","pathname":"/plume-or-attackathon/51994-sc-high-permanent-loss-of-validator-commission-upon-reward-token-removal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b17bb6abd22e3aeeb4153088e95071ba7cf7482b","title":"52560 sc high incorrect current streak used when calculating whether the jackpot should be awarded or not","pathname":"/plume-or-attackathon/52560-sc-high-incorrect-current-streak-used-when-calculating-whether-the-jackpot-should-be-awarded-o","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a140078c193d6fad828c164787baeaa29f5e8c48","title":"52277 sc low race condition in streak calculation leads to unfair streak reset for users spinning near utc day change","pathname":"/plume-or-attackathon/52277-sc-low-race-condition-in-streak-calculation-leads-to-unfair-streak-reset-for-users-spinning-ne","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"0228ee9afae6b5f686e8763a877f2d04390c932e","title":"52849 sc high claimers who claim after slash inactive updaterewardpertokenforvalidator which advances validatorlastupdatetimes to be more than slashtimestamp will lose rewards for a segment","pathname":"/plume-or-attackathon/52849-sc-high-claimers-who-claim-after-slash-inactive-updaterewardpertokenforvalidator-which-advance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"360b72f2682fd9984e3a8203f46be96bad7d6581","title":"51771 sc low unsafe downcast of uint256 to uint8 will lead to silent overflow","pathname":"/plume-or-attackathon/51771-sc-low-unsafe-downcast-of-uint256-to-uint8-will-lead-to-silent-overflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8a48280c7b7f654b54f5b63e14c35cbef93723b9","title":"51992 sc high dust accumulation in arctoken during yield distribution ","pathname":"/plume-or-attackathon/51992-sc-high-dust-accumulation-in-arctoken-during-yield-distribution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"082ad2f5d4cf6020d4f14901cebcc024073e915f","title":"52254 sc high arctoken theft beyond unclaimed yield during distribution","pathname":"/plume-or-attackathon/52254-sc-high-arctoken-theft-beyond-unclaimed-yield-during-distribution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5ca5d4321847a515df7d4ac527c4edf589a5b496","title":"51989 sc low event restrictionscreated always emits msg sender as owner ","pathname":"/plume-or-attackathon/51989-sc-low-event-restrictionscreated-always-emits-msg-sender-as-owner","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8145b51289a3cd79ecf1671011ed57500aa482de","title":"52847 sc high no function to recover the remained yield by distributeyieldwithlimit ","pathname":"/plume-or-attackathon/52847-sc-high-no-function-to-recover-the-remained-yield-by-distributeyieldwithlimit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7c040e23ef9b4bc6d16bc125a2f9e2200effe414","title":"51754 sc high double yield distribution via token transfers between distributeyieldwithlimit calls","pathname":"/plume-or-attackathon/51754-sc-high-double-yield-distribution-via-token-transfers-between-distributeyieldwithlimit-calls","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d3ffd7cafaca29327ab28e1d4ca1b4e9333f13f3","title":"52527 sc high the validator admin might claim less commission token when validatorfacet requestcommissionclaim is called ","pathname":"/plume-or-attackathon/52527-sc-high-the-validator-admin-might-claim-less-commission-token-when-validatorfacet-requestcommi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7a2a13fffb13d1a894cd0fc12ce28f7387256186","title":"52980 sc critical partial fills strand source tokens in the wrapper and leave dangerous residual allowances","pathname":"/plume-or-attackathon/52980-sc-critical-partial-fills-strand-source-tokens-in-the-wrapper-and-leave-dangerous-residual-all","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"65e057e2224477d755286a4d4fd5db18fc006136","title":"52248 sc insight lack of initialization check in staking allows users to stake without reward token configured causing permanent loss of yield","pathname":"/plume-or-attackathon/52248-sc-insight-lack-of-initialization-check-in-staking-allows-users-to-stake-without-reward-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5a25c33ba2ee6d34dda14db5b03833a60157c5f4","title":"51596 sc low unsafe uint256 to uint8 downcast causes integer overflow leading to unauthorized jackpot payouts after week 255","pathname":"/plume-or-attackathon/51596-sc-low-unsafe-uint256-to-uint8-downcast-causes-integer-overflow-leading-to-unauthorized-jackpo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2702399edae96c2670841d944fec60528a22a69a","title":"52845 sc high distributeyieldwithlimit lacks snapshot between batches allowing state changes to break distribution and lock yield","pathname":"/plume-or-attackathon/52845-sc-high-distributeyieldwithlimit-lacks-snapshot-between-batches-allowing-state-changes-to-brea","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7ea9f19e99c05a4687fdde565a5b33095e1cedaf","title":"52241 sc low unexposed pauseable functionality","pathname":"/plume-or-attackathon/52241-sc-low-unexposed-pauseable-functionality","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d289535c064fd1f5ebc0521db8826be505759c20","title":"51746 sc low depositandbridge function of tellerwithmultiassetsupportpredicateproxy sol can not be paused","pathname":"/plume-or-attackathon/51746-sc-low-depositandbridge-function-of-tellerwithmultiassetsupportpredicateproxy-sol-can-not-be-p","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3a786489264ae51aa3d26a27713c0c35d5a68312","title":"51988 sc medium plumerewardlogic calculaterewardswithcheckpointsview lacking of checking if the validator is inactive but not slashed ","pathname":"/plume-or-attackathon/51988-sc-medium-plumerewardlogic-calculaterewardswithcheckpointsview-lacking-of-checking-if-the-vali","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c480eee274daea8a97af68e82269212dd8c99c1d","title":"52519 sc low missing eligibility check before fund transfer in distributeyield leads to permanent loss of yield tokens","pathname":"/plume-or-attackathon/52519-sc-low-missing-eligibility-check-before-fund-transfer-in-distributeyield-leads-to-permanent-lo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"61b8f401f1c6cd949d90c4549934c1b2616e7f63","title":"51391 sc low enabletoken function overwrites amountsold to zero causing permanent loss of sales history","pathname":"/plume-or-attackathon/51391-sc-low-enabletoken-function-overwrites-amountsold-to-zero-causing-permanent-loss-of-sales-hist","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"619e3b22f814950c19a6386415a964c93acd2671","title":"52221 sc insight hardcoded supra subscription wallet can freeze spin","pathname":"/plume-or-attackathon/52221-sc-insight-hardcoded-supra-subscription-wallet-can-freeze-spin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3d274d94f2cc3ec554bb07059a72dafcc663ee75","title":"52843 sc low the zero address cannot be whitelisted which means during restrictions minting and burning cannot work","pathname":"/plume-or-attackathon/52843-sc-low-the-zero-address-cannot-be-whitelisted-which-means-during-restrictions-minting-and-burn","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a65e1f2c1324801ffe1b985ceddbd58ec7926bc4","title":"51589 sc high tokencreator retains upgrade rights fix remains insufficient finding 01 immunefi report","pathname":"/plume-or-attackathon/51589-sc-high-tokencreator-retains-upgrade-rights-fix-remains-insufficient-finding-01-immunefi-repor","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f856f9a5f020f27eb3f90891b944fb27ed914f87","title":"52979 sc low whitelistrestrictions unintentionally disables mint and burn when transfers are restricted","pathname":"/plume-or-attackathon/52979-sc-low-whitelistrestrictions-unintentionally-disables-mint-and-burn-when-transfers-are-restric","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"06f1d63f44b4571513dab47a77cdfad3f8fd3a11","title":"52517 sc high missing point in time snapshot in batched yield distribution enables double claims and permanent fund lock","pathname":"/plume-or-attackathon/52517-sc-high-missing-point-in-time-snapshot-in-batched-yield-distribution-enables-double-claims-and","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5ac6846481b2fb91bb54986766974fd740c83d90","title":"52218 sc high creator retains default admin role allowing bypass of upgrade restrictions","pathname":"/plume-or-attackathon/52218-sc-high-creator-retains-default-admin-role-allowing-bypass-of-upgrade-restrictions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f543c3dffbece1f59baa87d9911a9a6c2cd5ad90","title":"52841 sc medium token admin can dos admin to not let admin change purchase token","pathname":"/plume-or-attackathon/52841-sc-medium-token-admin-can-dos-admin-to-not-let-admin-change-purchase-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ae0b45d3fe810f445fb984ecdd39c43ce6302549","title":"52976 sc low turning on transfer restriction permanently blocks minting and burning","pathname":"/plume-or-attackathon/52976-sc-low-turning-on-transfer-restriction-permanently-blocks-minting-and-burning","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b788d24f8e51b3e4f369d113f31b7ea6d13b75b7","title":"51369 sc high unbounded iteration gas dos in validatetokenforclaim ","pathname":"/plume-or-attackathon/51369-sc-high-unbounded-iteration-gas-dos-in-validatetokenforclaim","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3a671fcb66e09154a44bcf10f5d51572b419e224","title":"51987 sc high validators will be able to steal more commission from users that isn t the commission to be charged","pathname":"/plume-or-attackathon/51987-sc-high-validators-will-be-able-to-steal-more-commission-from-users-that-isn-t-the-commission","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"00755b269bb0cf8ee8fe0d29ce6c98305b569f63","title":"52203 sc medium griefing attack on arctokenpurchase setpurchasetoken function via front running","pathname":"/plume-or-attackathon/52203-sc-medium-griefing-attack-on-arctokenpurchase-setpurchasetoken-function-via-front-running","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3b862ef029532b255f4bd95553b84f6cf7d9a924","title":"52837 sc insight gas heavy repeated binary search increases reward calculation gas costs","pathname":"/plume-or-attackathon/52837-sc-insight-gas-heavy-repeated-binary-search-increases-reward-calculation-gas-costs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5d25f3d67d364e1e07895d4ccfd1de29ee20d415","title":"51090 sc high malicious user can steal yields when arctoken distributeyieldwithlimit is used ","pathname":"/plume-or-attackathon/51090-sc-high-malicious-user-can-steal-yields-when-arctoken-distributeyieldwithlimit-is-used","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"348227731edbc236a9dcc7a1155726e716bece41","title":"51567 sc low contract cannot be paused missing public pause and unpause functions","pathname":"/plume-or-attackathon/51567-sc-low-contract-cannot-be-paused-missing-public-pause-and-unpause-functions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"27e35a77eb30c933d2305039620964822fa83878","title":"52974 sc medium when the approval to the okxapprover is not fully spent the deposit function will be blocked","pathname":"/plume-or-attackathon/52974-sc-medium-when-the-approval-to-the-okxapprover-is-not-fully-spent-the-deposit-function-will-be","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ff896441dc0e88e87e4d751d7953807e8ab57148","title":"51352 sc critical user will lose the unspent amount when executing partial swaps via 1inch","pathname":"/plume-or-attackathon/51352-sc-critical-user-will-lose-the-unspent-amount-when-executing-partial-swaps-via-1inch","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f87ef5e773b0e7a2978030af6ab237891293b0af","title":"51083 sc insight claimall only loops over active reward tokens and ignores historical tokens","pathname":"/plume-or-attackathon/51083-sc-insight-claimall-only-loops-over-active-reward-tokens-and-ignores-historical-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3003520eecdcb676bd5ebb3dc741a8d8faa853e8","title":"52833 sc high bypass the fix of immunefi audit imm crit 01 token creator can upgrade arctoken implementation","pathname":"/plume-or-attackathon/52833-sc-high-bypass-the-fix-of-immunefi-audit-imm-crit-01-token-creator-can-upgrade-arctoken-implem","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e9c2ca6d3a5c11e5a4a4544a7835df9c8ab2108a","title":"52202 sc low failure to invalidate winning tickets allows multiple wins from single entry","pathname":"/plume-or-attackathon/52202-sc-low-failure-to-invalidate-winning-tickets-allows-multiple-wins-from-single-entry","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"fb0b490982dc174d16ab486d15e2078bc300b08b","title":"51980 sc low unstake cooldown period is mistakenly reset on each claim resulting in temporary frozen funds","pathname":"/plume-or-attackathon/51980-sc-low-unstake-cooldown-period-is-mistakenly-reset-on-each-claim-resulting-in-temporary-frozen","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7b49fb5eb4ee6de5027f8276e0724669be5e8056","title":"51558 sc high arctoken holder can receive yield twice from distributeyieldwithlimit ","pathname":"/plume-or-attackathon/51558-sc-high-arctoken-holder-can-receive-yield-twice-from-distributeyieldwithlimit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5142529862079acabe36207f4dca6ceea3928186","title":"50796 sc high jackpot eligibility uses stale streak","pathname":"/plume-or-attackathon/50796-sc-high-jackpot-eligibility-uses-stale-streak","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c549df96942539ca77f3c3edaa53f19b4c273906","title":"52500 sc high missing commission checkpoint initialization leads to retroactive commission theft of user rewards","pathname":"/plume-or-attackathon/52500-sc-high-missing-commission-checkpoint-initialization-leads-to-retroactive-commission-theft-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8fc84558b8437587062e57794b293618c19042af","title":"52198 sc high balance manipulation between batches leading to inflated payout and dos","pathname":"/plume-or-attackathon/52198-sc-high-balance-manipulation-between-batches-leading-to-inflated-payout-and-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"de1afa9419c1b69262e3dd4e8f502eaae965777b","title":"51979 sc low getaccruedcommission returns outdated accrued commission","pathname":"/plume-or-attackathon/51979-sc-low-getaccruedcommission-returns-outdated-accrued-commission","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ee7a44bfb6d282e38e5aaa5c2148e76a80019f31","title":"51070 sc low winning raffle ticket can be re used to maintain unfair advantage over other players in raffle ","pathname":"/plume-or-attackathon/51070-sc-low-winning-raffle-ticket-can-be-re-used-to-maintain-unfair-advantage-over-other-players-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4cb92559a132a33d37baadbf32cbaf7a7ff1152d","title":"52499 sc high arctoken factory s admin cannot upgrade an arctoken","pathname":"/plume-or-attackathon/52499-sc-high-arctoken-factory-s-admin-cannot-upgrade-an-arctoken","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ab48c9b8b6cd3d491b2f0f89b64de51d6bd99a33","title":"50784 sc high any arc token creator can upgrade the implementation ","pathname":"/plume-or-attackathon/50784-sc-high-any-arc-token-creator-can-upgrade-the-implementation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2326c34e7fd9902ba0e3280b2965606fbc557058","title":"52964 sc high if a new reward token is added during a the period a validator is inactive the validator will still earn rewards commission for some of the duration in which they were inactive ","pathname":"/plume-or-attackathon/52964-sc-high-if-a-new-reward-token-is-added-during-a-the-period-a-validator-is-inactive-the-validat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d1eb793623f6c0394380c3ec36bee4ecb00e4f4f","title":"52186 sc low incorrect reward calculation for slashed validators due to single segment time handling ","pathname":"/plume-or-attackathon/52186-sc-low-incorrect-reward-calculation-for-slashed-validators-due-to-single-segment-time-handling","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9b353fe24394e47787f892d47f859f43ce0d6af5","title":"51970 sc low spin streak computation relies on oracle callback time any third party delay can reset the user s streak and block jackpot eligibility ","pathname":"/plume-or-attackathon/51970-sc-low-spin-streak-computation-relies-on-oracle-callback-time-any-third-party-delay-can-reset","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4ec7cfbc5b19029c3b825c64ce6d094fd40d8ac4","title":"51324 sc high rounding in commission accounting burns delegator rewards","pathname":"/plume-or-attackathon/51324-sc-high-rounding-in-commission-accounting-burns-delegator-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8a5ea634d2bc2f6cd9a81da74f7777728ccfd81c","title":"52803 sc high canrecoverfromcooldown is inconsistent when slash and cooldown maturity occur in the same block","pathname":"/plume-or-attackathon/52803-sc-high-canrecoverfromcooldown-is-inconsistent-when-slash-and-cooldown-maturity-occur-in-the-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"6220c4ca8bd9946d309eefe28b3f0935d439bf2a","title":"52489 sc low when users perform unstake operations in batches it may cause some funds to be frozen for an additional period of time ","pathname":"/plume-or-attackathon/52489-sc-low-when-users-perform-unstake-operations-in-batches-it-may-cause-some-funds-to-be-frozen-f","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"073608a80fc0589d5911234b02f3020f05c35fac","title":"52961 sc high theft of yield from the distributor ","pathname":"/plume-or-attackathon/52961-sc-high-theft-of-yield-from-the-distributor","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"037c95d9952c8f9b44f884e95377930bcfa4e97a","title":"50783 sc low validator percentage cap does not work properly","pathname":"/plume-or-attackathon/50783-sc-low-validator-percentage-cap-does-not-work-properly","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d7b037164d40a1cacb848aa46ca750de03c8773a","title":"51320 sc low malicious teller parameter allow event data manipulation","pathname":"/plume-or-attackathon/51320-sc-low-malicious-teller-parameter-allow-event-data-manipulation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2d8524a5db84ea890d720b180ad59dc0a8a988d6","title":"51966 sc low totalamountclaimable reverts instead of returning the claimable reward for historical tokens","pathname":"/plume-or-attackathon/51966-sc-low-totalamountclaimable-reverts-instead-of-returning-the-claimable-reward-for-historical-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"dc2871118c815a34b66dbff65beb4778544b7719","title":"50399 sc low broken access control in particular contract functions due lack of pause unpause functionality","pathname":"/plume-or-attackathon/50399-sc-low-broken-access-control-in-particular-contract-functions-due-lack-of-pause-unpause-functi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1add7aa4543dd033059e7229becb7102af14084a","title":"51547 sc medium approval race condition with safeapprove leads to transaction reverts","pathname":"/plume-or-attackathon/51547-sc-medium-approval-race-condition-with-safeapprove-leads-to-transaction-reverts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f4330800939d2e69a68768f6f79b45d1bf485019","title":"52960 sc insight incosistent withdrawable amount calculations","pathname":"/plume-or-attackathon/52960-sc-insight-incosistent-withdrawable-amount-calculations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e438245858f152b467c2582adc2b7e6ea1fbd74d","title":"52798 sc high integer division remainder loss in batched yield distribution causes permanent fund lock","pathname":"/plume-or-attackathon/52798-sc-high-integer-division-remainder-loss-in-batched-yield-distribution-causes-permanent-fund-lo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b6f577d0dccbaf006176d8434da982dd4c82247b","title":"51961 sc high attackers can deny commission rewards to validators by repeatedly calling forcesettlevalidatorcommission ","pathname":"/plume-or-attackathon/51961-sc-high-attackers-can-deny-commission-rewards-to-validators-by-repeatedly-calling-forcesettlev","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7115de10b1542f63ee864dd69eb92bfd8d113725","title":"50745 sc low single cooldown entry design causes timer reset on multiple unstakes leading to extended lock periods","pathname":"/plume-or-attackathon/50745-sc-low-single-cooldown-entry-design-causes-timer-reset-on-multiple-unstakes-leading-to-extende","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"101ab95e7b313d4670f8697ff1a206a50ccd041d","title":"51530 sc high validators can not claim pending accrued commission when reward tokens have been removed from the isrewardtoken mapping ","pathname":"/plume-or-attackathon/51530-sc-high-validators-can-not-claim-pending-accrued-commission-when-reward-tokens-have-been-remov","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9ba7d9f55ac97f24fb470cc78cc5788940aaa574","title":"50393 sc insight unused admin state variable increases deployment and storage costs ","pathname":"/plume-or-attackathon/50393-sc-insight-unused-admin-state-variable-increases-deployment-and-storage-costs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8b0afad828e47fc38417587e01a211e23a721412","title":"52796 sc low whitelist restriction in arctoken blocks all minting and burning","pathname":"/plume-or-attackathon/52796-sc-low-whitelist-restriction-in-arctoken-blocks-all-minting-and-burning","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"05d0dd1c00b20f27ba8b256d082f26379b5451a7","title":"52956 sc high state inconsistency in batched yield distribution leads to direct theft of user funds and protocol insolvency","pathname":"/plume-or-attackathon/52956-sc-high-state-inconsistency-in-batched-yield-distribution-leads-to-direct-theft-of-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"214af7300c7f50b6667cff2eb4fc65851bd69af7","title":"49787 sc high batched yield distribution doesn t account for transfers purchases between batches","pathname":"/plume-or-attackathon/49787-sc-high-batched-yield-distribution-doesn-t-account-for-transfers-purchases-between-batches","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a724393a461c742ef05cda27eb74f2c581511ee3","title":"52178 sc critical user will lose the unspent amount when executing partial swaps via okxrouter","pathname":"/plume-or-attackathon/52178-sc-critical-user-will-lose-the-unspent-amount-when-executing-partial-swaps-via-okxrouter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7e0618c1c678f0da236f656b32766601312e43d7","title":"51296 sc low arctokenpurchase withdrawal breaks view functions","pathname":"/plume-or-attackathon/51296-sc-low-arctokenpurchase-withdrawal-breaks-view-functions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e7523d57ff6848efb3d803e890e0d918c76a9942","title":"51051 sc high inactive validator reward accrual bypass","pathname":"/plume-or-attackathon/51051-sc-high-inactive-validator-reward-accrual-bypass","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a37b43a9afd8140180bbd0c6ec9cebe389707f78","title":"50392 sc insight phantom commission burn","pathname":"/plume-or-attackathon/50392-sc-insight-phantom-commission-burn","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9706c5c54bfde3bb1b0b0275afc8d94a938065d7","title":"52955 sc high a commission rate checkpoint is not created when adding a validator despite the commission rate being set leading to loss of validator commission ","pathname":"/plume-or-attackathon/52955-sc-high-a-commission-rate-checkpoint-is-not-created-when-adding-a-validator-despite-the-commis","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e15db635679f2fb6ec3771348868695bfd4715b8","title":"52468 sc insight dos in batch yield distribution due to cross batch state inconsistency","pathname":"/plume-or-attackathon/52468-sc-insight-dos-in-batch-yield-distribution-due-to-cross-batch-state-inconsistency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ffd0a59d8f6affbfc624bb4da27aded71d104866","title":"52165 sc high user can t claim reward erc20 tokens since rewards transfer will revert","pathname":"/plume-or-attackathon/52165-sc-high-user-can-t-claim-reward-erc20-tokens-since-rewards-transfer-will-revert","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d1a9d775c59743c3e62b84489754bd4e4d8baa47","title":"51951 sc low a global blocking check in claimprize prevents individual winner claims until all winners are drawn","pathname":"/plume-or-attackathon/51951-sc-low-a-global-blocking-check-in-claimprize-prevents-individual-winner-claims-until-all-winne","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"707d2f64154732021801dd0020e02cd96cd6e3d1","title":"51728 sc high users can claim rewards for inactive validator periods due to incorrect checkpoint accrual ","pathname":"/plume-or-attackathon/51728-sc-high-users-can-claim-rewards-for-inactive-validator-periods-due-to-incorrect-checkpoint-acc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b67505ea1e7cbf4062bd6484807a61cd299d7138","title":"52794 sc low remainingforsale not updated after withdrawunsoldarctokens will cause following buy revert","pathname":"/plume-or-attackathon/52794-sc-low-remainingforsale-not-updated-after-withdrawunsoldarctokens-will-cause-following-buy-rev","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d0c453499e65d2455523a9d5f0e2f213bd4573cd","title":"52948 sc low jackpot reward rejected at exact threshold","pathname":"/plume-or-attackathon/52948-sc-low-jackpot-reward-rejected-at-exact-threshold","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8ba2beb45b184bf92232d69b54af495b528c3588","title":"50735 sc high some yield tokens will be stuck in contract due to incorrect lastprocessedindex calculation ","pathname":"/plume-or-attackathon/50735-sc-high-some-yield-tokens-will-be-stuck-in-contract-due-to-incorrect-lastprocessedindex-calcul","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"06a286564b4c5b692802be43de48c36dbdbf5eac","title":"51525 sc low unfair yield distribution to last holder due to flawed dust handling","pathname":"/plume-or-attackathon/51525-sc-low-unfair-yield-distribution-to-last-holder-due-to-flawed-dust-handling","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c78fc7f2e55742f2fc083125fb8424ce92681972","title":"49768 sc insight missing input validation in raffle editprize breaks functionality","pathname":"/plume-or-attackathon/49768-sc-insight-missing-input-validation-in-raffle-editprize-breaks-functionality","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c7b19c243893f9c5933c8e92443144dbf6deb5f8","title":"51288 sc insight validators commission can be permanently lost","pathname":"/plume-or-attackathon/51288-sc-insight-validators-commission-can-be-permanently-lost","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"eeb7015d7a4d9b4beb6b48d1f22a5e52556e1102","title":"50380 sc insight redundant use of allowedimplementations mapping in factory contracts createtoken and createwhitelistrestrictions in arctokenfactory and restrictionsfactory respectively ","pathname":"/plume-or-attackathon/50380-sc-insight-redundant-use-of-allowedimplementations-mapping-in-factory-contracts-createtoken-an","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d3d70dce21a0b95f7f3b1b2447b9efe467a76836","title":"51946 sc high commission claims fail for removed reward tokens","pathname":"/plume-or-attackathon/51946-sc-high-commission-claims-fail-for-removed-reward-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"fcc84545e676f7db63fdacb942112ea03f71dcf4","title":"51043 sc medium core deposit and depositandbridge functionality in tellerwithmultiassetsupportpredicateproxy is non functional due to flawed sharelockperiod logic","pathname":"/plume-or-attackathon/51043-sc-medium-core-deposit-and-depositandbridge-functionality-in-tellerwithmultiassetsupportpredic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3b4de6b56fa2e8a08f5445171fac2e352232fbaf","title":"52137 sc insight silent override of non global module implementation causes stored state and event log inconsistency","pathname":"/plume-or-attackathon/52137-sc-insight-silent-override-of-non-global-module-implementation-causes-stored-state-and-event-l","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b79b377d84fa89b3fa5565224b0b21d1c56c1b91","title":"51519 sc low unstake does not validate users remaing stake","pathname":"/plume-or-attackathon/51519-sc-low-unstake-does-not-validate-users-remaing-stake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"755a75856ee2f3684a1eb20bb0ef5303df29c762","title":"52464 sc high commission rounding mismatch under payment bug","pathname":"/plume-or-attackathon/52464-sc-high-commission-rounding-mismatch-under-payment-bug","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c546a471947cc5ab829d8d6f36bb54bc09f6a9d9","title":"50721 sc low winners cannot claim prizes until all winners have been drawn in raffle claimprize ","pathname":"/plume-or-attackathon/50721-sc-low-winners-cannot-claim-prizes-until-all-winners-have-been-drawn-in-raffle-claimprize","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b152a422e8f8e108f304d89accf0855abf785574","title":"51713 sc low missing minimum stake validation in unstake operations","pathname":"/plume-or-attackathon/51713-sc-low-missing-minimum-stake-validation-in-unstake-operations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"6ad79cda3640c3bdc3070984966dd1d408ec4eae","title":"52787 sc high batched yield distribution rounding in arctoken permanently freezes unclaimed funds and misreports payouts","pathname":"/plume-or-attackathon/52787-sc-high-batched-yield-distribution-rounding-in-arctoken-permanently-freezes-unclaimed-funds-an","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f323e24c5c07dfc03b727a6a520e4bae80f531d2","title":"49738 sc insight active users in prize pool loose invested raffle tickets when raffle removeprize is called ","pathname":"/plume-or-attackathon/49738-sc-insight-active-users-in-prize-pool-loose-invested-raffle-tickets-when-raffle-removeprize-is","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4a6c05f4ba7fc66b7ce5f453ed634429bd0bef1e","title":"51041 sc high streak count misuse in jackpot eligibility allows theft of user funds","pathname":"/plume-or-attackathon/51041-sc-high-streak-count-misuse-in-jackpot-eligibility-allows-theft-of-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"310cbd737559f90923015869e68aafa81091a1e0","title":"52944 sc high the requestcommisionclaim function can only claim commission on tokens that are currently reward tokens","pathname":"/plume-or-attackathon/52944-sc-high-the-requestcommisionclaim-function-can-only-claim-commission-on-tokens-that-are-curren","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a476b4e696f5357d90ac18676a276a65504ad2f5","title":"51286 sc low event restrictionscreated uses wrong owner","pathname":"/plume-or-attackathon/51286-sc-low-event-restrictionscreated-uses-wrong-owner","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"114b3586893a8bfa8e5daf5e45867c0222073e90","title":"50713 sc high deployer s default admin role enables self grant of upgrader role bypassing implementation whitelist","pathname":"/plume-or-attackathon/50713-sc-high-deployer-s-default-admin-role-enables-self-grant-of-upgrader-role-bypassing-implementa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"0051a41601589896b94b85b073b54f8c55952640","title":"51510 sc low bypass of maxvalidatorpercentage allows a validator to exceed the decentralisation cap","pathname":"/plume-or-attackathon/51510-sc-low-bypass-of-maxvalidatorpercentage-allows-a-validator-to-exceed-the-decentralisation-cap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"05ff11d510d71ac2092bf9072aa446679b87c35b","title":"51941 sc high token creator can revoke factory s upgrade capability permanently blocking upgrades","pathname":"/plume-or-attackathon/51941-sc-high-token-creator-can-revoke-factory-s-upgrade-capability-permanently-blocking-upgrades","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e5433444a327785e48c1eacb30e3d31356ec0999","title":"51712 sc insight yield distribution will revert if global module doesn t implement iyieldrestrictions","pathname":"/plume-or-attackathon/51712-sc-insight-yield-distribution-will-revert-if-global-module-doesn-t-implement-iyieldrestriction","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b50dedda9d7c93c8a2e9d223fe44842b63c553d3","title":"49732 sc medium malicious token admin can permanently block setpurchasetoken","pathname":"/plume-or-attackathon/49732-sc-medium-malicious-token-admin-can-permanently-block-setpurchasetoken","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5c982c14ea88a1a59c2dc0ede2b205626fe66a4a","title":"51034 sc low sales information is lost when enabling token","pathname":"/plume-or-attackathon/51034-sc-low-sales-information-is-lost-when-enabling-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d0e6bdf75dc2c0d1d1e4c4f79e2d836d0de85137","title":"52780 sc high timestamp manipulation in forcesettlevalidatorcommission leads to permanent loss of staker rewards","pathname":"/plume-or-attackathon/52780-sc-high-timestamp-manipulation-in-forcesettlevalidatorcommission-leads-to-permanent-loss-of-st","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3692b235c0715989537abdf796f055834fe6af9d","title":"52129 sc low previewyielddistribution reverts instead of returning zero when no tokens are in circulation","pathname":"/plume-or-attackathon/52129-sc-low-previewyielddistribution-reverts-instead-of-returning-zero-when-no-tokens-are-in-circul","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"723d22aad4e50bb03d476d5e964ec7e313313eeb","title":"50694 sc low spins occuring close to midnight lead to users streaks being unfairly broken due to vrf callback delay","pathname":"/plume-or-attackathon/50694-sc-low-spins-occuring-close-to-midnight-lead-to-users-streaks-being-unfairly-broken-due-to-vrf","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4cbf2dab3c2aa8308037a9ef441a4332ffae5c9e","title":"51929 sc low deactivating istransferallowed indirectly doses minting burning functionality","pathname":"/plume-or-attackathon/51929-sc-low-deactivating-istransferallowed-indirectly-doses-minting-burning-functionality","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c4acbec9559ca2d839f776b65505e526a493c12d","title":"50350 sc high stakingfacet stakeonbehalf allows to prevent withdraws","pathname":"/plume-or-attackathon/50350-sc-high-stakingfacet-stakeonbehalf-allows-to-prevent-withdraws","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"559f1ad5b2fe758b577d3fd7c02f8909d2d86e93","title":"49731 sc high theft on re added tokens","pathname":"/plume-or-attackathon/49731-sc-high-theft-on-re-added-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7331f2976e0c0bb19eeb9374cde19b94cbdd3c38","title":"51502 sc low enabling transfer restrictions permanently blocks minting and burning","pathname":"/plume-or-attackathon/51502-sc-low-enabling-transfer-restrictions-permanently-blocks-minting-and-burning","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9b041c202dd159836d9c60ade43a8bfcf19af6a0","title":"52937 sc insight redundant raffle ticket balance check","pathname":"/plume-or-attackathon/52937-sc-insight-redundant-raffle-ticket-balance-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1b6a76d6cd79448c50db96a4d3558b72d7dfee66","title":"50691 sc insight no validator limit can lead to dos","pathname":"/plume-or-attackathon/50691-sc-insight-no-validator-limit-can-lead-to-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1cc69d233a6f1f2f7d773fc3c6969d6b9116bd81","title":"49726 sc insight there is a redundant zero address check in the validatorfacet sol that is obsolete and could never be true","pathname":"/plume-or-attackathon/49726-sc-insight-there-is-a-redundant-zero-address-check-in-the-validatorfacet-sol-that-is-obsolete","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2e6a325cc90fc935ca7eb77f366854df8bee4345","title":"51707 sc insight gas inefficiency due to redundant validatevalidatorexists modifier in requestcommissionclaim ","pathname":"/plume-or-attackathon/51707-sc-insight-gas-inefficiency-due-to-redundant-validatevalidatorexists-modifier-in-requestcommis","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"6962c496603c28b89bbca73cebbe1c6290b9d8b8","title":"51283 sc critical permanent freeze of user token due to unhandled partial fill refunds for swap via 1inch in dexaggregatorwrapperwithpredicateproxy ","pathname":"/plume-or-attackathon/51283-sc-critical-permanent-freeze-of-user-token-due-to-unhandled-partial-fill-refunds-for-swap-via","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"94eb38acd84a301bc9300a6cec54a1126cda99df","title":"52770 sc high unbounded gas consumption via stakeonbehalf manipulation","pathname":"/plume-or-attackathon/52770-sc-high-unbounded-gas-consumption-via-stakeonbehalf-manipulation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d58e6ddd8160d79ed347a2e2a4be2f9fa735db5f","title":"51001 sc insight inaccurate share calculation in emitted event for non bridge deposits","pathname":"/plume-or-attackathon/51001-sc-insight-inaccurate-share-calculation-in-emitted-event-for-non-bridge-deposits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"0ebe696e51993f3031316ffb972e5024925616bb","title":"50677 sc insight redundant code in dexaggregatorwrapperwithpredicateproxy impairs readability and potentially increases gas costs","pathname":"/plume-or-attackathon/50677-sc-insight-redundant-code-in-dexaggregatorwrapperwithpredicateproxy-impairs-readability-and-po","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"cd773a1b483835ff180c658aa70208bc4621140b","title":"51276 sc low arctokenpurchase re enabling active token sales causes accounting corruption and token loss","pathname":"/plume-or-attackathon/51276-sc-low-arctokenpurchase-re-enabling-active-token-sales-causes-accounting-corruption-and-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"cfb7d0a5c345408cbc6abe8d5515289d7fd9822d","title":"51493 sc insight misleading view function documentation","pathname":"/plume-or-attackathon/51493-sc-insight-misleading-view-function-documentation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"fad07401996be974bd009077d1d0531520e31441","title":"50977 sc low tellerwithmultiassetsupportpredicateproxy contract cannot be emergency paused ","pathname":"/plume-or-attackathon/50977-sc-low-tellerwithmultiassetsupportpredicateproxy-contract-cannot-be-emergency-paused","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c5b4903e6fe7e2d916de1b95b9d2d5d572448a11","title":"51684 sc medium unbounded gas consumption in removestakerfromallvalidators leads to denial of service preventing users with large validator counts from removing associations and potentially lock ","pathname":"/plume-or-attackathon/51684-sc-medium-unbounded-gas-consumption-in-removestakerfromallvalidators-leads-to-denial-of-servic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"49800882b190df6a562070fa5fda92658d306db5","title":"52750 sc low percentage limit bypass via unstaking from other validators","pathname":"/plume-or-attackathon/52750-sc-low-percentage-limit-bypass-via-unstaking-from-other-validators","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"81301e3832d593034db37640bf6269a9b87634df","title":"52931 sc high validators can not claim their commissions after the reward token removal ","pathname":"/plume-or-attackathon/52931-sc-high-validators-can-not-claim-their-commissions-after-the-reward-token-removal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"bee44a91649f2d78eef306860f264574199e76f1","title":"50675 sc insight re entrant eth refund can emit mismatched shares in deposit event","pathname":"/plume-or-attackathon/50675-sc-insight-re-entrant-eth-refund-can-emit-mismatched-shares-in-deposit-event","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"31729f88e42cd67d00e31b5bae58cf937ebd81e4","title":"50343 sc low cooldown reset vulnerability","pathname":"/plume-or-attackathon/50343-sc-low-cooldown-reset-vulnerability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"411591e5ab8c5a1c72c44c293ba2f0d5e791a3f3","title":"51479 sc high inaccurate reward calculation post validator slashing due to premature timestamp update on token removal","pathname":"/plume-or-attackathon/51479-sc-high-inaccurate-reward-calculation-post-validator-slashing-due-to-premature-timestamp-updat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"0ef6610d1878c4c8559b55d02c48ec5db7e79bc6","title":"50340 sc medium any arctoken admin can block the setting update of the purchase token indefinitely ","pathname":"/plume-or-attackathon/50340-sc-medium-any-arctoken-admin-can-block-the-setting-update-of-the-purchase-token-indefinitely","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5c51227c7a8058dd9a99bb6903e838dc1cd887fd","title":"52449 sc high broken streaks still pass jackpot eligibility in spin contract","pathname":"/plume-or-attackathon/52449-sc-high-broken-streaks-still-pass-jackpot-eligibility-in-spin-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"96392de4d9496a5c920a5f1c00c66d91200685eb","title":"51476 sc medium validators can t claim their accrued commission if they are made inactive","pathname":"/plume-or-attackathon/51476-sc-medium-validators-can-t-claim-their-accrued-commission-if-they-are-made-inactive","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a55ab18804d0e55854c73aca5ee4727567935ee7","title":"49710 sc high cross batch state manipulation in yield distribution allows double dipping of yield funds","pathname":"/plume-or-attackathon/49710-sc-high-cross-batch-state-manipulation-in-yield-distribution-allows-double-dipping-of-yield-fu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"dbc01889ac1c011ddd510756152b41e2d932970d","title":"52113 sc low stakingfacet unstake uint16 validatorid uint256 amount can be abused to bypass minstakeamount ","pathname":"/plume-or-attackathon/52113-sc-low-stakingfacet-unstake-uint16-validatorid-uint256-amount-can-be-abused-to-bypass-minstake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f7dac1ede76b69e0bd3623c27ef6ce04357e808b","title":"50973 sc insight incorrect parameter type in setjackpotprobabilities","pathname":"/plume-or-attackathon/50973-sc-insight-incorrect-parameter-type-in-setjackpotprobabilities","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"40c8367f2725578b618d23e481933d6da20db96c","title":"51920 sc insight unnecessary second hand of if check in calculaterewardswithcheckpointsview ","pathname":"/plume-or-attackathon/51920-sc-insight-unnecessary-second-hand-of-if-check-in-calculaterewardswithcheckpointsview","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"99df3d21a3f5a49125d92897260df11438afafcc","title":"52446 sc low withdrawing unsold tokens desynchronizes sale accounting","pathname":"/plume-or-attackathon/52446-sc-low-withdrawing-unsold-tokens-desynchronizes-sale-accounting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"84bdfc91fadf12c55c2c0f80758c234880aa7788","title":"51457 sc low getaccruedcommission reverts when token was removed instead of returning the accrued commission","pathname":"/plume-or-attackathon/51457-sc-low-getaccruedcommission-reverts-when-token-was-removed-instead-of-returning-the-accrued-co","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"320b58a617dd4c880e75930c979cf5c7f7866c80","title":"52925 sc medium usdt like approval hygiene can block subsequent operations after partial fill leaves non zero allowance","pathname":"/plume-or-attackathon/52925-sc-medium-usdt-like-approval-hygiene-can-block-subsequent-operations-after-partial-fill-leaves","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"26387b3fdd17bafda3a1af476fbca70c3f1c46c0","title":"52104 sc high removed reward tokens block validator commission claims","pathname":"/plume-or-attackathon/52104-sc-high-removed-reward-tokens-block-validator-commission-claims","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"90f2979c561b9595408114696d67ed1aa07e6435","title":"51918 sc insight redundant zero address checks for router address ","pathname":"/plume-or-attackathon/51918-sc-insight-redundant-zero-address-checks-for-router-address","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9fc220955e3c6a27679eb20decd218b38e68909b","title":"52732 sc medium permanent dos of purchase token change","pathname":"/plume-or-attackathon/52732-sc-medium-permanent-dos-of-purchase-token-change","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"990c9f319b892afc7964392ec0825ad63d322380","title":"50312 sc insight validator can steal user rewards due to a lack of cooldown when validator increases commission","pathname":"/plume-or-attackathon/50312-sc-insight-validator-can-steal-user-rewards-due-to-a-lack-of-cooldown-when-validator-increases","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7c9efebd2ca61ec62860ba4596f31d941adbf2d0","title":"51456 sc high token creator can revoke the upgrader role from the factory in order to avoid upgrades","pathname":"/plume-or-attackathon/51456-sc-high-token-creator-can-revoke-the-upgrader-role-from-the-factory-in-order-to-avoid-upgrades","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f55ce3ad723bf6fc155cdb8cb736198b5d461812","title":"50632 sc insight critical timestamp parsing bug in getyear of datetime contract","pathname":"/plume-or-attackathon/50632-sc-insight-critical-timestamp-parsing-bug-in-getyear-of-datetime-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f6e9c79f630996388f20b74493b81046d8e2e44c","title":"50951 sc high inconsistent streak count usage between jackpot and raffle ticket calculations","pathname":"/plume-or-attackathon/50951-sc-high-inconsistent-streak-count-usage-between-jackpot-and-raffle-ticket-calculations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"39eb3d97df01e8d5534fa9a886360ee2bedddafe","title":"52439 sc high dust accumulation in batched yield payouts leaves tokens stranded","pathname":"/plume-or-attackathon/52439-sc-high-dust-accumulation-in-batched-yield-payouts-leaves-tokens-stranded","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ef2b5565f3d9a249a24b28b97f7e1b840795f3a1","title":"49705 sc medium two vectors for unbounded gas consumption due to the normal raffle operations","pathname":"/plume-or-attackathon/49705-sc-medium-two-vectors-for-unbounded-gas-consumption-due-to-the-normal-raffle-operations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"09ff0bb2c61125aafb3aecb77ecb2a2d6f7efafa","title":"50949 sc insight no check if raffle actually has enough funds","pathname":"/plume-or-attackathon/50949-sc-insight-no-check-if-raffle-actually-has-enough-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8398d143173ea791de74065d54d1f169016e9046","title":"51455 sc low inflated earned ui rewards when validator stake is zero due to missing totalstaked guard in view logic","pathname":"/plume-or-attackathon/51455-sc-low-inflated-earned-ui-rewards-when-validator-stake-is-zero-due-to-missing-totalstaked-guar","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"82bb85f9f59acdfbe3da9b4295f74dcf1bb5f36d","title":"52436 sc low getaccruedcommission could return an inaccurate value","pathname":"/plume-or-attackathon/52436-sc-low-getaccruedcommission-could-return-an-inaccurate-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c085e6c51735ac4df75b6dd07ee5596756556faf","title":"52923 sc critical partial fill traps source token residual inside the wrapper and leaves unsafe residual allowance","pathname":"/plume-or-attackathon/52923-sc-critical-partial-fill-traps-source-token-residual-inside-the-wrapper-and-leaves-unsafe-resi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d75894c2444c90da1cd0b72f22e27fae7d0a155f","title":"51666 sc medium inactive validators blocked from claiming accrued commission","pathname":"/plume-or-attackathon/51666-sc-medium-inactive-validators-blocked-from-claiming-accrued-commission","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f2fcaaa4311e14513cf79ad5412ff4f99189f8ba","title":"49700 sc high validator commission can be blocked","pathname":"/plume-or-attackathon/49700-sc-high-validator-commission-can-be-blocked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"78e039db03dc2ead3bdbb431e837323480508ef9","title":"52719 sc medium inactive validators blocked from claiming commissions despite passed timelock","pathname":"/plume-or-attackathon/52719-sc-medium-inactive-validators-blocked-from-claiming-commissions-despite-passed-timelock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b10fc8c471f1f4a5cf6a92ba3b317b5a205fb6ec","title":"51218 sc high oracle callback timing vulnerability causes jackpot prize loss","pathname":"/plume-or-attackathon/51218-sc-high-oracle-callback-timing-vulnerability-causes-jackpot-prize-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e41b0df36e52ca130bf2c66769fdf570470bb27a","title":"51912 sc high mismatched rounding rules in reward logic library results in two fold loss of earnings","pathname":"/plume-or-attackathon/51912-sc-high-mismatched-rounding-rules-in-reward-logic-library-results-in-two-fold-loss-of-earnings","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"80c201f3750c229d34a1c18930ad9f091a047c68","title":"51658 sc high yield distribution in batches let the same tokens collect rewards in multiple batches stealing yield from other users","pathname":"/plume-or-attackathon/51658-sc-high-yield-distribution-in-batches-let-the-same-tokens-collect-rewards-in-multiple-batches","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"66998c9312f19d24059f1ee2ac418f3112676a1c","title":"52084 sc high unstaking before reward token removal leads to incorrect reward accrual on re addition","pathname":"/plume-or-attackathon/52084-sc-high-unstaking-before-reward-token-removal-leads-to-incorrect-reward-accrual-on-re-addition","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b23e99f3b0254ddf12e7585928246af059fda3ff","title":"52711 sc high in validatorfacet validator cannot claims commissions of removed tokens","pathname":"/plume-or-attackathon/52711-sc-high-in-validatorfacet-validator-cannot-claims-commissions-of-removed-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1210703cf3abe98de31ee9a25b657fa0903fbb4b","title":"51452 sc high stakeonbehalf function enables out of gas dos","pathname":"/plume-or-attackathon/51452-sc-high-stakeonbehalf-function-enables-out-of-gas-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5de7f4ed7edc923ef05ca7d19453fa147c645ebc","title":"49698 sc low coordinated validator attack delays slashing and enables commission theft","pathname":"/plume-or-attackathon/49698-sc-low-coordinated-validator-attack-delays-slashing-and-enables-commission-theft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1d9a9ac4f762389c9163ff87b6879bdd4224974e","title":"52075 sc medium arctokenpurchase contract is a token holder and may be yield recipient ","pathname":"/plume-or-attackathon/52075-sc-medium-arctokenpurchase-contract-is-a-token-holder-and-may-be-yield-recipient","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"883c7481238d6b3b78808fed9aa1c3c99cd5760e","title":"52918 sc insight redundant check for allwinnersdrawn error","pathname":"/plume-or-attackathon/52918-sc-insight-redundant-check-for-allwinnersdrawn-error","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a7ab3d3e32b71935b14cf6fd6dccbdd9fd314fa9","title":"51910 sc low inconsistent yield token transfer logic causes permanent loss of yield in distributeyield ","pathname":"/plume-or-attackathon/51910-sc-low-inconsistent-yield-token-transfer-logic-causes-permanent-loss-of-yield-in-distributeyie","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a3e773b593bcca888770339837dc27fec613c4cf","title":"51451 sc low token freezing via whitelist restriction bypass","pathname":"/plume-or-attackathon/51451-sc-low-token-freezing-via-whitelist-restriction-bypass","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3bd333d7a5bc1ca92ec05bf17b21eea9679e562b","title":"51201 sc low contracts without payable entry points cannot withdraw nor claim rewards","pathname":"/plume-or-attackathon/51201-sc-low-contracts-without-payable-entry-points-cannot-withdraw-nor-claim-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c8389b34bfbcfe29f24594f9fd646d1bb40842dc","title":"50937 sc medium non zero approve pattern causes permanent freeze of token deposits e g usdt due to erc20 incompatibility","pathname":"/plume-or-attackathon/50937-sc-medium-non-zero-approve-pattern-causes-permanent-freeze-of-token-deposits-e-g-usdt-due-to-e","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1f4b786f958948f139a191a323bd4aef563d0eb7","title":"52710 sc low mint burn are blocked when whitelist restrictions are enabled","pathname":"/plume-or-attackathon/52710-sc-low-mint-burn-are-blocked-when-whitelist-restrictions-are-enabled","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"eb8d9410fd3240f81587fc68c823082cdddb601d","title":"51414 sc high attacker can drain yield by transferring tokens to other address in yield batch distributions","pathname":"/plume-or-attackathon/51414-sc-high-attacker-can-drain-yield-by-transferring-tokens-to-other-address-in-yield-batch-distri","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7434905cef354eabd0821b780667367cb6f8720a","title":"50284 sc insight incorrect erc7201 storage implementation in core factory contracts","pathname":"/plume-or-attackathon/50284-sc-insight-incorrect-erc7201-storage-implementation-in-core-factory-contracts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8986ba5aa771bd4daa899fe2dde5dcb694c7a065","title":"50624 sc low there is a missing emergency pause in predicate proxy ","pathname":"/plume-or-attackathon/50624-sc-low-there-is-a-missing-emergency-pause-in-predicate-proxy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ab88da41cd8b17d7d63b0baa2dc28316064df68f","title":"52915 sc low yield are transferred before eligibility check potentially leading to freezing of funds","pathname":"/plume-or-attackathon/52915-sc-low-yield-are-transferred-before-eligibility-check-potentially-leading-to-freezing-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"bed7efb56e0bb2c42b12a594e2e686234d3dab8f","title":"51909 sc medium inconsistent commission claim logic denies legitimate claims for inactive validators","pathname":"/plume-or-attackathon/51909-sc-medium-inconsistent-commission-claim-logic-denies-legitimate-claims-for-inactive-validators","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3688e04e58dedb91414b63c3ef7d185779308545","title":"50275 sc high eligible user loses jackpot","pathname":"/plume-or-attackathon/50275-sc-high-eligible-user-loses-jackpot","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2a60fc373770aaa6905c4d33e631fe19685ebfdb","title":"52424 sc high there is a retroactive commission miscalculation in plumerewardlogic","pathname":"/plume-or-attackathon/52424-sc-high-there-is-a-retroactive-commission-miscalculation-in-plumerewardlogic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"71e92b9187c514768ac35865689b03f933b4770a","title":"51412 sc low token admin can withdraw the token from the purchase contract making the token balance to be less than the totalamountforsale","pathname":"/plume-or-attackathon/51412-sc-low-token-admin-can-withdraw-the-token-from-the-purchase-contract-making-the-token-balance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1c7d3cae7494ebe7cea6d004266993b9b4254a05","title":"52706 sc low multi quantity prize claims revert until all winners are drawn freezing early winners","pathname":"/plume-or-attackathon/52706-sc-low-multi-quantity-prize-claims-revert-until-all-winners-are-drawn-freezing-early-winners","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"54f1fe467e3f09c2672f30a72eeec7948b444c75","title":"49671 sc insight wrong emission in stake","pathname":"/plume-or-attackathon/49671-sc-insight-wrong-emission-in-stake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ca35685b66026e65b9acfe38138e4436b1dd8831","title":"50252 sc high rounding excess yield tokens become permanently stuck when last holder is yield restricted","pathname":"/plume-or-attackathon/50252-sc-high-rounding-excess-yield-tokens-become-permanently-stuck-when-last-holder-is-yield-restri","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8abebf8020b67fe8522a663707a7e22f960306d1","title":"51197 sc high arc token owner can take upgrader role for themselves lockout the factory and upgrade the contract without the knowledge of the factory","pathname":"/plume-or-attackathon/51197-sc-high-arc-token-owner-can-take-upgrader-role-for-themselves-lockout-the-factory-and-upgrade","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c2087835ad474dd5877b92a50c4d8a5e01ef5de9","title":"52690 sc medium dos of smart contracts on bridging functions","pathname":"/plume-or-attackathon/52690-sc-medium-dos-of-smart-contracts-on-bridging-functions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"47e646f35e730fd412cac9d4133388abb0c0d3a2","title":"52422 sc low using the current time in geteffectiverewardrateat will result in incorrect reward calculation for an entire duration of a time segment","pathname":"/plume-or-attackathon/52422-sc-low-using-the-current-time-in-geteffectiverewardrateat-will-result-in-incorrect-reward-calc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5df3eed28f83f31a0c7607e10c388fcde4ad410e","title":"50924 sc high validators are not able to claim their accrued commission when the reward token is removed ","pathname":"/plume-or-attackathon/50924-sc-high-validators-are-not-able-to-claim-their-accrued-commission-when-the-reward-token-is-rem","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"689e7312dcf0cde091f4395a397b1ded5aabb799","title":"49668 sc insight validator status function emit misleading event ","pathname":"/plume-or-attackathon/49668-sc-insight-validator-status-function-emit-misleading-event","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3fb1d3cb12d4e4caf03ef880422262698ff735be","title":"51180 sc medium function is vulnerable to gas griefing","pathname":"/plume-or-attackathon/51180-sc-medium-function-is-vulnerable-to-gas-griefing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"511270ce46981ced3ea5e190abe564aec5224e7a","title":"52680 sc high holders length changing when distributing limit with limit could lead to case where new holders unfairly claim yield and yield is permanently frozen ","pathname":"/plume-or-attackathon/52680-sc-high-holders-length-changing-when-distributing-limit-with-limit-could-lead-to-case-where-ne","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ba604149340f616047be0be052ba66950cc4c7d0","title":"51899 sc medium partial distribution of yield will fail if the totalefficentive supply increases ","pathname":"/plume-or-attackathon/51899-sc-medium-partial-distribution-of-yield-will-fail-if-the-totalefficentive-supply-increases","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a1e54f9626c9acbcfd294ebfbe053af8f1a30ef0","title":"49647 sc low pausable functions are not exposed","pathname":"/plume-or-attackathon/49647-sc-low-pausable-functions-are-not-exposed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"06ad9ee70e0e1062fee098cea8ea364ea1838fca","title":"52041 sc low in arctoken attacker can reposition to last holder and capture entire yield remainder","pathname":"/plume-or-attackathon/52041-sc-low-in-arctoken-attacker-can-reposition-to-last-holder-and-capture-entire-yield-remainder","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a094f5ba20cb7acd520b3e3ee6f6e55379963575","title":"50922 sc low unstaking partially will extend the cooldown time for previously unstaked amount too","pathname":"/plume-or-attackathon/50922-sc-low-unstaking-partially-will-extend-the-cooldown-time-for-previously-unstaked-amount-too","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"360bc13c4c9212cad58d4f6e3e906324a559b818","title":"49639 sc insight gas inefficiency in loop storage reads processmaturedcooldowns","pathname":"/plume-or-attackathon/49639-sc-insight-gas-inefficiency-in-loop-storage-reads-processmaturedcooldowns","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"85e78b82084ec76526f9b408a4b2976c970ae47c","title":"51653 sc high permanent loss of staker rewards after slashing when validator records are cleared","pathname":"/plume-or-attackathon/51653-sc-high-permanent-loss-of-staker-rewards-after-slashing-when-validator-records-are-cleared","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"476204cd10601b5fbce64a04067ffc34546b9235","title":"52901 sc low wrapped week index can mis price jackpot table after long uptime","pathname":"/plume-or-attackathon/52901-sc-low-wrapped-week-index-can-mis-price-jackpot-table-after-long-uptime","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d9837173e0ab85e00106aa09443ec3155efb1d15","title":"50225 sc low user can bypass minstakeamount checking ","pathname":"/plume-or-attackathon/50225-sc-low-user-can-bypass-minstakeamount-checking","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"cc97c2da4e65076f69fe6d0cf10d0b7e13bff25e","title":"49626 sc insight modulo bias in winner selection in raffle","pathname":"/plume-or-attackathon/49626-sc-insight-modulo-bias-in-winner-selection-in-raffle","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1e1928775efcb6f64d1dfd069e25dd118fbb0810","title":"51651 sc insight redundant array access in removestakerfromvalidator","pathname":"/plume-or-attackathon/51651-sc-insight-redundant-array-access-in-removestakerfromvalidator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"482abb84eda79162b926c96fcfe09f2079cfc57e","title":"52409 sc high asymmetric commission rounding creates systematic accounting drift","pathname":"/plume-or-attackathon/52409-sc-high-asymmetric-commission-rounding-creates-systematic-accounting-drift","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1794684f6d5cd6418919638f301b71c0cad929ea","title":"51613 sc medium yield tokens can be stuck in arctokenpurchase plumestakingrewardtreasury or other defi protocols when distributeyield is called ","pathname":"/plume-or-attackathon/51613-sc-medium-yield-tokens-can-be-stuck-in-arctokenpurchase-plumestakingrewardtreasury-or-other-de","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"52727fa4225c001d9d07d333f2ce04afa5f0396d","title":"51171 sc insight redundant storage reads and unnecessary checks in reward rate checkpoint logic lead to inefficient gas usage","pathname":"/plume-or-attackathon/51171-sc-insight-redundant-storage-reads-and-unnecessary-checks-in-reward-rate-checkpoint-logic-lead","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"57b12a63b98904f55450e9e54bda122a16ceb1fb","title":"50916 sc high token creators can bypass factory upgrade controls via wrong code implementation of default admin role in arctokenfactory sol ","pathname":"/plume-or-attackathon/50916-sc-high-token-creators-can-bypass-factory-upgrade-controls-via-wrong-code-implementation-of-de","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2517476086f263b79dc4c65afe62694eb0dc7b7b","title":"49623 sc low unstaking allows going below minimum stake","pathname":"/plume-or-attackathon/49623-sc-low-unstaking-allows-going-below-minimum-stake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"92aeae244717255686dd793e294e36c3e99e2471","title":"50560 sc high inconsistent commission rounding traps user validator funds","pathname":"/plume-or-attackathon/50560-sc-high-inconsistent-commission-rounding-traps-user-validator-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5f06d92ea4009cd53dcaef86cde951c647c15b2d","title":"50212 sc insight validators without staked funds can control slashing decisions leading to protocol insolvency","pathname":"/plume-or-attackathon/50212-sc-insight-validators-without-staked-funds-can-control-slashing-decisions-leading-to-protocol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4f46ed3dd3ff6e10801a2667a9bbe0644ba125e4","title":"52397 sc medium repeated approve without zero reset can revert on nonstandard erc20s blocking deposits","pathname":"/plume-or-attackathon/52397-sc-medium-repeated-approve-without-zero-reset-can-revert-on-nonstandard-erc20s-blocking-deposi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b7c2a35224c2bc5aa78737145a405b459316d42f","title":"52031 sc medium insufficient access control in token sales management leads to permanent griefing attack","pathname":"/plume-or-attackathon/52031-sc-medium-insufficient-access-control-in-token-sales-management-leads-to-permanent-griefing-at","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2a7b27cbdf970397ff4e9062d75c33282f17eac3","title":"50914 sc low bypass of minimum stake enforcement via partial unstake","pathname":"/plume-or-attackathon/50914-sc-low-bypass-of-minimum-stake-enforcement-via-partial-unstake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"befb590a2204052990d871fb757195dcf202d30e","title":"49616 sc high user can steal rewards","pathname":"/plume-or-attackathon/49616-sc-high-user-can-steal-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"c88743f8fb3a6e64fb39bd24f3ba8f76ab81c50c","title":"50551 sc low staked dust positions are not properly prevented","pathname":"/plume-or-attackathon/50551-sc-low-staked-dust-positions-are-not-properly-prevented","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4c68a9290668d8fac1ce09cb894f49a7f97ab65e","title":"51162 sc low missing pause control implementation in tellerwithmultiassetsupportpredicateproxy","pathname":"/plume-or-attackathon/51162-sc-low-missing-pause-control-implementation-in-tellerwithmultiassetsupportpredicateproxy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a9646366aae9dcc75aca3cdb76641ad68df3de50","title":"50889 sc low arctokenpurchase withdrawunsoldarctokens fails to reduce totalamountforsale leaving availability counters wrong","pathname":"/plume-or-attackathon/50889-sc-low-arctokenpurchase-withdrawunsoldarctokens-fails-to-reduce-totalamountforsale-leaving-ava","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"de2cc411d7f65c1f7aebf4518f30582fd9d9d478","title":"51887 sc medium safeapprove will cause revert of usdt and similar erc20 token","pathname":"/plume-or-attackathon/51887-sc-medium-safeapprove-will-cause-revert-of-usdt-and-similar-erc20-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"85f72f566baa23b64f74b20fce780d2edf4adf4c","title":"52393 sc low burns blocked by both sides whitelist with zero address exclusion when restrictions are enabled","pathname":"/plume-or-attackathon/52393-sc-low-burns-blocked-by-both-sides-whitelist-with-zero-address-exclusion-when-restrictions-are","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9c685e16ac9be0249c09cab2a59276d80e6df941","title":"51159 sc insight high gas iterative date calculations in datetime sol","pathname":"/plume-or-attackathon/51159-sc-insight-high-gas-iterative-date-calculations-in-datetime-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b82a65159d2d0a64167e208b86bfec4eee5d8e93","title":"50195 sc low unfair yield distribution due to remainder allocation to last holder","pathname":"/plume-or-attackathon/50195-sc-low-unfair-yield-distribution-due-to-remainder-allocation-to-last-holder","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d99b018c64c6e6a4533246d15eb53af1ac2230f0","title":"50887 sc insight arcotokenpurchase purchasemade event mislabels payment amount as pricepaid instead of unit price","pathname":"/plume-or-attackathon/50887-sc-insight-arcotokenpurchase-purchasemade-event-mislabels-payment-amount-as-pricepaid-instead","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9b3a32c6c3b0f41d346a9324dfd6d0f5bf59f33f","title":"52390 sc high validateistoken blocks validators from claiming earned rewards from removed tokens ","pathname":"/plume-or-attackathon/52390-sc-high-validateistoken-blocks-validators-from-claiming-earned-rewards-from-removed-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e95519a35b63543a36ae5d64106d36afefc7ee77","title":"51882 sc low unnecessary claiming restriction in raffle contract prevents winners from claiming prizes until all winners are drawn","pathname":"/plume-or-attackathon/51882-sc-low-unnecessary-claiming-restriction-in-raffle-contract-prevents-winners-from-claiming-priz","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5e0e6cf4d9f8c61211ee21624e451006f907e158","title":"52669 sc low token minting is blocked for whitelisted addresses when transfersallowed is false","pathname":"/plume-or-attackathon/52669-sc-low-token-minting-is-blocked-for-whitelisted-addresses-when-transfersallowed-is-false","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"cee749a5c9afa6871b83b38a9a8ea844857c67e2","title":"50527 sc high attacker can steal yield during batch distribution","pathname":"/plume-or-attackathon/50527-sc-high-attacker-can-steal-yield-during-batch-distribution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3ba36ecd7650b7e58d0a28d3478ec1ea218b6ac8","title":"50860 sc high logic error in jackpot eligibility check leads to systematic theft of user rewards","pathname":"/plume-or-attackathon/50860-sc-high-logic-error-in-jackpot-eligibility-check-leads-to-systematic-theft-of-user-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"424b15b23818c8d0269ee572bba9bb3fdac7a564","title":"50187 sc insight yieldblacklistrestrictions uses slot 0 instead of unstructured storage risking slot collision","pathname":"/plume-or-attackathon/50187-sc-insight-yieldblacklistrestrictions-uses-slot-0-instead-of-unstructured-storage-risking-slot","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"752ee3df5f0448a9c57865eadb22d3ee53286207","title":"51146 sc low getmaxnumberoftokens returns wrong max number of tokens available to buy","pathname":"/plume-or-attackathon/51146-sc-low-getmaxnumberoftokens-returns-wrong-max-number-of-tokens-available-to-buy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"630e2d2b949bcd51acba048964141e4abad1da4f","title":"52667 sc high commission is not added at point of adding validator hence stakers that stake before the first checkpoint would always use the current commission ","pathname":"/plume-or-attackathon/52667-sc-high-commission-is-not-added-at-point-of-adding-validator-hence-stakers-that-stake-before-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9663994d21104389532753615b10d6e78a144cc1","title":"51878 sc high timing misalignment between campaign days and calendar days allows double spinning on high probability jackpot days","pathname":"/plume-or-attackathon/51878-sc-high-timing-misalignment-between-campaign-days-and-calendar-days-allows-double-spinning-on","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"0a68a4369dff1d49b0ed9155e6266c3ef9053e06","title":"52027 sc low whitelistrestrictions sol mint burn operations blocked when transfers disabled","pathname":"/plume-or-attackathon/52027-sc-low-whitelistrestrictions-sol-mint-burn-operations-blocked-when-transfers-disabled","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4baa6380e50e233c8c89ed1f8d140cccd742f06a","title":"50839 sc low last holder always gets more yield","pathname":"/plume-or-attackathon/50839-sc-low-last-holder-always-gets-more-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d6c672c388670d4b1e9eec9100488c1779378768","title":"50168 sc insight unused and duplicated functions should be removed from rewardsfacet and stakingfacet","pathname":"/plume-or-attackathon/50168-sc-insight-unused-and-duplicated-functions-should-be-removed-from-rewardsfacet-and-stakingface","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f2ad99710aa73bd8fb4c5d2920a1eccb40be27de","title":"52649 sc high token creator can seize upgrade control bypassing factory whitelist and enabling theft of funds","pathname":"/plume-or-attackathon/52649-sc-high-token-creator-can-seize-upgrade-control-bypassing-factory-whitelist-and-enabling-theft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5791cf9db3e6b80c9a7aa38e6339bf96bc63acc5","title":"52026 sc medium claimall could revert because of unbounded gas consumptions","pathname":"/plume-or-attackathon/52026-sc-medium-claimall-could-revert-because-of-unbounded-gas-consumptions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1c7a054ca4beb5ecd2db79fcef85374b99ee27be","title":"50822 sc high deployer can cpgrade arctoken to malicious implementation and steal all user funds","pathname":"/plume-or-attackathon/50822-sc-high-deployer-can-cpgrade-arctoken-to-malicious-implementation-and-steal-all-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"49814f6dfa61eb49acf6cc094f703981bff61485","title":"50167 sc high retroactive reward drain via incomplete reward debt reset","pathname":"/plume-or-attackathon/50167-sc-high-retroactive-reward-drain-via-incomplete-reward-debt-reset","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"324e5c967c202544f73381ea8de47a5cacb67238","title":"51863 sc low lack of winning ticket removal in handlewinnerselection leads to unfair prize distribution and economic exploitation","pathname":"/plume-or-attackathon/51863-sc-low-lack-of-winning-ticket-removal-in-handlewinnerselection-leads-to-unfair-prize-distribut","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f8c06c64e1ede3b2ed3e1522bdc4ce0a24914667","title":"52371 sc high distributeyieldwithlimit is vulnerable to inter batch balance and holders array mutations","pathname":"/plume-or-attackathon/52371-sc-high-distributeyieldwithlimit-is-vulnerable-to-inter-batch-balance-and-holders-array-mutati","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"cc4193ba8c81b5e0b10a98c34d825e6c97a35a8e","title":"50120 sc low arctokens cannot be burned or minted when transfers are restricted","pathname":"/plume-or-attackathon/50120-sc-low-arctokens-cannot-be-burned-or-minted-when-transfers-are-restricted","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1fdfae403c0afb7bd7402e028bec397603c4454b","title":"52634 sc high batch yield distribution has a mathematical flaw that enables economic manipulation","pathname":"/plume-or-attackathon/52634-sc-high-batch-yield-distribution-has-a-mathematical-flaw-that-enables-economic-manipulation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"35a7f2bdf1c473f77420eaf77d649dd2bd453862","title":"50519 sc high rewardsfacet reintroducing an old reward token will result in wrong accounting leading to theft of yield","pathname":"/plume-or-attackathon/50519-sc-high-rewardsfacet-reintroducing-an-old-reward-token-will-result-in-wrong-accounting-leading","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"de30535c0eda0b3ab8886a8357944f9152c97b85","title":"51132 sc low tellerwithmultiassetsupportpredicateproxy cannot be paused unpaused","pathname":"/plume-or-attackathon/51132-sc-low-tellerwithmultiassetsupportpredicateproxy-cannot-be-paused-unpaused","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3ab03007bca8cddabf3b4f70ed09f04488ffd486","title":"50082 sc low protocol lets validators operate with dust amounts making attacks risk free","pathname":"/plume-or-attackathon/50082-sc-low-protocol-lets-validators-operate-with-dust-amounts-making-attacks-risk-free","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"aa5a12b5cffb46dba6bdfa6c75d80262983f89e7","title":"52347 sc high improper handling of yield distribution state in distributeyieldwithlimit leads to revert freezing users yield ","pathname":"/plume-or-attackathon/52347-sc-high-improper-handling-of-yield-distribution-state-in-distributeyieldwithlimit-leads-to-rev","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8b377cbeedcd32827a670b4a4c68d75654595adf","title":"50507 sc high non atomic yield distribution may lead to theft of yield","pathname":"/plume-or-attackathon/50507-sc-high-non-atomic-yield-distribution-may-lead-to-theft-of-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d81e27af6af6c76a5f6946fade0a9c9d1e55b7a8","title":"51129 sc low boringvault proxies do not support smart contract wallets","pathname":"/plume-or-attackathon/51129-sc-low-boringvault-proxies-do-not-support-smart-contract-wallets","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"ebf2cb4ec2fba7814e1ace64906d4f437e30350d","title":"51860 sc high missing access control in stakeonbehalf lets anyone bloat another user s validator list leading to permanent fund lock via gas exhaustion dos","pathname":"/plume-or-attackathon/51860-sc-high-missing-access-control-in-stakeonbehalf-lets-anyone-bloat-another-user-s-validator-lis","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"9b02c0a7b667bd19752e10e6d7001838c825bd55","title":"50060 sc insight scattered module processing pattern in arctoken update function","pathname":"/plume-or-attackathon/50060-sc-insight-scattered-module-processing-pattern-in-arctoken-update-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1e975f04547d5c3013207ac0d7c414c221c91c6d","title":"51850 sc low upgradetoken can not initialize an upgraded token because the data variable of upgradetoandcall is hardcoded to empty string","pathname":"/plume-or-attackathon/51850-sc-low-upgradetoken-can-not-initialize-an-upgraded-token-because-the-data-variable-of-upgradet","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"131ca2ff358f432a540cc11e3db9a88856507ffb","title":"50506 sc insight stakingfacet missing event emission on any unstaking operations","pathname":"/plume-or-attackathon/50506-sc-insight-stakingfacet-missing-event-emission-on-any-unstaking-operations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"31b5e426b3710dacd641b035550184f54e0527f1","title":"51124 sc high validator would loss commission fee if the rewards token are removed","pathname":"/plume-or-attackathon/51124-sc-high-validator-would-loss-commission-fee-if-the-rewards-token-are-removed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"039735fbdf706a08a72724ff3b0eb056ec055dab","title":"52620 sc medium permanently dos to arctokenpurchase contract","pathname":"/plume-or-attackathon/52620-sc-medium-permanently-dos-to-arctokenpurchase-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e58373d45901f8f6c1f1d3683b1c4626f238b69a","title":"52339 sc low loss of daily streak and jackpot eligibility due to supra generator callback delay and on callback time usage in spin sol ","pathname":"/plume-or-attackathon/52339-sc-low-loss-of-daily-streak-and-jackpot-eligibility-due-to-supra-generator-callback-delay-and","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"0023dc69fd7428eca05dc0a4236a52c835bf14db","title":"51847 sc critical dos via dust leftover in erc 20 approvals","pathname":"/plume-or-attackathon/51847-sc-critical-dos-via-dust-leftover-in-erc-20-approvals","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"377072f40002b4c4cc6170cd80575f2a984696be","title":"52601 sc high in spin handlerandomness jackpot eligibility uses outdated streakcount instead of updated streak","pathname":"/plume-or-attackathon/52601-sc-high-in-spin-handlerandomness-jackpot-eligibility-uses-outdated-streakcount-instead-of-upda","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"900f1e022ec700affa5a6d03c90aafb8770e5ba4","title":"51122 sc low arctokenpurchase enabletoken can reset the amountsold to 0","pathname":"/plume-or-attackathon/51122-sc-low-arctokenpurchase-enabletoken-can-reset-the-amountsold-to-0","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"cacc40f630b0aff9c4f89efb8470299618c515b3","title":"52327 sc low unfair yield distribution due to last holder bias","pathname":"/plume-or-attackathon/52327-sc-low-unfair-yield-distribution-due-to-last-holder-bias","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2d6b7dc7c005ebab8e7bc2e0a98dc7efe8d01fce","title":"51842 sc high unclaimed staker rewards lost when admin clears validator records without checking pending rewards","pathname":"/plume-or-attackathon/51842-sc-high-unclaimed-staker-rewards-lost-when-admin-clears-validator-records-without-checking-pen","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"694ec4793de3141061e3f0300019fb721bcf194a","title":"50040 sc low missing pause controls eth refund flaws and miscalculated shares enable fund loss and protocol inconsistency in depositandbridge","pathname":"/plume-or-attackathon/50040-sc-low-missing-pause-controls-eth-refund-flaws-and-miscalculated-shares-enable-fund-loss-and-p","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5255b2f5d3ffa74c38d673ed177ccdfb00c927c1","title":"52314 sc low unsold token withdrawal causes permanent inventory mismatch","pathname":"/plume-or-attackathon/52314-sc-low-unsold-token-withdrawal-causes-permanent-inventory-mismatch","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1a32d268239debc80e99ce9e07c475ec551e093c","title":"51836 sc low contract cannot be paused despite inheriting pausable","pathname":"/plume-or-attackathon/51836-sc-low-contract-cannot-be-paused-despite-inheriting-pausable","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"2313c451e06f2cb9a7c694106aeff07dc8a34aa0","title":"51100 sc insight gas inefficiency in prize removal logic","pathname":"/plume-or-attackathon/51100-sc-insight-gas-inefficiency-in-prize-removal-logic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a4bacb14fcd487283c8009e2bd80d7bafd02d42a","title":"50493 sc low immutable proxy implementation mapping in restrictionsfactory breaks upgrade logic","pathname":"/plume-or-attackathon/50493-sc-low-immutable-proxy-implementation-mapping-in-restrictionsfactory-breaks-upgrade-logic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"6e95baa5e60d7acf961ef4d134b11fd4ae2f5530","title":"52312 sc low cooldown coalescing bug unintended cooldown extension for prior unstakes","pathname":"/plume-or-attackathon/52312-sc-low-cooldown-coalescing-bug-unintended-cooldown-extension-for-prior-unstakes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a5dd280999a6e07c77d70806f92bcb66604d11ed","title":"51816 sc low yield distribution can be front run to steal rounding remainder as last holder","pathname":"/plume-or-attackathon/51816-sc-low-yield-distribution-can-be-front-run-to-steal-rounding-remainder-as-last-holder","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"1e77dad182fcb73dcbd60f32812262be9e53d523","title":"50027 sc insight missing validation of okx swap output token in function okxhelper ","pathname":"/plume-or-attackathon/50027-sc-insight-missing-validation-of-okx-swap-output-token-in-function-okxhelper","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d12bd2f59c68845c859f67a171fc31270800c66a","title":"52303 sc insight incorrect yield distribution event emission","pathname":"/plume-or-attackathon/52303-sc-insight-incorrect-yield-distribution-event-emission","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"7c6ff42dfea6a3c43731f010f58e25a5d4af05cc","title":"51814 sc insight checkpoint cumulativeindex returned in the getrewardratecheckpoint function will be zero","pathname":"/plume-or-attackathon/51814-sc-insight-checkpoint-cumulativeindex-returned-in-the-getrewardratecheckpoint-function-will-be","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"433a13268b4a3408a334b128908925b0efe24274","title":"50490 sc high user loses reward tokens during validator user relationship clearing","pathname":"/plume-or-attackathon/50490-sc-high-user-loses-reward-tokens-during-validator-user-relationship-clearing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b0e4e75c0570a3f7448cb4295f1ac19b875b0f16","title":"50022 sc low missing admin pause unpause functions in tellerwithmultiassetsupportpredicateproxy contract","pathname":"/plume-or-attackathon/50022-sc-low-missing-admin-pause-unpause-functions-in-tellerwithmultiassetsupportpredicateproxy-cont","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"52afa569d1384e72307d1ce6014b1b24cb72bb63","title":"49963 sc medium anyone can create an arctoken and block the setpurchasetoken function","pathname":"/plume-or-attackathon/49963-sc-medium-anyone-can-create-an-arctoken-and-block-the-setpurchasetoken-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"807f772caa93774e87b8c44e7909c291c009b7f5","title":"50487 sc low cross campaign jackpot denial due to state pollution","pathname":"/plume-or-attackathon/50487-sc-low-cross-campaign-jackpot-denial-due-to-state-pollution","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"744f77e56d8a66621f565a3e52597940f3804059","title":"49954 sc insight raffle editprizes lacks logic to make prizes immutable once winner selection starts or users join breaking user trust ","pathname":"/plume-or-attackathon/49954-sc-insight-raffle-editprizes-lacks-logic-to-make-prizes-immutable-once-winner-selection-starts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"79761da224b26260467af1f0023d0823a681ae0a","title":"51813 sc high malicious user can grief victims by staking them across many validators leading to fund freezing","pathname":"/plume-or-attackathon/51813-sc-high-malicious-user-can-grief-victims-by-staking-them-across-many-validators-leading-to-fun","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b93f067a2372dd3c498c27c2837a75448f26edce","title":"49941 sc low permanent freezing of yield tokens due to flawed check in distribution logic","pathname":"/plume-or-attackathon/49941-sc-low-permanent-freezing-of-yield-tokens-due-to-flawed-check-in-distribution-logic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"476710568caae52171a5070ccd343a229775d23a","title":"51802 sc low temporary freeze of rewards is possible if efficientsupply 0","pathname":"/plume-or-attackathon/51802-sc-low-temporary-freeze-of-rewards-is-possible-if-efficientsupply-0","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"a51ae192bfd4fc1998176171206598e73a2aee11","title":"50477 sc high validator loses all accrued commission when reward token is removed","pathname":"/plume-or-attackathon/50477-sc-high-validator-loses-all-accrued-commission-when-reward-token-is-removed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4fd93597692a610d5d16938b9e3eeb738751174a","title":"51801 sc medium supra callback allows for theft of gas","pathname":"/plume-or-attackathon/51801-sc-medium-supra-callback-allows-for-theft-of-gas","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"6517ffd09fd88892326d46137158673366c17a32","title":"49939 sc high initial timestamp mismatch might lead to users being able to spin twice in the same day","pathname":"/plume-or-attackathon/49939-sc-high-initial-timestamp-mismatch-might-lead-to-users-being-able-to-spin-twice-in-the-same-da","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3ff6bd2dcd2128cdd40f1b9f1792c410d8af00f5","title":"50470 sc insight inefficient design in distributeyieldwithlimit arctoken creates unnecessary gas consumption","pathname":"/plume-or-attackathon/50470-sc-insight-inefficient-design-in-distributeyieldwithlimit-arctoken-creates-unnecessary-gas-con","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"673640bee655ce342042b63b21c13c1ff8f45e64","title":"49932 sc insight there are five separate but similar implementations of a binary search that can be condensed into one function","pathname":"/plume-or-attackathon/49932-sc-insight-there-are-five-separate-but-similar-implementations-of-a-binary-search-that-can-be","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"543c2aeac4a418f233d688aef737410aadf265f1","title":"51777 sc medium denial of service on depositandbridge function for sharelockperiod is non zero","pathname":"/plume-or-attackathon/51777-sc-medium-denial-of-service-on-depositandbridge-function-for-sharelockperiod-is-non-zero","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f476b30bb5a95595e0567e0adc13ffc4c05955be","title":"50461 sc insight incorrect deposit event receiver logged in bridge functions of dexaggregatorwrapperwithpredicateproxy sol ","pathname":"/plume-or-attackathon/50461-sc-insight-incorrect-deposit-event-receiver-logged-in-bridge-functions-of-dexaggregatorwrapper","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"814550f241bf302341f3365a1550aa102ff412b5","title":"49919 sc insight unstake function does not unstake all as mentioned in the natspec","pathname":"/plume-or-attackathon/49919-sc-insight-unstake-function-does-not-unstake-all-as-mentioned-in-the-natspec","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"884f55a09cea1a440c9b983c72d5babeebaf6624","title":"50450 sc high logic error in streak validation causes legitimate jackpot wins to be denied violating reward contract expectations","pathname":"/plume-or-attackathon/50450-sc-high-logic-error-in-streak-validation-causes-legitimate-jackpot-wins-to-be-denied-violating","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"46b694804ca585a1fc1974c05420cb612c0a9837","title":"51776 sc low streak system breaks despite timely user action due to delayed supra oracle callback","pathname":"/plume-or-attackathon/51776-sc-low-streak-system-breaks-despite-timely-user-action-due-to-delayed-supra-oracle-callback","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"98f9d6f956ffd742b49764e9c804b6aaf6507d7e","title":"49915 sc low misleading event emission in createwhitelistrestrictions function in restrictionsfactory contract","pathname":"/plume-or-attackathon/49915-sc-low-misleading-event-emission-in-createwhitelistrestrictions-function-in-restrictionsfactor","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"d4c8521cd496d78980d269a59c5fc9292adbef42","title":"50436 sc low votetoslashvalidator prevents malicious inactive validators to be slashed ","pathname":"/plume-or-attackathon/50436-sc-low-votetoslashvalidator-prevents-malicious-inactive-validators-to-be-slashed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"43c36a5431825a5ee8bb1d0e55330503ad96cad2","title":"49893 sc insight raffle sol implementation logic allows direct plume transfers but has no withdraw locking funds permanently","pathname":"/plume-or-attackathon/49893-sc-insight-raffle-sol-implementation-logic-allows-direct-plume-transfers-but-has-no-withdraw-l","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"819e5e3d07daa2b30250caef30874f3c307ea23c","title":"50433 sc high validator list griefing unrestricted stakeonbehalf allows user asset freeze permanently","pathname":"/plume-or-attackathon/50433-sc-high-validator-list-griefing-unrestricted-stakeonbehalf-allows-user-asset-freeze-permanentl","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"f16b2c8a61c7a236b789a264e468759a9179c9d0","title":"49876 sc insight lack of refund on admin canceled spin requests leads to permanent loss of funds","pathname":"/plume-or-attackathon/49876-sc-insight-lack-of-refund-on-admin-canceled-spin-requests-leads-to-permanent-loss-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4a47f744b818c117ad948920e00e3e2d795f2e28","title":"50428 sc medium reverting on callback increases chances of winning","pathname":"/plume-or-attackathon/50428-sc-medium-reverting-on-callback-increases-chances-of-winning","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"94b177d5461473456f3eb4b2ced19d3d422d30b3","title":"49868 sc insight raffle sol does not enforce prize endtimestamp allowing user and admin interactions with expired prizes","pathname":"/plume-or-attackathon/49868-sc-insight-raffle-sol-does-not-enforce-prize-endtimestamp-allowing-user-and-admin-interactions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8769a83bf14fede0d2de97a6557c230032577b62","title":"50425 sc high active non slashed validators cannot claim rewards when a reward token is disabled","pathname":"/plume-or-attackathon/50425-sc-high-active-non-slashed-validators-cannot-claim-rewards-when-a-reward-token-is-disabled","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b5484b9c17cb7706afc76de2b34bbd697bd0afdf","title":"49863 sc critical dex aggregator erc20 token theft","pathname":"/plume-or-attackathon/49863-sc-critical-dex-aggregator-erc20-token-theft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"5a5d75c0fc1adca7eb795e66abc543eb7fe7f906","title":"50415 sc low getmaxnumberoftokens returns wrong value when arctokens are withdrawn","pathname":"/plume-or-attackathon/50415-sc-low-getmaxnumberoftokens-returns-wrong-value-when-arctokens-are-withdrawn","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"59913b55001d5b532f2c6206eb272eb036e7ce00","title":"49854 sc critical dex aggregator partial fill token loss","pathname":"/plume-or-attackathon/49854-sc-critical-dex-aggregator-partial-fill-token-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"8abb33086e1336ec4848c1bef9f26fcf077a3a89","title":"49835 sc insight dex aggregator unused eth loss","pathname":"/plume-or-attackathon/49835-sc-insight-dex-aggregator-unused-eth-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"0ddab284984c9eed05a285ed686170ba6bab9aef","title":"50412 sc high illegitimate reward claim after unstake due to overlapping reward rate checkpoints","pathname":"/plume-or-attackathon/50412-sc-high-illegitimate-reward-claim-after-unstake-due-to-overlapping-reward-rate-checkpoints","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"4c6fd48e4e2e2c94a9322e47071d8c4a18c613cd","title":"50409 sc high validator will lose comission","pathname":"/plume-or-attackathon/50409-sc-high-validator-will-lose-comission","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"e1bf035e9e9a35af29d21922171ba08f47ec0d37","title":"49817 sc medium inactive validators are prevented to claim to eligible commission rewards","pathname":"/plume-or-attackathon/49817-sc-medium-inactive-validators-are-prevented-to-claim-to-eligible-commission-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"564bd9540c3d118bf7e45ee14b29d16086b94fe5","title":"49800 sc insight yield distribution could encounter an unexpected revert","pathname":"/plume-or-attackathon/49800-sc-insight-yield-distribution-could-encounter-an-unexpected-revert","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"b7d5134b89f3b7bfd9b26b140effb6168a943a10","title":"49798 sc insight invalid holder set initialization bypasses modular restrictions corrupting yield distribution","pathname":"/plume-or-attackathon/49798-sc-insight-invalid-holder-set-initialization-bypasses-modular-restrictions-corrupting-yield-di","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"dcf47ea9102b3fe04424d548516b7b6cf572e093","title":"50402 sc low single rate assumption ignores checkpoints in slashed case ","pathname":"/plume-or-attackathon/50402-sc-low-single-rate-assumption-ignores-checkpoints-in-slashed-case","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"459a759cbcf717fa8e4868fca61c066509bcb29a","title":"49787 sc high batched yield distribution doesn t account for transfers purchases between batches","pathname":"/plume-or-attackathon/49787-sc-high-batched-yield-distribution-doesn-t-account-for-transfers-purchases-between-batches-1","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Plume | Attackathon"}]},{"id":"3141ac8a1ebf30230d01574a696330db4692ceca","title":"VeChain Hayabusa Upgrade | Attackathon","pathname":"/vechain-hayabusa-upgrade-or-attackathon","siteSpaceId":"sitesp_stpzW"},{"id":"a0f2f7c25b06320d04957e9068ce02d41dd45518","title":"#57468 [BC-Insight] there is an issue about zero vtho generation during hayabusa transition period","pathname":"/vechain-hayabusa-upgrade-or-attackathon/57468-bc-insight-there-is-an-issue-about-zero-vtho-generation-during-hayabusa-transition-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"9671960ba8705c97a8b5f3f197a7a60ce0aa8481","title":"57412 sc insight gas optimization insight improve gas cost efficiency by the use of custom errors in staker sol contract","pathname":"/vechain-hayabusa-upgrade-or-attackathon/57412-sc-insight-gas-optimization-insight-improve-gas-cost-efficiency-by-the-use-of-custom-errors-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"7a95ace18570b952dfe805f4abd4183c0c193ff6","title":"57179 bc insight during the call to native totalsupply there s missing gas charges","pathname":"/vechain-hayabusa-upgrade-or-attackathon/57179-bc-insight-during-the-call-to-native-totalsupply-there-s-missing-gas-charges","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"e42d0ad937f8b84a5737d0a329533e4330ea21eb","title":"57136 bc low txpool priority cache lets base fee swings reduce proposers tips","pathname":"/vechain-hayabusa-upgrade-or-attackathon/57136-bc-low-txpool-priority-cache-lets-base-fee-swings-reduce-proposers-tips","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"5418e51a5a976852c68428447861504b06bf7667","title":"57055 bc medium dos via p2p during block header validation using bad proof","pathname":"/vechain-hayabusa-upgrade-or-attackathon/57055-bc-medium-dos-via-p2p-during-block-header-validation-using-bad-proof","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"486357193342a3be3a5e2c1a4f3478ce86f126d8","title":"57021 bc insight lack of panic recovery in housekeeping goroutine creates potential for denial of service","pathname":"/vechain-hayabusa-upgrade-or-attackathon/57021-bc-insight-lack-of-panic-recovery-in-housekeeping-goroutine-creates-potential-for-denial-of-se","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"da223b4cc2b86f79cb494ef747cab306d209457e","title":"56946 bc insight the code comparing two big in pointers for equality not their numeric values","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56946-bc-insight-the-code-comparing-two-big-in-pointers-for-equality-not-their-numeric-values","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"64d2986f359a23003641fa3f0c162fbe5e65ef50","title":"56761 bc insight the check for integer overflow in the function staker go checkstake is incorrect","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56761-bc-insight-the-check-for-integer-overflow-in-the-function-staker-go-checkstake-is-incorrect","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"ae78f29bfe1b4094ffcef76be3395af93ff9a68b","title":"56657 bc insight inactive validator scheduling bypass in vechain thor pos consensus mechanism","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56657-bc-insight-inactive-validator-scheduling-bypass-in-vechain-thor-pos-consensus-mechanism","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"0e6040b6334a5921c7d9bdbc96af60a078b0fa59","title":"56629 bc insight there is an issue in mapping gas undercharge and is enables 30 extra node work per unit gas ","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56629-bc-insight-there-is-an-issue-in-mapping-gas-undercharge-and-is-enables-30-extra-node-work-per","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"620f5ce56e621569506bfa2c01eacea2355644aa","title":"56626 bc insight trivial renewallist bloat attack exploits unmetered database writes to increase block processing time risking bft disruption","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56626-bc-insight-trivial-renewallist-bloat-attack-exploits-unmetered-database-writes-to-increase-blo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"af9db55db08bdc89b793a93ecca46d6ce8d6fa88","title":"56611 bc medium remote p2p crash during sync thor default configuration ","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56611-bc-medium-remote-p2p-crash-during-sync-thor-default-configuration","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"842f9fa81a9e945b61eb23e1cfe054d9eae87921","title":"56513 bc insight during the call to native issuance there s a missing gas charge before call to calculaterewards ","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56513-bc-insight-during-the-call-to-native-issuance-there-s-a-missing-gas-charge-before-call-to-calc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"89217e51bd41b9ff80688921113f8b352e0d16fc","title":"56454 bc insight gas undercharging threatens hayabusa network upgrade","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56454-bc-insight-gas-undercharging-threatens-hayabusa-network-upgrade","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"498ac937cbad3211536a8b0e63dfcc5c2cfaa300","title":"56403 bc insight there is a problem in the dpos threshold switch undercounts votes at hayabusa activation ","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56403-bc-insight-there-is-a-problem-in-the-dpos-threshold-switch-undercounts-votes-at-hayabusa-activ","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"535037bce59d463c955ff2c8dc54dcf9ebeb8037","title":"56367 sc insight staker gas optimization public to external visibility","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56367-sc-insight-staker-gas-optimization-public-to-external-visibility","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"261531148617a512ed51945eaf49c68095d2b558","title":"56362 bc insight during addvalidation if pos not active authority native env state get should consume double the gas","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56362-bc-insight-during-addvalidation-if-pos-not-active-authority-native-env-state-get-should-consum","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"2ec220733a0378954e15072ff00ccfe92c1c35a7","title":"56345 bc insight there is an issue related to strict threshold breaks exact 2 3 and is causing finality freeze","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56345-bc-insight-there-is-an-issue-related-to-strict-threshold-breaks-exact-2-3-and-is-causing-final","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"740626eb2ab97450e0219041d24b758691a99672","title":"56256 bc insight redundant sload for global endorsement parameter","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56256-bc-insight-redundant-sload-for-global-endorsement-parameter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"b9578e67f435682b829528be61284ee7a19b3dc6","title":"56187 bc insight brittle hardcoded gas metering model","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56187-bc-insight-brittle-hardcoded-gas-metering-model","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"329a8cd8664627365ef8163c7eadfd4ba38d765d","title":"56045 bc insight block packing starvation via oversized priority transactions","pathname":"/vechain-hayabusa-upgrade-or-attackathon/56045-bc-insight-block-packing-starvation-via-oversized-priority-transactions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"022e328b272a232c37417ec70046bc550c9e8296","title":"55957 sc medium checkstake does not check for uint64 overflow","pathname":"/vechain-hayabusa-upgrade-or-attackathon/55957-sc-medium-checkstake-does-not-check-for-uint64-overflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"fa35a07a01c33e79e57ee50b26320183f1bc7607","title":"55926 bc insight totalsupply overstates circulating vtho","pathname":"/vechain-hayabusa-upgrade-or-attackathon/55926-bc-insight-totalsupply-overstates-circulating-vtho","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"7b4a7384ed567a91008fa7d9103b3d80f3c16b22","title":"55925 bc insight underpriced supply queries enable cheap cpu dos","pathname":"/vechain-hayabusa-upgrade-or-attackathon/55925-bc-insight-underpriced-supply-queries-enable-cheap-cpu-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"5e23fd5656edef76d1ec9af360b9acdd13732d1d","title":"55806 bc insight critical missing input validation in governance parameter allows malicious underflow leading to permanent freeze of all dpos rewards","pathname":"/vechain-hayabusa-upgrade-or-attackathon/55806-bc-insight-critical-missing-input-validation-in-governance-parameter-allows-malicious-underflo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"c7920873aa33f2544cfe83cbe36fdc293e3fc2eb","title":"55711 sc insight redundant gas charge in native addvalidation function leads to unnecessary gas costs","pathname":"/vechain-hayabusa-upgrade-or-attackathon/55711-sc-insight-redundant-gas-charge-in-native-addvalidation-function-leads-to-unnecessary-gas-cost","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"b846f946aad34bd50bdc8937fda2939cdece9c6f","title":"55632 bc critical delegation submitted in the same period before a validator exit will be permanently frozen","pathname":"/vechain-hayabusa-upgrade-or-attackathon/55632-bc-critical-delegation-submitted-in-the-same-period-before-a-validator-exit-will-be-permanentl","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"5ba33271f138d44007a2ea0625bb1edeb0f38046","title":"55524 bc insight null body transaction submission crashes rpc handler","pathname":"/vechain-hayabusa-upgrade-or-attackathon/55524-bc-insight-null-body-transaction-submission-crashes-rpc-handler","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"VeChain Hayabusa Upgrade | Attackathon"}]},{"id":"b475f98daabb3e8b543265f44ad23956796fa9e0","title":"Firelight","pathname":"/firelight","siteSpaceId":"sitesp_stpzW"},{"id":"4c04d82dbca0e7ee2310ff2a656f13174291581f","title":"#59967 [SC-Low] broken historical period calculation","pathname":"/firelight/59967-sc-low-broken-historical-period-calculation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"ccb253beb978dfaf76ddbe857fffd269c5e052d5","title":"#59937 [SC-Low] periodattimestamp uses current time instead of inputtimestamp returning wrong period","pathname":"/firelight/59937-sc-low-periodattimestamp-uses-current-time-instead-of-inputtimestamp-returning-wrong-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"3bcfaacb7a7e4e62d778b8f6c524ee437a46acfd","title":"59931 sc insight useless check","pathname":"/firelight/59931-sc-insight-useless-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"42844cff8fc74afa1b7ea0b3c87fa87ad8044385","title":"#59928 [SC-Low] incorrect period calculation periodattimestamp function","pathname":"/firelight/59928-sc-low-incorrect-period-calculation-periodattimestamp-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"cda4c290cf8726163a3dfc4ab69b0ad4a6155bdd","title":"#59879 [SC-Low] logic bug in periodattimestamp","pathname":"/firelight/59879-sc-low-logic-bug-in-periodattimestamp","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"d4dd839021abbabea1c1847c840c3d753423c668","title":"59852 sc low incorrect period calculation inside periodattimestamp resulting in returning period now instead of period at given timestamp","pathname":"/firelight/59852-sc-low-incorrect-period-calculation-inside-periodattimestamp-resulting-in-returning-period-now","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"9e0675b6d64658519c8628b8804c0c111c9c6931","title":"#59820 [SC-Low] periodattimestamp returns current period instead of historical period","pathname":"/firelight/59820-sc-low-periodattimestamp-returns-current-period-instead-of-historical-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"b513faaa3bdfea5c39da7fb68961f2607d78e166","title":"59740 [SC-Low] periodattimestamp provides period of current timestamp even for different timestamps","pathname":"/firelight/59740-sc-low-periodattimestamp-provides-period-of-current-timestamp-even-for-different-timestamps","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"34ffb1ef57a9b2091bc62a7d519475d61a52f340","title":"#59728 [SC-Low] underflow issue leading to a periodattimestamp dos","pathname":"/firelight/59728-sc-low-underflow-issue-leading-to-a-periodattimestamp-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"b0be90c84cbd1bcd2b5bfb7250169767e07172b7","title":"#59715 [SC-Low] periodattimestamp will return different period for the same timestamp input","pathname":"/firelight/59715-sc-low-periodattimestamp-will-return-different-period-for-the-same-timestamp-input","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"f865ed7ed31966e9f3a1013c97665a748ddd9d55","title":"59691 sc low missing disableinitializers allows direct implementation initialization leading to vault takeover","pathname":"/firelight/59691-sc-low-missing-disableinitializers-allows-direct-implementation-initialization-leading-to-vaul","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"09004a37fc3fc16c654282d8dd5a679ecb184e4f","title":"59635 sc low timestamp agnostic periodattimestamp misreports historical periods breaking time locked logic","pathname":"/firelight/59635-sc-low-timestamp-agnostic-periodattimestamp-misreports-historical-periods-breaking-time-locked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"3059229b6f9608872e0bc237b3924322b58cc329","title":"#59605 [SC-Low] logic error in periodattimestamp returns incorrect periods","pathname":"/firelight/59605-sc-low-logic-error-in-periodattimestamp-returns-incorrect-periods","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"e1d3fadd0c16714acb53e77e34177799671b1cfc","title":"#59559 [SC-Low] period calculation does not use provided timestamp in periodattimestamp","pathname":"/firelight/59559-sc-low-period-calculation-does-not-use-provided-timestamp-in-periodattimestamp","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"2b25587c02967c29524659b1d9e2ce20763317cb","title":"59533 sc low firelightvault sol periodattimestamp will return an incorrect period number due to flawed logic","pathname":"/firelight/59533-sc-low-firelightvault-sol-periodattimestamp-will-return-an-incorrect-period-number-due-to-flaw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"2d8b3ebd69d694f6603e4bc26ed2c8628823dddf","title":"#59467 [SC-Low] periodattimestamp ignores input parameter","pathname":"/firelight/59467-sc-low-periodattimestamp-ignores-input-parameter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"2e68c0c19f939860881b46d34d05e103ceb23b3a","title":"#59445 [SC-Low] periodattimestamp does not work as expected","pathname":"/firelight/59445-sc-low-periodattimestamp-does-not-work-as-expected","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"afca02f4ab73f19d20b69254a63d3823a1288cd9","title":"#59422 [SC-Low] periodattimestamp ignores the supplied timestamp","pathname":"/firelight/59422-sc-low-periodattimestamp-ignores-the-supplied-timestamp","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"ad782b987639ab8366b57be22bde02183e4056cf","title":"#59385 [SC-Low] timestamp ignored current block time used","pathname":"/firelight/59385-sc-low-timestamp-ignored-current-block-time-used","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"98bb500dd751aefadf0e365b4291fa30ab90ba5d","title":"#59371 [SC-Low] avoid leaving a vault contract uninitialized","pathname":"/firelight/59371-sc-low-avoid-leaving-a-vault-contract-uninitialized","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"36b19be413f192799d55191625ff8216ec68a734","title":"59369 sc low the function periodattimestamp uses the current timestamp instead of provided timestamp causing incorrect period calculation","pathname":"/firelight/59369-sc-low-the-function-periodattimestamp-uses-the-current-timestamp-instead-of-provided-timestamp","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"8eecce20b7fbc3ea2e94eaec48c083904592ee01","title":"59355 sc low periodattimestamp ignores the input timestamp and returns the wrong period for non current timestamps","pathname":"/firelight/59355-sc-low-periodattimestamp-ignores-the-input-timestamp-and-returns-the-wrong-period-for-non-curr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"493029e647cd14efcb800029f565788a5d517db1","title":"59335 sc low periodattimestamp function returns current period instead of queried period leading to temporary freezing of funds","pathname":"/firelight/59335-sc-low-periodattimestamp-function-returns-current-period-instead-of-queried-period-leading-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"7200a0a11ecc82d83b33d2d72d164c03ef23c575","title":"59334 sc low periodattimestamp function uses current timestamp instead of input parameter causing incorrect period calculation for historical or future queries","pathname":"/firelight/59334-sc-low-periodattimestamp-function-uses-current-timestamp-instead-of-input-parameter-causing-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"fda56eb585b2adc913aa2fd725b4d41b44bb7d3f","title":"59330 sc insight rescuer role not assigned during initialization","pathname":"/firelight/59330-sc-insight-rescuer-role-not-assigned-during-initialization","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"84c4050bd4db4df6cc98625d90e0f075b3a3c751","title":"59298 sc low function periodattimestamp ignores the input timestamp returning the current period instead","pathname":"/firelight/59298-sc-low-function-periodattimestamp-ignores-the-input-timestamp-returning-the-current-period-ins","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"78adc0d605b910d522b134b4dc84a8d9a54c0eae","title":"59296 sc low periodattimestamp uint48 timestamp ignores its parameter and always returns the current period","pathname":"/firelight/59296-sc-low-periodattimestamp-uint48-timestamp-ignores-its-parameter-and-always-returns-the-current","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"b8a89237ba2d6cd800e7d70f313fbfb227937de4","title":"59288 sc insight repeated array access in rescuewithdrawfromblocklisted loop causes unnecessary gas consumption","pathname":"/firelight/59288-sc-insight-repeated-array-access-in-rescuewithdrawfromblocklisted-loop-causes-unnecessary-gas","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"90aa05a7d1c2d5935619cdf98bbc30bca4469a20","title":"59280 sc low periodattimestamp uint48 timestamp ignores timestamp and return incorrect values when it is not time timestamp ","pathname":"/firelight/59280-sc-low-periodattimestamp-uint48-timestamp-ignores-timestamp-and-return-incorrect-values-when-i","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"4c3af20ba4f5af8d6413eb2bbb7eb1148d220866","title":"59236 sc low implementation contract lacks initializer protection","pathname":"/firelight/59236-sc-low-implementation-contract-lacks-initializer-protection","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"449c4fe389629c24520a493515c74df6761e624d","title":"59235 sc low firelight vault deviation from security best practice of locking down implementation logic ","pathname":"/firelight/59235-sc-low-firelight-vault-deviation-from-security-best-practice-of-locking-down-implementation-lo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"a5cdbb93aa6804f128cbe6ae9d4c22d6760acfd5","title":"59226 sc low logic flaw in periodattimestamp function breaks historical queries returning current period instead","pathname":"/firelight/59226-sc-low-logic-flaw-in-periodattimestamp-function-breaks-historical-queries-returning-current-pe","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"61a18e35444e939a9fa1a6d87cb1306b776ccd4a","title":"59179 sc low periodattimestamp bug returns current period for all timestamps","pathname":"/firelight/59179-sc-low-periodattimestamp-bug-returns-current-period-for-all-timestamps","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"bc1e2fd2b7576876df3544ea3ab56469cb30d10e","title":"59168 sc low incorrect time semantics in periodattimestamp cause off chain miscalculations and data inconsistency","pathname":"/firelight/59168-sc-low-incorrect-time-semantics-in-periodattimestamp-cause-off-chain-miscalculations-and-data","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"7771a4d4c098e7a3b500f82e026f21c44978c24a","title":"59124 sc insight inefficient loop direction in periodconfigurationattimestamp causes unnecessary gas consumption","pathname":"/firelight/59124-sc-insight-inefficient-loop-direction-in-periodconfigurationattimestamp-causes-unnecessary-gas","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"ad76e4d1267bc1c5627ad1a140693480598fc90c","title":"59115 sc low periodattimestamp function is incorrectly implemented and always returns period at current timestamp ","pathname":"/firelight/59115-sc-low-periodattimestamp-function-is-incorrectly-implemented-and-always-returns-period-at-curr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"3863bef32df3c03d63a5bcd76ae0147cbf4e0cc4","title":"59100 sc low periodattimestamp returns current period instead of queried historical period","pathname":"/firelight/59100-sc-low-periodattimestamp-returns-current-period-instead-of-queried-historical-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"c2f816ecd5c8f87b6c8ac96962e5b37d88f5284c","title":"#59091 [SC-Low] low firelightvault sol implementation contract does not disable initializers","pathname":"/firelight/59091-sc-low-low-firelightvault-sol-implementation-contract-does-not-disable-initializers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"6d04847c95dd9cee3a20f0e32512913d4a08da4b","title":"#59054 [SC-Low] periodattimestamp returns incorrect period number","pathname":"/firelight/59054-sc-low-periodattimestamp-returns-incorrect-period-number","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"232fff7971e16416ec959877f3fa91f6b96d49c0","title":"59034 sc insight islogassets parameter of the logtrace function will always be set to true and can be removed ","pathname":"/firelight/59034-sc-insight-islogassets-parameter-of-the-logtrace-function-will-always-be-set-to-true-and-can-b","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"43782bc5a657b452301023dcd8b14bf4c55d8aec","title":"#59031 [SC-Low] periodattimestamp returns incorrect period numbers for non current timestamps","pathname":"/firelight/59031-sc-low-periodattimestamp-returns-incorrect-period-numbers-for-non-current-timestamps","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"45ae5032e5356b3a93a9a183b86f15f7da97d46b","title":"59027 sc insight withdrawalsof view function does not account for already withdrawn funds","pathname":"/firelight/59027-sc-insight-withdrawalsof-view-function-does-not-account-for-already-withdrawn-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"b38104a264e2d75569ee822ae1e5b1715c0669af","title":"59023 sc low unprotected implementation contract initializer allows unauthorized admin role assignment leading to potential governance manipulation","pathname":"/firelight/59023-sc-low-unprotected-implementation-contract-initializer-allows-unauthorized-admin-role-assignme","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"eab6b1044dc2823bec8b894c6c1c82546578c93f","title":"#59007 [SC-Low] periodattimestamp returns current period instead of historical","pathname":"/firelight/59007-sc-low-periodattimestamp-returns-current-period-instead-of-historical","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"5c951d7cea3dae292b26da8f896752e568473419","title":"58993 sc low incorrect timestamp calculation in periodattimestamp leads to broken historical period lookups","pathname":"/firelight/58993-sc-low-incorrect-timestamp-calculation-in-periodattimestamp-leads-to-broken-historical-period","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"4efa2df28edd3c6e08c517bb668be8d8c018c3fa","title":"#58992 [SC-Low] the firelightvault contract doesn t call disableinitializers in its construcotor","pathname":"/firelight/58992-sc-low-the-firelightvault-contract-doesn-t-call-disableinitializers-in-its-construcotor","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Firelight"}]},{"id":"f9270446e58be708eb133dcad0a5d50308343a7a","title":"Vechain | Stargate Hayabusa","pathname":"/vechain-or-stargate-hayabusa","siteSpaceId":"sitesp_stpzW"},{"id":"30cfe0123acdf3a92bcfd28f06d1c5d6ff06e3a3","title":"60149 sc insight revised missing input validation in addlevels can break multiple staking tier invariant in startgatenft ","pathname":"/vechain-or-stargate-hayabusa/60149-sc-insight-revised-missing-input-validation-in-addlevels-can-break-multiple-staking-tier-invar","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"73296bda29ae498fb8c10315f0534bfcfadaf415","title":"59244 sc insight missing event emission on critical state change","pathname":"/vechain-or-stargate-hayabusa/59244-sc-insight-missing-event-emission-on-critical-state-change","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"4a9b362f507eb7fa426e857f9478dc36464758b4","title":"59316 sc high off by one unlocks infinite vtho reward drain from ghost stakes","pathname":"/vechain-or-stargate-hayabusa/59316-sc-high-off-by-one-unlocks-infinite-vtho-reward-drain-from-ghost-stakes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"bf3b0598a3e6003df4e51f6f5498b4c420b24f47","title":"59358 sc high off by one error in reward claim logic allows delegators to steal vtho for periods after delegation ended","pathname":"/vechain-or-stargate-hayabusa/59358-sc-high-off-by-one-error-in-reward-claim-logic-allows-delegators-to-steal-vtho-for-periods-aft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"71052c870758b836a01e9c54ba115ba466cddbc4","title":"59361 sc high off by one in claimabledelegationperiods allows claimrewards to pay for periods after delegation end over claim theft of unclaimed yield","pathname":"/vechain-or-stargate-hayabusa/59361-sc-high-off-by-one-in-claimabledelegationperiods-allows-claimrewards-to-pay-for-periods-after","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"d82e26550aabf859103482b203301fb51c76248d","title":"59386 sc high fund freeze from double stake subtraction when validator exits ","pathname":"/vechain-or-stargate-hayabusa/59386-sc-high-fund-freeze-from-double-stake-subtraction-when-validator-exits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"6af759b2ae9fe8ce83bd3a0eb6fe0c99841551e3","title":"59411 sc insight inconsistency in migratetokenmanager in terms of the permitted caller","pathname":"/vechain-or-stargate-hayabusa/59411-sc-insight-inconsistency-in-migratetokenmanager-in-terms-of-the-permitted-caller","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"7cfc4649cd36d4447934347e1786cff1c8c7cd10","title":"59421 sc high theft of unclaimed yield via incorrect period range calculation and lack of per user effective stake tracking","pathname":"/vechain-or-stargate-hayabusa/59421-sc-high-theft-of-unclaimed-yield-via-incorrect-period-range-calculation-and-lack-of-per-user-e","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"eac9b57475ac70c90b885385d34b158cc973b41c","title":"59443 sc high rithmetic underflow in effective stake accounting causes permanent loss of funds","pathname":"/vechain-or-stargate-hayabusa/59443-sc-high-rithmetic-underflow-in-effective-stake-accounting-causes-permanent-loss-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"544e9b29e22263362142f1de085e5762ac343007","title":"59563 sc high exited delegators can claim rewards indefinitely after exit","pathname":"/vechain-or-stargate-hayabusa/59563-sc-high-exited-delegators-can-claim-rewards-indefinitely-after-exit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"18787f6d059fa0cdc0da807acf7d9d44d6919995","title":"59564 sc high double calling updateperiodeffectivestake during the exit flow makes unstake revert trapping staked vet ","pathname":"/vechain-or-stargate-hayabusa/59564-sc-high-double-calling-updateperiodeffectivestake-during-the-exit-flow-makes-unstake-revert-tr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"bceb1c3cd09a4d48bc249d17d260ee481b281577","title":"59570 sc medium access control bypass in unstake leads to permanent freezing of funds","pathname":"/vechain-or-stargate-hayabusa/59570-sc-medium-access-control-bypass-in-unstake-leads-to-permanent-freezing-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"2a18f971ee5d90fddf99edd8b375e2dc86021181","title":"59615 sc high off by one error in period boundary check allows theft of unclaimed yield after delegation exit","pathname":"/vechain-or-stargate-hayabusa/59615-sc-high-off-by-one-error-in-period-boundary-check-allows-theft-of-unclaimed-yield-after-delega","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"8d1771be4fc8ea11c74ac4cab076b1241c8463cb","title":"59657 sc high delegators lose first reward period when delegating to pending validators","pathname":"/vechain-or-stargate-hayabusa/59657-sc-high-delegators-lose-first-reward-period-when-delegating-to-pending-validators","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"3266a5fdfdd86e0b0e862a16b4cd1fab20f0fa75","title":"59665 sc high delegators can claim rewards beyond delegation end","pathname":"/vechain-or-stargate-hayabusa/59665-sc-high-delegators-can-claim-rewards-beyond-delegation-end","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"eed3b71a14285efeb179cecc75c001f50d5103d4","title":"59709 sc high post exit rewards overpayment theft of unclaimed yield due to misclamped claim window in stargate","pathname":"/vechain-or-stargate-hayabusa/59709-sc-high-post-exit-rewards-overpayment-theft-of-unclaimed-yield-due-to-misclamped-claim-window","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"3bc2a543bfa4d9e1dd9068d1f38540dbc3f74caf","title":"59723 sc high double decrease after exit validator exited leads to underflow and permanent freeze","pathname":"/vechain-or-stargate-hayabusa/59723-sc-high-double-decrease-after-exit-validator-exited-leads-to-underflow-and-permanent-freeze","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"80eae24121885575392ecb1f9eb4c2dd2c8a995f","title":"59727 sc high double decrease dos on exit permanent unstake revert","pathname":"/vechain-or-stargate-hayabusa/59727-sc-high-double-decrease-dos-on-exit-permanent-unstake-revert","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"10c4187ea2a08efd97c38861c3b14a00e29c6272","title":"59730 sc high permanent dos users cannot unstake after double exit scenario","pathname":"/vechain-or-stargate-hayabusa/59730-sc-high-permanent-dos-users-cannot-unstake-after-double-exit-scenario","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"a04736b3d1becf0d11354a2b6609265428d2cef1","title":"59733 sc high post exit delegations can drain future rewards","pathname":"/vechain-or-stargate-hayabusa/59733-sc-high-post-exit-delegations-can-drain-future-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"bec2a46bdbf13658de8cd801290392df10ffc32c","title":"59742 sc high user funds get stucked in the contract when validators exits ","pathname":"/vechain-or-stargate-hayabusa/59742-sc-high-user-funds-get-stucked-in-the-contract-when-validators-exits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"c8eca2560e3883561843a384c779653f89d53f9c","title":"59752 sc high off by one bug in claimabledelegationperiods allows claiming yield for periods after exit","pathname":"/vechain-or-stargate-hayabusa/59752-sc-high-off-by-one-bug-in-claimabledelegationperiods-allows-claiming-yield-for-periods-after-e","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"7c1133415f82cca7e49212301023499396198ea7","title":"59756 sc high exiting delegators stakes can be bricked permanently by the validator signaling an exit after them in the same period","pathname":"/vechain-or-stargate-hayabusa/59756-sc-high-exiting-delegators-stakes-can-be-bricked-permanently-by-the-validator-signaling-an-exi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"fcc14bf36d3436f8a97d278e08b1b041cbbbb3f3","title":"59776 sc high exited delegators can over claim vtho rewards for post exit periods due to off by one error in claimabledelegationperiods","pathname":"/vechain-or-stargate-hayabusa/59776-sc-high-exited-delegators-can-over-claim-vtho-rewards-for-post-exit-periods-due-to-off-by-one","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"4d5d36e8a478739e5401bec958dcf42c88964e94","title":"59795 sc low free boosts for levels added after v3","pathname":"/vechain-or-stargate-hayabusa/59795-sc-low-free-boosts-for-levels-added-after-v3","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"9b1c50f872f75c81ba6fe532d798c4537f69a680","title":"59802 sc high double subtraction of validator effective stake will permanently lock other delegators staked vet","pathname":"/vechain-or-stargate-hayabusa/59802-sc-high-double-subtraction-of-validator-effective-stake-will-permanently-lock-other-delegators","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"ddf1db3e407cf813fbddad6808aae9bbdaa0b0e2","title":"59809 sc high user balances are permanently frozen in specific delegation scenarios","pathname":"/vechain-or-stargate-hayabusa/59809-sc-high-user-balances-are-permanently-frozen-in-specific-delegation-scenarios","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"faff1b3a2e4628c30d1ae58c512e8e4c3cd9b1bd","title":"59814 sc low stargatenft sol addlevel function not implement updatelevelboostpriceperblock","pathname":"/vechain-or-stargate-hayabusa/59814-sc-low-stargatenft-sol-addlevel-function-not-implement-updatelevelboostpriceperblock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"d59672f873ba24b5a979b698e2b6d5acfbf4ec11","title":"59841 sc low the newly added level cannot have its boost price set because the updatelevelboostpriceperblock function is not exposed","pathname":"/vechain-or-stargate-hayabusa/59841-sc-low-the-newly-added-level-cannot-have-its-boost-price-set-because-the-updatelevelboostprice","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"a059e640fe6362a8ad39ff9b4c8d016e8a8f488d","title":"59844 sc insight incorrect and misleading events when adding levels in stargatenft ","pathname":"/vechain-or-stargate-hayabusa/59844-sc-insight-incorrect-and-misleading-events-when-adding-levels-in-stargatenft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"8a5d4b887ed13e14dc535e18f96b1b44b87b2b98","title":"59850 sc high users funds stuck in the contract permanently","pathname":"/vechain-or-stargate-hayabusa/59850-sc-high-users-funds-stuck-in-the-contract-permanently","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"fe47299a85435242ba9e865e3bdd647366dfeb9f","title":"59863 sc high over claim of delegation rewards after exit","pathname":"/vechain-or-stargate-hayabusa/59863-sc-high-over-claim-of-delegation-rewards-after-exit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"df303aae3af66d02c90b2087a3845e71e6953569","title":"59866 sc high the delegator s rewards in period 1 cannot be claimed","pathname":"/vechain-or-stargate-hayabusa/59866-sc-high-the-delegator-s-rewards-in-period-1-cannot-be-claimed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"c2e79e4e6e22bd2ad892d86d146693c1e704f1e1","title":"59904 sc high it s possible to decrease twice delegator stake in certain conditions","pathname":"/vechain-or-stargate-hayabusa/59904-sc-high-it-s-possible-to-decrease-twice-delegator-stake-in-certain-conditions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"e8f4db6b63708d4c33353e0cb21bdb4db113c9c8","title":"59919 sc high loss of funds delegators can claim rewards for periods where they had no stake","pathname":"/vechain-or-stargate-hayabusa/59919-sc-high-loss-of-funds-delegators-can-claim-rewards-for-periods-where-they-had-no-stake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"b690a7f19f2d07a056a07362f55c9743cb94072f","title":"59951 sc high in special cases delegatorseffectivestake may decrease twice and cause staked funds to become locked","pathname":"/vechain-or-stargate-hayabusa/59951-sc-high-in-special-cases-delegatorseffectivestake-may-decrease-twice-and-cause-staked-funds-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"b79dd5ede13bed00962cd9bd84b32107c7d056c3","title":"59993 sc insight unnecessary call to get balance in mintinglogic boostonbehalfof ","pathname":"/vechain-or-stargate-hayabusa/59993-sc-insight-unnecessary-call-to-get-balance-in-mintinglogic-boostonbehalfof","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"c1f3518d0fe8fe011f2d1a532d8ada5d9d85a128","title":"59997 sc medium claimrewards fails to update state for zero value periods causing permanent fund freeze in unstake ","pathname":"/vechain-or-stargate-hayabusa/59997-sc-medium-claimrewards-fails-to-update-state-for-zero-value-periods-causing-permanent-fund-fre","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"76ca597fce9092d649919564c19613936c567a04","title":"60004 sc high double decrease effective stake bug in unstake ","pathname":"/vechain-or-stargate-hayabusa/60004-sc-high-double-decrease-effective-stake-bug-in-unstake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"2793747ffbf1fe474a78a0bd522264c76ec387cf","title":"60019 sc high off by one in stargate sol claimabledelegationperiods lets exited nfts siphon validator rewards leading to protocol insolvency","pathname":"/vechain-or-stargate-hayabusa/60019-sc-high-off-by-one-in-stargate-sol-claimabledelegationperiods-lets-exited-nfts-siphon-validato","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"d86a84b925491750fc6a3b6769be9260b8f904c7","title":"60023 sc insight unchecked address 0 validator in unstake ","pathname":"/vechain-or-stargate-hayabusa/60023-sc-insight-unchecked-address-0-validator-in-unstake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"98b62c778fab7c8282f072b988054fb0789221c1","title":"60027 sc high stuck funds for the later delegators due to an edge case led to double decreasing effective stakes","pathname":"/vechain-or-stargate-hayabusa/60027-sc-high-stuck-funds-for-the-later-delegators-due-to-an-edge-case-led-to-double-decreasing-effe","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"34dfa0f893bc731d79339bca025a295359768cfe","title":"60028 sc high a delegator who has requested an exit continues to accumulate rewards","pathname":"/vechain-or-stargate-hayabusa/60028-sc-high-a-delegator-who-has-requested-an-exit-continues-to-accumulate-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"394a7cfa0c2be8f18c5f68c42a2656fb26c18824","title":"60049 sc high double effective stake decrement locks delegators unstake reverts due to duplicate effectivestake decrements in exit flow","pathname":"/vechain-or-stargate-hayabusa/60049-sc-high-double-effective-stake-decrement-locks-delegators-unstake-reverts-due-to-duplicate-eff","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"3505870c0b8a1ab73b2a9e376a5128c9f889b70e","title":"60069 sc high incorrect claimable period calculation leading to attacker keep claiming even after exiting the delegation ","pathname":"/vechain-or-stargate-hayabusa/60069-sc-high-incorrect-claimable-period-calculation-leading-to-attacker-keep-claiming-even-after-ex","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"b44398fbdf1062326f1d3e7763bc9125f693ae5f","title":"60079 sc low critical historical state corruption via stale checkpoints leads to permanent loss of future yield","pathname":"/vechain-or-stargate-hayabusa/60079-sc-low-critical-historical-state-corruption-via-stale-checkpoints-leads-to-permanent-loss-of-f","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"8a64ffbfbbbe7ed4d0c08eb65367fe70bbc35b4e","title":"60080 sc high unstake exit requests can either lock funds or silently double deduct effective stake after validator exit","pathname":"/vechain-or-stargate-hayabusa/60080-sc-high-unstake-exit-requests-can-either-lock-funds-or-silently-double-deduct-effective-stake","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"0172ed120f5fc395b11b08ad2c1e8aa0c9e7a44a","title":"60081 sc high exited delegator can continue to accrue and claim delegation rewards ","pathname":"/vechain-or-stargate-hayabusa/60081-sc-high-exited-delegator-can-continue-to-accrue-and-claim-delegation-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"ed4f0e83ffb47243290fb0aa4735ce1b17a20cb9","title":"60102 sc high exited delegator could keep claiming rewards stealing them from active delegators which would then lead to freeze of funds","pathname":"/vechain-or-stargate-hayabusa/60102-sc-high-exited-delegator-could-keep-claiming-rewards-stealing-them-from-active-delegators-whic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"816711e6d39b620c2237769084d523463f271fda","title":"60125 sc high moving delegations from one validator to another validator will not be possible in exit case for validator 1","pathname":"/vechain-or-stargate-hayabusa/60125-sc-high-moving-delegations-from-one-validator-to-another-validator-will-not-be-possible-in-exi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"a6a1c42c58d308c57e7e2f7646e7016cb12862b9","title":"60150 sc high off by one in claim window lets exited delegations harvest post exit rewards","pathname":"/vechain-or-stargate-hayabusa/60150-sc-high-off-by-one-in-claim-window-lets-exited-delegations-harvest-post-exit-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"7efc472fae754de52cfa8ac0a1748439eb1739b5","title":"60151 sc high double reduction of effective stake can lead to stuck delegations ","pathname":"/vechain-or-stargate-hayabusa/60151-sc-high-double-reduction-of-effective-stake-can-lead-to-stuck-delegations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"6dd7c65e832b244701547a3ffb10edc9bf8d6667","title":"60154 sc high exited delegations can continue claiming vtho rewards for future periods","pathname":"/vechain-or-stargate-hayabusa/60154-sc-high-exited-delegations-can-continue-claiming-vtho-rewards-for-future-periods","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"db533248d1cf5bc1a965467f361cad1e80fcf1e9","title":"60169 sc high exited delegations can continue to claim rewards due to logic fall through in claimabledelegationperiods ","pathname":"/vechain-or-stargate-hayabusa/60169-sc-high-exited-delegations-can-continue-to-claim-rewards-due-to-logic-fall-through-in-claimabl","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"c33d8e3831d363a3106ddd27d81d71c47ab9cadc","title":"60171 sc low levels added after deployment lack boost price initialization resulting in free boosting","pathname":"/vechain-or-stargate-hayabusa/60171-sc-low-levels-added-after-deployment-lack-boost-price-initialization-resulting-in-free-boostin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"b341cdb595b0f97fe69d1a6e66c941d34e200c9e","title":"60173 sc high the phantom claimable periods can permanently lock the staked vet for ended delegations","pathname":"/vechain-or-stargate-hayabusa/60173-sc-high-the-phantom-claimable-periods-can-permanently-lock-the-staked-vet-for-ended-delegation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"a02a903e56562bfc6269fb9619c265a57839f2d6","title":"60192 sc high users can claim delegation rewards after exit endperiod has passed","pathname":"/vechain-or-stargate-hayabusa/60192-sc-high-users-can-claim-delegation-rewards-after-exit-endperiod-has-passed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"a8da6c32acc3b291d267c4fd1dab0d7283cb52a6","title":"60210 sc high during a validator exit users will be unable to unstake due to underflow","pathname":"/vechain-or-stargate-hayabusa/60210-sc-high-during-a-validator-exit-users-will-be-unable-to-unstake-due-to-underflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"ca328c968c547b3d0d75b9e7f7d846e7e518dba5","title":"60241 sc medium permanent freezing of staked funds caused by accumulation with zero rewards","pathname":"/vechain-or-stargate-hayabusa/60241-sc-medium-permanent-freezing-of-staked-funds-caused-by-accumulation-with-zero-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"d5d2bc9024e86bea4fbb2d9a491a39fd88b96e68","title":"60259 sc low malicious user can bypass maturity period for newly added levels","pathname":"/vechain-or-stargate-hayabusa/60259-sc-low-malicious-user-can-bypass-maturity-period-for-newly-added-levels","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"67edebb71106df85418387b1fe45d6c2d78c5ce1","title":"60265 sc high the attacker can still claim rewards after exiting from validator","pathname":"/vechain-or-stargate-hayabusa/60265-sc-high-the-attacker-can-still-claim-rewards-after-exiting-from-validator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"4004d223a842890c5048304f08751496c791c3ae","title":"60597 sc low hasrequestedexit returns true for not just requested exits but also delegations that are already exited","pathname":"/vechain-or-stargate-hayabusa/60597-sc-low-hasrequestedexit-returns-true-for-not-just-requested-exits-but-also-delegations-that-ar","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"f720acc240c7209c7cefc336f0bdfb457118641c","title":"60593 sc low no mechanism to set boostpriceperblock for levels added after initialization","pathname":"/vechain-or-stargate-hayabusa/60593-sc-low-no-mechanism-to-set-boostpriceperblock-for-levels-added-after-initialization","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"022822cf394a193fb029d422bff106157631d0ae","title":"60592 sc high users are unable to unstake under certain conditions","pathname":"/vechain-or-stargate-hayabusa/60592-sc-high-users-are-unable-to-unstake-under-certain-conditions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"2d06ed8f0e5f85baac57850126f488d46bdd6b5a","title":"60586 sc high incorrect double reduction of effective stake in stargate sol","pathname":"/vechain-or-stargate-hayabusa/60586-sc-high-incorrect-double-reduction-of-effective-stake-in-stargate-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"576895cf84fab272643c22bc73f4463353b51699","title":"60578 sc low zero boost fee for newly added levels lets users skip maturity for free and avoid paying intended vtho boost cost","pathname":"/vechain-or-stargate-hayabusa/60578-sc-low-zero-boost-fee-for-newly-added-levels-lets-users-skip-maturity-for-free-and-avoid-payin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"0f53cf4a3d7d2863cc247cb50790fc768ac5ec76","title":"60575 sc high double subtraction of delegator effective stake on exit can freeze vet and break reward distribution","pathname":"/vechain-or-stargate-hayabusa/60575-sc-high-double-subtraction-of-delegator-effective-stake-on-exit-can-freeze-vet-and-break-rewar","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"a5cfdfd46feef939386d2635c4ad8eb58b751525","title":"60557 sc high double decrement of effective stake in unstake leads to dos and permanent fund lock","pathname":"/vechain-or-stargate-hayabusa/60557-sc-high-double-decrement-of-effective-stake-in-unstake-leads-to-dos-and-permanent-fund-lock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"841e2de03a9cd43be554e27c3334426929692c90","title":"60553 sc high the delegator and the validator both exiting consecutively could lead to underflow in the unstake and delegate and stuck staked vet ","pathname":"/vechain-or-stargate-hayabusa/60553-sc-high-the-delegator-and-the-validator-both-exiting-consecutively-could-lead-to-underflow-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"b65844708a079597b8f681cb121160784af7cf1e","title":"60548 sc high an exited delegator who has not unstaked or delegated to a validator will be dos ed if a validator exits ","pathname":"/vechain-or-stargate-hayabusa/60548-sc-high-an-exited-delegator-who-has-not-unstaked-or-delegated-to-a-validator-will-be-dos-ed-if","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"b816792d652ad20a8299120c224c11903ec09ef4","title":"60539 sc medium critical withdraw dos zero reward validators cause permanent user fund lock via broken reward claim logic","pathname":"/vechain-or-stargate-hayabusa/60539-sc-medium-critical-withdraw-dos-zero-reward-validators-cause-permanent-user-fund-lock-via-brok","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"e4b84c137c3a2954d40a42ba825c2cb4c75ea04b","title":"60534 sc high a delegator who signals exit and waits for the validator to finish its period can no longer withdraw in the unstake function causing permanent loss of funds ","pathname":"/vechain-or-stargate-hayabusa/60534-sc-high-a-delegator-who-signals-exit-and-waits-for-the-validator-to-finish-its-period-can-no-l","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"72c19e47483b17610b7084b0119c29c8d56c0ae6","title":"60533 sc high overlap which will lead to loss of fund","pathname":"/vechain-or-stargate-hayabusa/60533-sc-high-overlap-which-will-lead-to-loss-of-fund","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"b1ac7558b171b4316af0d9afebb7bcb05ab383a7","title":"60527 sc insight delegationexitrequested event emits inconsistent exit period values","pathname":"/vechain-or-stargate-hayabusa/60527-sc-insight-delegationexitrequested-event-emits-inconsistent-exit-period-values","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"6e73f8549e88404f1d2176e02ed00c9876803ffb","title":"60525 sc insight levelcirculatingsupplyupdated not emitted during supply changes","pathname":"/vechain-or-stargate-hayabusa/60525-sc-insight-levelcirculatingsupplyupdated-not-emitted-during-supply-changes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"9dfbc44611a1f68615a80a7afea0cf865a4f0fc8","title":"60516 sc high incorrect boundary check in claimabledelegationperiods allows claiming rewards beyond delegation end period","pathname":"/vechain-or-stargate-hayabusa/60516-sc-high-incorrect-boundary-check-in-claimabledelegationperiods-allows-claiming-rewards-beyond","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"4c6ee4696becc865b2b4be4247f643787fd5abf4","title":"60506 sc high double delegatorseffectivestake decrease permanently prevents single nft from unstaking","pathname":"/vechain-or-stargate-hayabusa/60506-sc-high-double-delegatorseffectivestake-decrease-permanently-prevents-single-nft-from-unstakin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"2f39e106fab31f7f78e5cf5f2681255bd826c908","title":"60470 sc high double decrease of validator stake in stargate sol","pathname":"/vechain-or-stargate-hayabusa/60470-sc-high-double-decrease-of-validator-stake-in-stargate-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"28373aaabb89bf61b86793b52140bf28839f1565","title":"60466 sc medium maxclaimableperiodsexceeded lock zero reward backlog permanently locks nfts","pathname":"/vechain-or-stargate-hayabusa/60466-sc-medium-maxclaimableperiodsexceeded-lock-zero-reward-backlog-permanently-locks-nfts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"cc7b4fe4ae166707a15899482848352846f92320","title":"60450 sc insight code optimizations and enhancemets for efficient gas usage in several functions","pathname":"/vechain-or-stargate-hayabusa/60450-sc-insight-code-optimizations-and-enhancemets-for-efficient-gas-usage-in-several-functions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"6980b8549e5df3cd2b2e0bbd5461df2c80e653cf","title":"60431 sc high unauthorized vtho reward claims after delegation exit","pathname":"/vechain-or-stargate-hayabusa/60431-sc-high-unauthorized-vtho-reward-claims-after-delegation-exit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"2a5a7c97b125392d2e6dfd0b2f871725b5511f6d","title":"60429 sc high double decrease of effective stake prevents delegators from unstaking","pathname":"/vechain-or-stargate-hayabusa/60429-sc-high-double-decrease-of-effective-stake-prevents-delegators-from-unstaking","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"d12b2c780193d71ceb968c2b5b4b8060e4eb76a1","title":"60426 sc high rewards accounting off by one skipped double period exploit leads to direct loss of user funds via incorrect reward distribution theft of unclaimed yield misallocation of vt ","pathname":"/vechain-or-stargate-hayabusa/60426-sc-high-rewards-accounting-off-by-one-skipped-double-period-exploit-leads-to-direct-loss-of-us","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"7731c8f9e9ae78b67815ff34e60a387a78160182","title":"60419 sc high double decrease of effective stake leads to dos and permanent loss of funds","pathname":"/vechain-or-stargate-hayabusa/60419-sc-high-double-decrease-of-effective-stake-leads-to-dos-and-permanent-loss-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"1c4d95c07753bb8b3e1b34ec34713fa802464e35","title":"60400 sc high off by one in claimabledelegationperiods lets claims beyond exit","pathname":"/vechain-or-stargate-hayabusa/60400-sc-high-off-by-one-in-claimabledelegationperiods-lets-claims-beyond-exit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"9801cae163b2fe266290f66deb3a34a9189c576e","title":"60386 sc low missing setter for boostpriceperblock after adding new nft levels can allow users to bypass intended staking boost","pathname":"/vechain-or-stargate-hayabusa/60386-sc-low-missing-setter-for-boostpriceperblock-after-adding-new-nft-levels-can-allow-users-to-by","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"a4d15314f74adf6dde446e5ea09163b86d59e37f","title":"60373 sc high incorrect effective stake decrement when validator exits causes permanent freezing of user stake","pathname":"/vechain-or-stargate-hayabusa/60373-sc-high-incorrect-effective-stake-decrement-when-validator-exits-causes-permanent-freezing-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"bad74119aec939c70f85871a0ecd293b528112b5","title":"60372 sc high double decrement bug effective stake underflow permanently locks funds","pathname":"/vechain-or-stargate-hayabusa/60372-sc-high-double-decrement-bug-effective-stake-underflow-permanently-locks-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"98cc8b72211d714204eaf3eb890cdbf8d88b3136","title":"60335 sc insight missing or misleading code comments causes confusion and may lead to unnecessary code changes","pathname":"/vechain-or-stargate-hayabusa/60335-sc-insight-missing-or-misleading-code-comments-causes-confusion-and-may-lead-to-unnecessary-co","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"568e6da1593659bb9cc74ba86aa14ad828bcce04","title":"60334 sc high unstake permanently reverts when validator exits after delegator exit double decrease of effective stake ","pathname":"/vechain-or-stargate-hayabusa/60334-sc-high-unstake-permanently-reverts-when-validator-exits-after-delegator-exit-double-decrease","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"4ff830585c603ddcaa8b7460de10307f04ea2c74","title":"60318 sc low zero cost boost bypass for new levels","pathname":"/vechain-or-stargate-hayabusa/60318-sc-low-zero-cost-boost-bypass-for-new-levels","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"2db434de6180cca8b397d03971b12841f6b43f12","title":"60311 sc high double effective stake decrement freezes unstake permanently after validator exit","pathname":"/vechain-or-stargate-hayabusa/60311-sc-high-double-effective-stake-decrement-freezes-unstake-permanently-after-validator-exit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"f7dcf5a8a587f598083f2db2da39676f5fb785a9","title":"60310 sc high incorrect boundary check in claimabledelegationperiods allows claiming rewards beyond delegation end period","pathname":"/vechain-or-stargate-hayabusa/60310-sc-high-incorrect-boundary-check-in-claimabledelegationperiods-allows-claiming-rewards-beyond","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"c029d1e4b893c2375ec80cdda4205fc6c0cdabcf","title":"60298 sc high duplicate effectivestake decrement path bricks unstake re delegate","pathname":"/vechain-or-stargate-hayabusa/60298-sc-high-duplicate-effectivestake-decrement-path-bricks-unstake-re-delegate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"e5f90dcb49c87766c8f4da5930274578803974d8","title":"60289 sc low misconfigured level with maturityblocks 0 allows skip of maturity requirements and backrun minting","pathname":"/vechain-or-stargate-hayabusa/60289-sc-low-misconfigured-level-with-maturityblocks-0-allows-skip-of-maturity-requirements-and-back","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"500bacf8b34dfc23ec4d305d55eea7002ea0328f","title":"60282 sc high last delegators for an exited validator may be dosed from re delegating or unstaking due to incorrect accounting of period effective stake","pathname":"/vechain-or-stargate-hayabusa/60282-sc-high-last-delegators-for-an-exited-validator-may-be-dosed-from-re-delegating-or-unstaking-d","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Vechain | Stargate Hayabusa"}]},{"id":"e670c55d8288be04533330e707347f5a44f5e146","title":"Belong","pathname":"/belong","siteSpaceId":"sitesp_stpzW"},{"id":"102e2f554c230b39eebd97b654e2d6909ab971c9","title":"57810 sc insight gas optimization use calldata for external struct parameters in checkaccesstokeninfo or checkcustomerinfo or checkpromoterpaymentdistribution ","pathname":"/belong/57810-sc-insight-gas-optimization-use-calldata-for-external-struct-parameters-in-checkaccesstokeninf","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"383c935e89be874398f8516712c1c5aecce29901","title":"57921 sc insight whitelisted role cannot be revoked in nft cairo ","pathname":"/belong/57921-sc-insight-whitelisted-role-cannot-be-revoked-in-nft-cairo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"11bce7b2287a6e3356a0c546c86649dba4a98ed6","title":"57931 sc insight consumes more gas than intended in getstandardizedprice function in helper library","pathname":"/belong/57931-sc-insight-consumes-more-gas-than-intended-in-getstandardizedprice-function-in-helper-library","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"6846fbec46c3e45cf51889cc9ad7ae781d72b736","title":"57437 sc medium front running in factory produce ","pathname":"/belong/57437-sc-medium-front-running-in-factory-produce","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"9b5b5d7a3917e01aba521c167dbad8180be896a2","title":"57924 sc critical the staking contract is suceptible to the classic first depositor exploit","pathname":"/belong/57924-sc-critical-the-staking-contract-is-suceptible-to-the-classic-first-depositor-exploit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"4d2c35e59632be0251a7659f6264f4705731c534","title":"57453 sc low attackers can drain user allowance provided to the belongcheckin sol","pathname":"/belong/57453-sc-low-attackers-can-drain-user-allowance-provided-to-the-belongcheckin-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"910340f4e96760cfd2d325a952f355223f6b678f","title":"57803 sc insight gas optimize paymentsinfo struct layout to save storage slots and reduce gas costs","pathname":"/belong/57803-sc-insight-gas-optimize-paymentsinfo-struct-layout-to-save-storage-slots-and-reduce-gas-costs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"c151f7852410782f873c3db973671f9817f269a1","title":"57634 sc medium unauthorized minting of nfts due to signature replay","pathname":"/belong/57634-sc-medium-unauthorized-minting-of-nfts-due-to-signature-replay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"acb9e6b505d8c2555454fbd29eaaf21cefbb1b1e","title":"57942 sc critical transferred slong shares are permanently unredeemable due to missing stake entry creation","pathname":"/belong/57942-sc-critical-transferred-slong-shares-are-permanently-unredeemable-due-to-missing-stake-entry-c","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"8188e4a98a97e2ad54419de0bd31ef5f6330ac57","title":"56826 sc medium attacker can bloat a victim s stakes array and cause withdrawals emergency flows to run out of gas","pathname":"/belong/56826-sc-medium-attacker-can-bloat-a-victim-s-stakes-array-and-cause-withdrawals-emergency-flows-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"06e5173f7c7b66f4e5ad861a9cf55d5176956b8e","title":"57610 sc medium venues can steal from customers by replaying payments via belongcheckin paytovenue ","pathname":"/belong/57610-sc-medium-venues-can-steal-from-customers-by-replaying-payments-via-belongcheckin-paytovenue","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"5972a4feee658d50df3743e9519fc9d04a25065c","title":"57691 sc medium malicious referrer can permanently block eth payment flow","pathname":"/belong/57691-sc-medium-malicious-referrer-can-permanently-block-eth-payment-flow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"6b90d68b550391d596240656443dbb125873167f","title":"57727 sc medium venues with autostake long paymenttype can be griefed and cause permanent freeze of long token","pathname":"/belong/57727-sc-medium-venues-with-autostake-long-paymenttype-can-be-griefed-and-cause-permanent-freeze-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"d4449c33cb04bebe1ec95bfcd25b559c7c5ad9d2","title":"57615 sc medium permanent freezing of user assets in staking sol ","pathname":"/belong/57615-sc-medium-permanent-freezing-of-user-assets-in-staking-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"d4aa5631e0f1b1765b35cea913adee718fd258d2","title":"57076 sc high incorrect slippage would result in swap manipulations","pathname":"/belong/57076-sc-high-incorrect-slippage-would-result-in-swap-manipulations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"16d4c14a49ebd768baa5a4eae5ce720a48d95780","title":"57786 sc high malicious users can frontrun staking distributerewards to claim majority of rewards","pathname":"/belong/57786-sc-high-malicious-users-can-frontrun-staking-distributerewards-to-claim-majority-of-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"68ca24b9200f971ad9bb43f231ce471f721b3795","title":"57905 sc medium signature malleability and replay attack vulnerabilities in signature verification","pathname":"/belong/57905-sc-medium-signature-malleability-and-replay-attack-vulnerabilities-in-signature-verification","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ec544de57c67fe4aeb898fc96e1818e7ff603c8f","title":"57927 sc medium front run takeover in factory produce","pathname":"/belong/57927-sc-medium-front-run-takeover-in-factory-produce","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3742a851b48187273521547927459bf61842f179","title":"57427 sc medium mint signatures are not bound to a collection which makes cross collection replay possible under a shared signer","pathname":"/belong/57427-sc-medium-mint-signatures-are-not-bound-to-a-collection-which-makes-cross-collection-replay-po","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3b8f3b6a6fee890f49e920103d2124c1c93a36fe","title":"57134 sc insight accesstoken sol is not erc721 compliant","pathname":"/belong/57134-sc-insight-accesstoken-sol-is-not-erc721-compliant","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"8ec81d9e6666dd7171c31504fa131b2af03632d5","title":"57850 sc medium by transferring his staking shares to another non staking address allowing him to bypass minstakeperiod ","pathname":"/belong/57850-sc-medium-by-transferring-his-staking-shares-to-another-non-staking-address-allowing-him-to-by","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"dae62384f074461745c544595133830fe496f438","title":"57445 sc medium signature replay with mutable parameters","pathname":"/belong/57445-sc-medium-signature-replay-with-mutable-parameters","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a604e9e6d1181c0fdd7ce210902edac0f62a6358","title":"57458 sc medium dos griefing in batch eth payout malicious payee receive can revert and block releaseall for all payees in royaltiesreceiverv2","pathname":"/belong/57458-sc-medium-dos-griefing-in-batch-eth-payout-malicious-payee-receive-can-revert-and-block-releas","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"1f446146c766b9e156fccb78a7043838c1f80a53","title":"57237 sc high cross token math contaminates payouts in receiver ","pathname":"/belong/57237-sc-high-cross-token-math-contaminates-payouts-in-receiver","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"44b111bffb908dcffd119dfdd2069e77e113945c","title":"56872 sc critical freezing of funds ","pathname":"/belong/56872-sc-critical-freezing-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"1b510edcce4cafc36b07ad20c5be67dcc43714d8","title":"57790 sc medium withdrawal denial of service via dust stake spam","pathname":"/belong/57790-sc-medium-withdrawal-denial-of-service-via-dust-stake-spam","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"0694b0912b44541cbc5867c1a63c7f87d2c7ea2a","title":"56881 sc high temporary claim freezing","pathname":"/belong/56881-sc-high-temporary-claim-freezing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"d6becd3d211de52ef84c2ee9d608d1035b33fb5c","title":"57702 sc medium the long payment path is sensitive to the long inventory in escrow and insufficient inventory can easily lead to business unavailability dos of long payments ","pathname":"/belong/57702-sc-medium-the-long-payment-path-is-sensitive-to-the-long-inventory-in-escrow-and-insufficient","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"4df28800e9e85c236b97bc0a54346e808fe827e9","title":"57736 sc critical first depositor attack is possible","pathname":"/belong/57736-sc-critical-first-depositor-attack-is-possible","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"867870fefefa053d258bcc68d627dd82cd067ce1","title":"57733 sc high swapexact s slippge is not works as expected","pathname":"/belong/57733-sc-high-swapexact-s-slippge-is-not-works-as-expected","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"7f8509f64f46ec5767dec71f16b7c1bcdcf6374c","title":"57938 sc medium produce function doesn t check if creator is the caller allowing frontrunning attacks","pathname":"/belong/57938-sc-medium-produce-function-doesn-t-check-if-creator-is-the-caller-allowing-frontrunning-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"e8cc456ab69c52d4453b18d1af8754a1a73aee15","title":"57348 sc insight incorrectly returned values and emitted data on staking emergency functionality","pathname":"/belong/57348-sc-insight-incorrectly-returned-values-and-emitted-data-on-staking-emergency-functionality","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"7ac46d56c17824b3baf93dbe331b2de50967ec35","title":"57194 sc medium signature replay across collections missing contract binding ","pathname":"/belong/57194-sc-medium-signature-replay-across-collections-missing-contract-binding","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f04100faf02438624d36c841700cb65aee27e8dc","title":"57685 sc critical vulnerabilities in the design of the token s staking mechanism resulted in financial harm to users involved in transfer related operations ","pathname":"/belong/57685-sc-critical-vulnerabilities-in-the-design-of-the-token-s-staking-mechanism-resulted-in-financi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ab41bdb1b8d177d374487a91834a6b0305293e43","title":"57913 sc insight missing validation in setparameters allows invalid fee configuration causing reverts in paytovenue ","pathname":"/belong/57913-sc-insight-missing-validation-in-setparameters-allows-invalid-fee-configuration-causing-revert","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"832c9e07be29be2bd330534e50638fe889667a1b","title":"57656 sc insight incorrect supply cap check uses token id instead of total supply in base mint ","pathname":"/belong/57656-sc-insight-incorrect-supply-cap-check-uses-token-id-instead-of-total-supply-in-base-mint","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"46d23150af9665642ef5d63593bb1ffd52971ea2","title":"57515 sc high cross token accounting is broken","pathname":"/belong/57515-sc-high-cross-token-accounting-is-broken","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"e9ac838161e32d2a7ab4d3d3d0fc1246692dd244","title":"56841 sc high sudden addition of rewards will be frontrun with deposits just to steal part of reward","pathname":"/belong/56841-sc-high-sudden-addition-of-rewards-will-be-frontrun-with-deposits-just-to-steal-part-of-reward","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"643a2f7fb4d35c7b4045f677cc26fb871a9ddf4e","title":"57586 sc high calculating slippage for swap onchain does not prevent slippage loss","pathname":"/belong/57586-sc-high-calculating-slippage-for-swap-onchain-does-not-prevent-slippage-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"57649c5cf7ac987e9d44a25298b1535e2f967b79","title":"57268 sc insight erc1155base missing collection uri fallback causes significant gas waste on every token mint","pathname":"/belong/57268-sc-insight-erc1155base-missing-collection-uri-fallback-causes-significant-gas-waste-on-every-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"05567a41bf3f1ad6b10a01557557c7892e9121d1","title":"57362 sc medium attacker can dos user withdraw in staking contract","pathname":"/belong/57362-sc-medium-attacker-can-dos-user-withdraw-in-staking-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"fc138800a35eec51491f926e3ace7853dd4125c6","title":"57895 sc medium lack of msg sender validation in collection creation signature enables front running attack leading to creator impersonation","pathname":"/belong/57895-sc-medium-lack-of-msg-sender-validation-in-collection-creation-signature-enables-front-running","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"c38aa6b0e902366487992bb9d2853f5719929b78","title":"57255 sc low allowed minting of nfts after collection expiry date","pathname":"/belong/57255-sc-low-allowed-minting-of-nfts-after-collection-expiry-date","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"69e488f4cfc56591b630d9fbaf57f326e4eab027","title":"57650 sc low wrapped native token routing can fail without full validation","pathname":"/belong/57650-sc-low-wrapped-native-token-routing-can-fail-without-full-validation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"e3227fb7202b086c3d13202106683883c9a6d226","title":"57388 sc medium cross contract signature replay because verifying contract is not included in the digest","pathname":"/belong/57388-sc-medium-cross-contract-signature-replay-because-verifying-contract-is-not-included-in-the-di","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"6dede5c87e02d8d59c055d1cdbbf7693f5bef09d","title":"57882 sc insight venue tokens cannot be withdrawn when there are no promoters involved in customers transactions","pathname":"/belong/57882-sc-insight-venue-tokens-cannot-be-withdrawn-when-there-are-no-promoters-involved-in-customers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"7667a31203c37a697ca642546805c0ee0bb0890a","title":"57401 sc critical erc4626 inflation attack vulnerability","pathname":"/belong/57401-sc-critical-erc4626-inflation-attack-vulnerability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"d8433236fbe3942972b2e53c66f958a34f037891","title":"57911 sc medium signature are malleable in signatureverifier sol ","pathname":"/belong/57911-sc-medium-signature-are-malleable-in-signatureverifier-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"2f8002b1bbcc5ed6cd6b4ce806863b54f3e64d93","title":"57932 sc critical attacker can bypass stake lock","pathname":"/belong/57932-sc-critical-attacker-can-bypass-stake-lock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f1ee576e01657fcc16ca590d1acb55c164bd2c86","title":"57435 sc high missing slippage protection enables direct theft via mev sandwich attacks","pathname":"/belong/57435-sc-high-missing-slippage-protection-enables-direct-theft-via-mev-sandwich-attacks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"482828de610dfc7c92b6a0080ff601ffa2664670","title":"57718 sc low staking tier error using erc4626 shares rather than assets to determine staking tiers leads to long term distortion in fees and commissions ","pathname":"/belong/57718-sc-low-staking-tier-error-using-erc4626-shares-rather-than-assets-to-determine-staking-tiers-l","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"7e33aa1bbc80e5186a7dace76f11fe1fcf7757ea","title":"57917 sc medium penallty can be bypassed in staking sol emergencywithdraw ","pathname":"/belong/57917-sc-medium-penallty-can-be-bypassed-in-staking-sol-emergencywithdraw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"9dcfa86e70069354dd3f943283a27264a0e75b9a","title":"57089 sc medium unauthorized collection hijack via unsigned creator","pathname":"/belong/57089-sc-medium-unauthorized-collection-hijack-via-unsigned-creator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3a45eafdc30e2ec72425ed47ed615c32f6c39228","title":"57558 sc low front running issue in emergencycancelpayment ","pathname":"/belong/57558-sc-low-front-running-issue-in-emergencycancelpayment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"c669fb6b9caffcc3da960d58d5783cdbd4704c5a","title":"57467 sc insight unlimited referrals hashedcode referralusers increases gas cost with each new referral making it very expensive ","pathname":"/belong/57467-sc-insight-unlimited-referrals-hashedcode-referralusers-increases-gas-cost-with-each-new-refer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f3717f2b95e438bccd44659935eb48316948cd2a","title":"57307 sc low cairo factory referral percentages never update","pathname":"/belong/57307-sc-low-cairo-factory-referral-percentages-never-update","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"26fb8679caa73c1f0f1c914fa33182ce3d6288f9","title":"57425 sc low referral percentage updates are ignored due to append only storage in nftfactory","pathname":"/belong/57425-sc-low-referral-percentage-updates-are-ignored-due-to-append-only-storage-in-nftfactory","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"df024a7a6043a227c584b7e4758a8c6f9137665f","title":"57595 sc low single tier swap path can stall core flows","pathname":"/belong/57595-sc-low-single-tier-swap-path-can-stall-core-flows","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"68d8c87a257a215ecc838de0363fa4b9714644d1","title":"57008 sc critical emergencywithdraw function malfunction due to missing validation in removeanysharesfor","pathname":"/belong/57008-sc-critical-emergencywithdraw-function-malfunction-due-to-missing-validation-in-removeanyshare","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"d927b0479fd8835f7a379252442869b97bae1468","title":"57677 sc medium signature replay in venuedeposit enables affiliate referral code hijacking leading to unauthorized commission theft","pathname":"/belong/57677-sc-medium-signature-replay-in-venuedeposit-enables-affiliate-referral-code-hijacking-leading-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"277ee698052fcde8bc402c1435f11f2d6486e20d","title":"57245 sc medium needless iterations in for loops should be removed for better optimization and code maintenance","pathname":"/belong/57245-sc-medium-needless-iterations-in-for-loops-should-be-removed-for-better-optimization-and-code","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ce36aa82aeede0a7ece7d2a5f7599c3cd61315e5","title":"57875 sc medium signature bypass lets creators alter key accesstoken parameters before deployment","pathname":"/belong/57875-sc-medium-signature-bypass-lets-creators-alter-key-accesstoken-parameters-before-deployment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"77362e62d7792acc06d1409dc6f0c3611f3ec804","title":"57874 sc insight global metadata wipe on burn one promoter s payout clears the shared erc1155 token uri for all promoters of the same venue","pathname":"/belong/57874-sc-insight-global-metadata-wipe-on-burn-one-promoter-s-payout-clears-the-shared-erc1155-token","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"df7dfcd24a57683139a9fce115a43c430f9b1703","title":"56814 sc medium users can create unauthorized accesstoken collections by exploiting abi encodepacked collision","pathname":"/belong/56814-sc-medium-users-can-create-unauthorized-accesstoken-collections-by-exploiting-abi-encodepacked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"7830b98ffa419f8baf17915a0d315b611ec06269","title":"56869 sc medium hijacking deployment of accesstoken and stealing ownership to prevent further deployments","pathname":"/belong/56869-sc-medium-hijacking-deployment-of-accesstoken-and-stealing-ownership-to-prevent-further-deploy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"4422b77b9e660f1c34741cc5a77261e6f1523065","title":"57864 sc medium abi encodepacked hash collision vulnerability in dynamic type encoding permits malicious signature bypass enabling unauthorized and repeatable transaction execution","pathname":"/belong/57864-sc-medium-abi-encodepacked-hash-collision-vulnerability-in-dynamic-type-encoding-permits-malic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"2cc01bce8a4f07f72fdddc7f16e618c434654f2c","title":"57902 sc insight erc1155base re mint overwrites token uri allowing post issuance nft alteration griefing","pathname":"/belong/57902-sc-insight-erc1155base-re-mint-overwrites-token-uri-allowing-post-issuance-nft-alteration-grie","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"95ced9f2e718c736510e9e7e0d1817ce27f648f7","title":"57373 sc medium signature replay vulnerability due to missing nonce and deadline checks","pathname":"/belong/57373-sc-medium-signature-replay-vulnerability-due-to-missing-nonce-and-deadline-checks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f8e89d347f3a9850a6aeac60449d954a755f6b0c","title":"56863 sc critical first depositor advantage","pathname":"/belong/56863-sc-critical-first-depositor-advantage","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"82ff5759d56b6443edf89fe04774687e01aa1782","title":"57583 sc low promoter bounty bait and switch via updatevenuerules","pathname":"/belong/57583-sc-low-promoter-bounty-bait-and-switch-via-updatevenuerules","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"352ba1d2f01140c1931cdae902d1feaa9cd88578","title":"57804 sc insight unbounded percentages cause underflow and dos in mint payment flow","pathname":"/belong/57804-sc-insight-unbounded-percentages-cause-underflow-and-dos-in-mint-payment-flow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3ad691cf3488584829733d3d6dcb0914d337bc44","title":"57854 sc medium front running attack allows collection ownership theft","pathname":"/belong/57854-sc-medium-front-running-attack-allows-collection-ownership-theft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"0ae5f38cd7470207d48edb2f586e1163f9797f5a","title":"57910 sc insight missing validation on referral percentage sum","pathname":"/belong/57910-sc-insight-missing-validation-on-referral-percentage-sum","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3839e705d4c842f62b746c5b2ddf81c5c17da06e","title":"57838 sc insight missing produce name sanitization allows breaking snip 12 standard compliance","pathname":"/belong/57838-sc-insight-missing-produce-name-sanitization-allows-breaking-snip-12-standard-compliance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"5f48665c4785048e4b6a93fa2106bdbe0a6cf3f8","title":"57776 sc insight staking sol is not eip4626 compliant breaking integrations","pathname":"/belong/57776-sc-insight-staking-sol-is-not-eip4626-compliant-breaking-integrations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"b57f54689f3c9fb0b3f9b9bddeb19fd70d1e7872","title":"57452 sc high on chain quoter reliance and spot price based swaps enable pool manipulation and value extraction from protocol controlled conversions usdc long ","pathname":"/belong/57452-sc-high-on-chain-quoter-reliance-and-spot-price-based-swaps-enable-pool-manipulation-and-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"9196e96324cf99adc088e375e06396297928f122","title":"57676 sc high cross token accounting in receiver allows permanent freezing of erc20 royalty payouts","pathname":"/belong/57676-sc-high-cross-token-accounting-in-receiver-allows-permanent-freezing-of-erc20-royalty-payouts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"346a22174a594066ca8dddde4882f9f552a07927","title":"57580 sc medium signature replay enables frontrunning of produce producecredittoken","pathname":"/belong/57580-sc-medium-signature-replay-enables-frontrunning-of-produce-producecredittoken","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a0058645932c61c70b0a9fc4620ea78b5c64d5ee","title":"57505 sc low missing collection expiration enforcement allows unauthorized minting ","pathname":"/belong/57505-sc-low-missing-collection-expiration-enforcement-allows-unauthorized-minting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3ac20442950251af65c72022f097600b0d5e47d5","title":"57279 sc medium signature replayability repeated use of signed access tokens allows duplicate mints high ","pathname":"/belong/57279-sc-medium-signature-replayability-repeated-use-of-signed-access-tokens-allows-duplicate-mints","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"c6bae53a54ff983fd3068d65b3478dea48eed840","title":"57939 sc medium signature collision via abi encodepacked","pathname":"/belong/57939-sc-medium-signature-collision-via-abi-encodepacked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"81759667a368c69ab007b97b6872b117bae095cb","title":"57671 sc high royaltiesreceiverv2 shares referralshare uses dynamic values which may result in failure to release funds properly ","pathname":"/belong/57671-sc-high-royaltiesreceiverv2-shares-referralshare-uses-dynamic-values-which-may-result-in-failu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"c9559293646f3445d5e97e7d6aab3d3775c08112","title":"57201 sc low missing collection expiry enforcement","pathname":"/belong/57201-sc-low-missing-collection-expiry-enforcement","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"b17a87b1f05010fac1a9a1760e017729a287fe19","title":"57596 sc low reentrancy in distributepromoterpayments allows total theft of promoter and venue funds","pathname":"/belong/57596-sc-low-reentrancy-in-distributepromoterpayments-allows-total-theft-of-promoter-and-venue-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"98847846253e961e1bf2e514fd8caf4f883ccd19","title":"57848 sc medium permanent freezing of funds due to no minimum stake limit","pathname":"/belong/57848-sc-medium-permanent-freezing-of-funds-due-to-no-minimum-stake-limit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ed69027fe8a2b3a3b4b5669348e3a61cb11c676e","title":"57766 sc medium attacker can permanently lock any user s funds","pathname":"/belong/57766-sc-medium-attacker-can-permanently-lock-any-user-s-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f9d61ba9916b7914d5c18464cbd43ad6514c852f","title":"57891 sc medium signature replay lets attackers hijack nft collection deployment","pathname":"/belong/57891-sc-medium-signature-replay-lets-attackers-hijack-nft-collection-deployment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a1429f0c60053b943aa62d2d5e134fa07951b686","title":"57358 sc medium unlimited stake entries allow account griefing via tiny deposits","pathname":"/belong/57358-sc-medium-unlimited-stake-entries-allow-account-griefing-via-tiny-deposits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"52738d022e828f42d4c6532bc6febde5e1da7126","title":"57872 sc low processing fee computed on full long amount instead of subsidy in paytovenue underpaying venues and enabling long payment dos under misconfiguration","pathname":"/belong/57872-sc-low-processing-fee-computed-on-full-long-amount-instead-of-subsidy-in-paytovenue-underpayin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a2d3e1a8398f5fa7716202cd7aae6f264feabb87","title":"57717 sc medium attacker can spam tiny stakes to a victim and make their withdrawal run out of gas griefing dos ","pathname":"/belong/57717-sc-medium-attacker-can-spam-tiny-stakes-to-a-victim-and-make-their-withdrawal-run-out-of-gas-g","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a11cf4e16382185c9e4e9a6d5bb3234fb66e8e18","title":"57283 sc medium unauthorised promoter payouts due to signature replay attack ","pathname":"/belong/57283-sc-medium-unauthorised-promoter-payouts-due-to-signature-replay-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"e4c30535a8f21b8710c8087591ea41b3bafbb8e6","title":"56867 sc medium signature collision caused counterfeit accesstoken collections with arbitrary name symbol uri","pathname":"/belong/56867-sc-medium-signature-collision-caused-counterfeit-accesstoken-collections-with-arbitrary-name-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"09f01b9385ad9d3350ad77ee2715b6109a76a4d7","title":"57236 sc medium accesstoken collection front running attack permanent ownership hijack ","pathname":"/belong/57236-sc-medium-accesstoken-collection-front-running-attack-permanent-ownership-hijack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"efdb19b048846695e0b5d123f0c0e0bd48a396fc","title":"57884 sc low staking tier manipulation via erc4626 shares slong ","pathname":"/belong/57884-sc-low-staking-tier-manipulation-via-erc4626-shares-slong","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"62d6d341fc4f03c9d104d9f33bffa7ff26fab4c1","title":"57669 sc medium stakers will bypass minstakeperiod time locks and extract rewards without commitment through emergency withdrawal mechanism","pathname":"/belong/57669-sc-medium-stakers-will-bypass-minstakeperiod-time-locks-and-extract-rewards-without-commitment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"d201f272019ed1237ad8bd48c2d9ff68bb886597","title":"56896 sc critical staking contract is vulnerable to inflation attack making malicious 1st staker grief the following stakers","pathname":"/belong/56896-sc-critical-staking-contract-is-vulnerable-to-inflation-attack-making-malicious-1st-staker-gri","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a9bd6517f84dfe5b88057b6b65e25d00dc2980df","title":"57485 sc medium emergencywithdraw cost more penalty than expected","pathname":"/belong/57485-sc-medium-emergencywithdraw-cost-more-penalty-than-expected","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"2a785c6072ae985b47a2ec8e884247e3f21cf864","title":"57271 sc medium incorrect penalty calculation on emergency withdrawals redemption s ","pathname":"/belong/57271-sc-medium-incorrect-penalty-calculation-on-emergency-withdrawals-redemption-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"338dc7e9ecc98a912eec6366f3bb622f41acdf09","title":"57716 sc critical erc4626 inflation bug in staking contract","pathname":"/belong/57716-sc-critical-erc4626-inflation-bug-in-staking-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"8df89a9ef5f0a3b9e69fb13902346507f7d532b2","title":"57314 sc medium signature replay and hash collision via abi encodepacked in signatureverifier sol","pathname":"/belong/57314-sc-medium-signature-replay-and-hash-collision-via-abi-encodepacked-in-signatureverifier-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"4c1e57644ff89d63ab53b13f0955b3334e6e7ba1","title":"57712 sc medium receiver deployment dos via salt reuse","pathname":"/belong/57712-sc-medium-receiver-deployment-dos-via-salt-reuse","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"cde76784f3eb2c5d0297788151625f7e47cb72a0","title":"57482 sc critical front running a donation can inflate the share causing users to lose funds","pathname":"/belong/57482-sc-critical-front-running-a-donation-can-inflate-the-share-causing-users-to-lose-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"9b2749138def72fe30a4c606cfcb5e744391ef6b","title":"57426 sc medium dynamic price signature replay allows unlimited minting at historical prices","pathname":"/belong/57426-sc-medium-dynamic-price-signature-replay-allows-unlimited-minting-at-historical-prices","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f3d2fa0d1eff8f8abdee9ba0ca4bddc74b24cb01","title":"57940 sc medium deterministic address collision in cairo deployment causes dos and unintended receiver sharing","pathname":"/belong/57940-sc-medium-deterministic-address-collision-in-cairo-deployment-causes-dos-and-unintended-receiv","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"fe12939dc6e82c9ca6c9e92e5c913afc70efad23","title":"57203 sc medium revised malicious accesstoken creator can steal gas via mintstaticprice or mintdynamicprice ","pathname":"/belong/57203-sc-medium-revised-malicious-accesstoken-creator-can-steal-gas-via-mintstaticprice-or-mintdynam","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f284eaa37929aff691163b62d24845cd43e57cdb","title":"57829 sc high incorrect fee implementation in paytovenue long payment path causes protocol fees to be permanently locked in escrow","pathname":"/belong/57829-sc-high-incorrect-fee-implementation-in-paytovenue-long-payment-path-causes-protocol-fees-to-b","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"180670eef7a337756db2ed29c88f906611827a15","title":"57398 sc critical incorrect platform subsidy processing in long payments causing venue payout failures","pathname":"/belong/57398-sc-critical-incorrect-platform-subsidy-processing-in-long-payments-causing-venue-payout-failur","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"9d89102f7b154d124a3c74bd2138cfff4efe31a6","title":"57877 sc high accesstoken creators can bypass fees so that platform address will receive 0 fees ","pathname":"/belong/57877-sc-high-accesstoken-creators-can-bypass-fees-so-that-platform-address-will-receive-0-fees","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"91325810555dbf949cc4a320f543505912e69825","title":"56810 sc medium accesstoken cross contract signature replay allows unauthorized minting on other collections","pathname":"/belong/56810-sc-medium-accesstoken-cross-contract-signature-replay-allows-unauthorized-minting-on-other-col","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a517c5db021485168bbbe08e518a9d9b74e88564","title":"56907 sc critical attacker can steal first depositor s asset with inflation attack","pathname":"/belong/56907-sc-critical-attacker-can-steal-first-depositor-s-asset-with-inflation-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"781c8b8af27e91f2e45a1c7203a78dcefb590628","title":"56850 sc critical donation attack posible on staking sol because its totalasset uses asset balanceof ","pathname":"/belong/56850-sc-critical-donation-attack-posible-on-staking-sol-because-its-totalasset-uses-asset-balanceof","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ad83d07ce70fe42ed168aaa721e33b7ce02c0bd1","title":"57399 sc critical erc4626 staking lockbook breaks share fungibility partial transfers can dos withdrawals","pathname":"/belong/57399-sc-critical-erc4626-staking-lockbook-breaks-share-fungibility-partial-transfers-can-dos-withdr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"9c0bccde5883646bc2eb6aec0d3fd08515f0a025","title":"57221 sc high incorrect processing fee calculation causes venue payouts to be misallocated","pathname":"/belong/57221-sc-high-incorrect-processing-fee-calculation-causes-venue-payouts-to-be-misallocated","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"e53b008942c8cb46071a0e90efc528aa613aa4d2","title":"57519 sc medium unbounded stake array allows permanent withdraw lock via dust deposits on behalf of victims","pathname":"/belong/57519-sc-medium-unbounded-stake-array-allows-permanent-withdraw-lock-via-dust-deposits-on-behalf-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ca404d3af52ac401a6fb6bf13223666309a7711b","title":"56860 sc medium hash collision in signature verification","pathname":"/belong/56860-sc-medium-hash-collision-in-signature-verification","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"5eb1cea3efc7309fdb5aaa13ba476202ad102cd7","title":"57813 sc critical transfer recipients will pay unwarranted emergency withdrawal penalties for share positions they legitimately own","pathname":"/belong/57813-sc-critical-transfer-recipients-will-pay-unwarranted-emergency-withdrawal-penalties-for-share","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f7e824948a93b39d912141885ac4a55876bf2c4a","title":"57809 sc critical inflation of shares in staking contract","pathname":"/belong/57809-sc-critical-inflation-of-shares-in-staking-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"b6b56c0871381bb6eebc9eeb2f68cd35a54a098d","title":"57800 sc medium signature replay vulnerability in belongcheckin distributepromoterpayments","pathname":"/belong/57800-sc-medium-signature-replay-vulnerability-in-belongcheckin-distributepromoterpayments","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"87935afb0d46c8206a7e69d01598d2d701223b81","title":"57799 sc low retroactive lock period changes affect existing stakes","pathname":"/belong/57799-sc-low-retroactive-lock-period-changes-affect-existing-stakes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"d6ac477dd62175269a2fc775d5eb44ed9860ee24","title":"57796 sc medium signature hashing collision in signatureverifier lets attacker deploy forged accesstoken credittoken metadata critical unintended alteration of what the nft represents ","pathname":"/belong/57796-sc-medium-signature-hashing-collision-in-signatureverifier-lets-attacker-deploy-forged-accesst","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ff7304c3ffcfba798a47c27c09b8c42e8afde74b","title":"57701 sc insight accesstoken collectionexpire is never checked allowing tokens to be minted even after the collection expires ","pathname":"/belong/57701-sc-insight-accesstoken-collectionexpire-is-never-checked-allowing-tokens-to-be-minted-even-aft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"830c65f91c3c0853edb935fc50ec229653e3cac9","title":"57015 sc medium unbounded array loop","pathname":"/belong/57015-sc-medium-unbounded-array-loop","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a61b7786e2cd35f3a499d2cf9698ad192bf9542d","title":"57775 sc medium paytovenue will revert due to notenoughlongs funds in the escrow contract","pathname":"/belong/57775-sc-medium-paytovenue-will-revert-due-to-notenoughlongs-funds-in-the-escrow-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"221e9cf19fe9d5ba22a6c7b54af25cb2fdf3f9be","title":"57628 sc critical improper transfer can lead to funds been frozen","pathname":"/belong/57628-sc-critical-improper-transfer-can-lead-to-funds-been-frozen","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"c93c44a465e78dbcf0f84b4dd1c3d0280535e624","title":"57061 sc high retroactive share recalculation causes royalty distribution failure","pathname":"/belong/57061-sc-high-retroactive-share-recalculation-causes-royalty-distribution-failure","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"1eee631990b46772c2af3e30cf2b19720d6ff6a3","title":"56941 sc critical staking vault vulnerable to first depositor donation attack","pathname":"/belong/56941-sc-critical-staking-vault-vulnerable-to-first-depositor-donation-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"610152e2152c20e831b7dae2a01aade6f4cacb2a","title":"57738 sc medium name squatting front run on produce allows attacker to preempt legitimate creator and capture future mint revenue","pathname":"/belong/57738-sc-medium-name-squatting-front-run-on-produce-allows-attacker-to-preempt-legitimate-creator-an","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"9bec576f449ff2a0769ed76ea09872dc2541ce55","title":"57735 sc insight whitelist bypass in static mint pricing trusting signed params whitelisted instead of on chain iswhitelisted leads to underpricing and access control violation ","pathname":"/belong/57735-sc-insight-whitelist-bypass-in-static-mint-pricing-trusting-signed-params-whitelisted-instead","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"31f9de53254537d1e9984f86554d678e7ba1db54","title":"57724 sc medium universal signature for produce allows front running and collection hijack","pathname":"/belong/57724-sc-medium-universal-signature-for-produce-allows-front-running-and-collection-hijack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"74bdcc65733e670a714798ca248ce474ceeca75d","title":"57723 sc medium signature replay front run and timing control issues","pathname":"/belong/57723-sc-medium-signature-replay-front-run-and-timing-control-issues","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"392073b6bff4d2392408dc22924186a3e23ced99","title":"57929 sc medium produce function doesn t check if creator is the caller allowing frontrunning attacks","pathname":"/belong/57929-sc-medium-produce-function-doesn-t-check-if-creator-is-the-caller-allowing-frontrunning-attack","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"56f47e0b8de681a716786712991ff356e86e42f6","title":"57284 sc medium updating minimum staking period griefs previously unlocked users","pathname":"/belong/57284-sc-medium-updating-minimum-staking-period-griefs-previously-unlocked-users","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"43ac64fb1865b08d65d11f9a9845b5f1cf1f73fa","title":"57703 sc medium dos with revert via unbounded loop","pathname":"/belong/57703-sc-medium-dos-with-revert-via-unbounded-loop","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"6287d1679ceed955f283af89a94d99dd6434cbf5","title":"57892 sc insight long tokens will be stuck in the escrow if customers exclusively use usdc payments in paytovenue","pathname":"/belong/57892-sc-insight-long-tokens-will-be-stuck-in-the-escrow-if-customers-exclusively-use-usdc-payments","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"a63adf07498f524d2d343500db4dd0a1226739cd","title":"57663 sc insight gas storage optimization erc1155info struct in structures sol can save one slot through field reordering","pathname":"/belong/57663-sc-insight-gas-storage-optimization-erc1155info-struct-in-structures-sol-can-save-one-slot-thr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"05b9a63978cd743cc58a81709ecdeecf3653be9c","title":"57898 sc high unprotected swap function allows sandwich attacks","pathname":"/belong/57898-sc-high-unprotected-swap-function-allows-sandwich-attacks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"af2d109df48b7206192b1ee25d114ecad64dd9eb","title":"57888 sc high referral tier upgrades freeze legacy royalties","pathname":"/belong/57888-sc-high-referral-tier-upgrades-freeze-legacy-royalties","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3ab6f8be4b0b3c23cd2fc3769197a7d551947a19","title":"57885 sc high dynamic share drift in royaltiesreceiverv2","pathname":"/belong/57885-sc-high-dynamic-share-drift-in-royaltiesreceiverv2","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"99b112f691a6bfbe49964dd3096edc69db70331d","title":"57594 sc medium signature collision from abi encodepacked adjacent strings enables unauthorized nft actions mint uri abuse ","pathname":"/belong/57594-sc-medium-signature-collision-from-abi-encodepacked-adjacent-strings-enables-unauthorized-nft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"eeb0d31982f750d37e32f2d96a5c67da1c88907d","title":"57635 sc critical erc4626 share transfers desynchronize time lock ledger blocking standard withdrawals for recipients","pathname":"/belong/57635-sc-critical-erc4626-share-transfers-desynchronize-time-lock-ledger-blocking-standard-withdrawa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"1bef98d5b2fabfc9dd90ba9ac208edef8688e7b8","title":"57454 sc low referral percentages schedule stuck on first configuration","pathname":"/belong/57454-sc-low-referral-percentages-schedule-stuck-on-first-configuration","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"4b6c7af997004ff94348c75cb363e284f8f87467","title":"57374 sc low staking tier misclassification","pathname":"/belong/57374-sc-low-staking-tier-misclassification","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"476dcd1ff92f7906dfeb449308cd51824d769778","title":"57290 sc high mev sandwich attack vulnerability no user controlled slippage protection in token swaps","pathname":"/belong/57290-sc-high-mev-sandwich-attack-vulnerability-no-user-controlled-slippage-protection-in-token-swap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"ed3c454f30845c31839e5c71dca1c10b0606545f","title":"57327 sc medium title front running leads to denial of service and unauthorized referral farming in creation functions ","pathname":"/belong/57327-sc-medium-title-front-running-leads-to-denial-of-service-and-unauthorized-referral-farming-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"33fc4dc06276fc6269607fbd2cf718c6b9db5cbb","title":"57432 sc insight royaltiesreceiverv2 fails to distribute full balance when royalties percentages do not sum to 10000","pathname":"/belong/57432-sc-insight-royaltiesreceiverv2-fails-to-distribute-full-balance-when-royalties-percentages-do","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"790f98fd574ef4ed4c9ccace9cd95e11fd736f0d","title":"57310 sc medium unaccounted processing fees in long payment path","pathname":"/belong/57310-sc-medium-unaccounted-processing-fees-in-long-payment-path","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"2f0bc3991bcccfcaac6ca67fc505ab914e924919","title":"57298 sc critical state sync omission in staking transfers forces transferred slong holders into penalized emergency exits","pathname":"/belong/57298-sc-critical-state-sync-omission-in-staking-transfers-forces-transferred-slong-holders-into-pen","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"255e9a018382ad3e47b1afbf7d68ac347d25b394","title":"57296 sc high retroactive referral tier underpayment in royaltiesreceiverv2 due to dynamic shares applied to historical funds","pathname":"/belong/57296-sc-high-retroactive-referral-tier-underpayment-in-royaltiesreceiverv2-due-to-dynamic-shares-ap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"3df862d9e164f9bfaaf4ab686d01339e015c0ee1","title":"57285 sc medium incomplete signature in factory produce enables full accesstoken hijacking and direct fund theft","pathname":"/belong/57285-sc-medium-incomplete-signature-in-factory-produce-enables-full-accesstoken-hijacking-and-direc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"b99118e6739aff80aead9060a14e1fcc3bb2c415","title":"57060 sc medium unconditional subsidy withdrawal in paytovenue leads to dos when venue s long pool is depleted","pathname":"/belong/57060-sc-medium-unconditional-subsidy-withdrawal-in-paytovenue-leads-to-dos-when-venue-s-long-pool-i","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"29cef9f5beed35065d2fb630ebf887dc0560fb4f","title":"57423 sc medium unbounded gas consumption in emergency redemption enables low cost dos against staking vault users","pathname":"/belong/57423-sc-medium-unbounded-gas-consumption-in-emergency-redemption-enables-low-cost-dos-against-staki","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"f7ca388805094dd0de28d15c6f8548846284ced4","title":"57039 sc critical processing fee logic flaw in paytovenue causes permanent loss of platform revenue","pathname":"/belong/57039-sc-critical-processing-fee-logic-flaw-in-paytovenue-causes-permanent-loss-of-platform-revenue","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Belong"}]},{"id":"513a336b44bd366268492c553f47dcdd0c2f4273","title":"Alchemix V3","pathname":"/alchemix-v3","siteSpaceId":"sitesp_stpzW"},{"id":"e2286d0016a83bd65297341d5612e0934e7e87e7","title":"alchemix-v3-audit-competition%20(no%20readme)","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e93fd86dfc7806333d56a70278e49c228a341ab2","title":"58427 sc medium stargateethpoolstrategy allocate and deallocate inconsistent dust handling causes eth to be permanently locked in strategy contract","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/58427-sc-medium-stargateethpoolstrategy-allocate-and-deallocate-inconsistent-dust-handling-causes-et","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"82c458f2cc3d391f2d7d32ecbc022efd1294b44d","title":"58607 sc low incorrect access control in admin ownership transfer allows only current admin to accept ownership instead of pending admin","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/58607-sc-low-incorrect-access-control-in-admin-ownership-transfer-allows-only-current-admin-to-accep","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"cc95a9286f46d103c063d2d4d6f2f3eb2917e9f5","title":"57644 sc low unenforced cap logic in alchemistallocator allows not controlled allocations","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/57644-sc-low-unenforced-cap-logic-in-alchemistallocator-allows-not-controlled-allocations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"d6b83906837d1ccd074ff85e21dc768910305c59","title":"58742 sc high liquidators will not earn fees in some cases","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/58742-sc-high-liquidators-will-not-earn-fees-in-some-cases","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"98f32c7dab9c613c0fafd6b0f90caa3b243ea306","title":"57378 sc high impossible to withdraw yield from strategies","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/57378-sc-high-impossible-to-withdraw-yield-from-strategies","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"94be3248b310ad2cb36e7e02285fbb13b8e68d40","title":"58329 sc low incorrect balance measurement in morphoyearnogweth deallocate leads to temporary freezing of funds via spurious loss events","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/58329-sc-low-incorrect-balance-measurement-in-morphoyearnogweth-deallocate-leads-to-temporary-freezi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"1eb894c212e131da14946411ee48aa1f2e2dff4a","title":"58007 sc low pendingadmin cannot call acceptadminownership to accept admin role","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/58007-sc-low-pendingadmin-cannot-call-acceptadminownership-to-accept-admin-role","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"51e1209f550fafdef14b67baedc55489e0536ea7","title":"58395 sc high repayment fee exit leaves mytsharesdeposited inflated hiding protocol insolvency","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/58395-sc-high-repayment-fee-exit-leaves-mytsharesdeposited-inflated-hiding-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"08758eb0f0145af7b0703b9ea43954a848e0481a","title":"58763 sc high accounting is broken when redeem is bypassed due to transmuter balance","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/58763-sc-high-accounting-is-broken-when-redeem-is-bypassed-due-to-transmuter-balance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"25c13495af276535aee3a2e0e401348a0d222152","title":"57138 sc critical protocol subsidizes repayment fees during liquidation","pathname":"/alchemix-v3/alchemix-v3-audit-competition-20-no-20readme/57138-sc-critical-protocol-subsidizes-repayment-fees-during-liquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"},{"label":"alchemix-v3-audit-competition%20(no%20readme)"}]},{"id":"99bcb0d24ed7c54c9ea7a249711b6ccb90f4f488","title":"56347 sc insight burn contains redundant calculations","pathname":"/alchemix-v3/56347-sc-insight-burn-contains-redundant-calculations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9b8df932b399b4295b0ab82483c8cd3242253b2d","title":"56561 sc insight fee amount is recomputed multiple times when the initial value has already been cached","pathname":"/alchemix-v3/56561-sc-insight-fee-amount-is-recomputed-multiple-times-when-the-initial-value-has-already-been-cac","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2cbff2661008bf3bf8830a91acfd022f87adf5b6","title":"58768 sc high mytsharesdeposited is not updated during liquidations breaking core accounting ","pathname":"/alchemix-v3/58768-sc-high-mytsharesdeposited-is-not-updated-during-liquidations-breaking-core-accounting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fcb5d59df44d91047c6364d2a7e0634618bd03d4","title":"58751 sc medium setminimumcollateralization allows for increasing the current minimumcollateralization instantly exposing users to risk of liquidation","pathname":"/alchemix-v3/58751-sc-medium-setminimumcollateralization-allows-for-increasing-the-current-minimumcollateralizati","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c5014c289d6dc43a004eaabb278fd19c8cdfc33f","title":"57662 sc critical portion of users alasset amount that staked in transmuter can be lost forever when amount cumulativeearmarked ","pathname":"/alchemix-v3/57662-sc-critical-portion-of-users-alasset-amount-that-staked-in-transmuter-can-be-lost-forever-when","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"32efa48954b7c782799100f822e94567302956ee","title":"57057 sc low wrong order of balance checks in morphoyearnogwethstrategy","pathname":"/alchemix-v3/57057-sc-low-wrong-order-of-balance-checks-in-morphoyearnogwethstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a4ec90da1bb4ac4c21955a46637251cfacbab303","title":"58093 sc medium morpho reward in morphoyearnogweth will be lost or stuck","pathname":"/alchemix-v3/58093-sc-medium-morpho-reward-in-morphoyearnogweth-will-be-lost-or-stuck","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1907209ed50fe58943c104f12e9b153d88e86461","title":"58759 sc high yield stuck in adapter contracts forever","pathname":"/alchemix-v3/58759-sc-high-yield-stuck-in-adapter-contracts-forever","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7dc6f4912a4cd640b07e3303014b5198095caaec","title":"56435 sc critical alchemistv3 repayment only liquidation pays liquidator from pool fee leak theft of unclaimed yield","pathname":"/alchemix-v3/56435-sc-critical-alchemistv3-repayment-only-liquidation-pays-liquidator-from-pool-fee-leak-theft-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7de128db12bcc2106272b43afc2ffc13fd87171c","title":"57923 sc insight redundant synthetic transfers in claimredemption when amountnottransmuted is zero","pathname":"/alchemix-v3/57923-sc-insight-redundant-synthetic-transfers-in-claimredemption-when-amountnottransmuted-is-zero","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a44fcd57e33bed8dac31c053eafc3c8c005efe95","title":"58616 sc medium liquidation can revert due to 0 amount fee withdraw ","pathname":"/alchemix-v3/58616-sc-medium-liquidation-can-revert-due-to-0-amount-fee-withdraw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"99791662c68dcd4437d6bda56f47db329ab786c8","title":"56359 sc high permanent deposit freeze after forcerepay misaccounts freed shares","pathname":"/alchemix-v3/56359-sc-high-permanent-deposit-freeze-after-forcerepay-misaccounts-freed-shares","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"356dcb58a99d1f72a86cf5314de13328c77c7aed","title":"56552 sc high liquidation fee misrouting in alchemistv3 doliquidation leads to theft of unclaimed yield liquidator fee stranded ","pathname":"/alchemix-v3/56552-sc-high-liquidation-fee-misrouting-in-alchemistv3-doliquidation-leads-to-theft-of-unclaimed-yi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"83232da30f4ba0c02cfa988fa2677b6b9b31e4b1","title":"56368 sc insight alchemisttokenvault deposit should use safetransferfrom instead of transferfrom alchemisttokenvault withdraw should use safetransfer instead of transfer ","pathname":"/alchemix-v3/56368-sc-insight-alchemisttokenvault-deposit-should-use-safetransferfrom-instead-of-transferfrom-alc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"62a694da66b4f7d785316522962527fe51a0ddbc","title":"57473 sc low inverted comparison operator allows operators admin level allocation privileges","pathname":"/alchemix-v3/57473-sc-low-inverted-comparison-operator-allows-operators-admin-level-allocation-privileges","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a93cade991cbc7f3fb5cccda4d866a5def6196f8","title":"58749 sc low incorrect balance snapshot","pathname":"/alchemix-v3/58749-sc-low-incorrect-balance-snapshot","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"985e4a534b19a1c8f659bf20f0a273738edd638f","title":"56560 sc high liquidation base fee transfer is gated by a condition that s usually false","pathname":"/alchemix-v3/56560-sc-high-liquidation-base-fee-transfer-is-gated-by-a-condition-that-s-usually-false","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5474e94eb433c414a0a5c87daf7c30f8f383f6a8","title":"58291 sc medium unlike setters collateralization functions alchemistv3 initialize doesnt enforce collateralization invariants allowing to break them ","pathname":"/alchemix-v3/58291-sc-medium-unlike-setters-collateralization-functions-alchemistv3-initialize-doesnt-enforce-col","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ee9d31e22f6f6989ce4e2e26ba69f09d8ac5031c","title":"58190 sc low operator has no allocation restrictions in alchemistallocator https github com alchemix finance v3 poc blob a192ab313c81ba3ab621d9ca1ee000110fbdd1e9 src alchemistallocator sol ","pathname":"/alchemix-v3/58190-sc-low-operator-has-no-allocation-restrictions-in-alchemistallocator-https-github-com-alchemix","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b766b175e4d9148e886f9678f2ebbbe33e91ebc6","title":"58150 sc high missing slippage protection in tokeautousdstrategy allocate leads to direct theft of user funds via mev sandwich attacks","pathname":"/alchemix-v3/58150-sc-high-missing-slippage-protection-in-tokeautousdstrategy-allocate-leads-to-direct-theft-of-u","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7b0dac097182d9c6fc168b533e272177492e3cdf","title":"57665 sc low incorrect balance measurement in deallocate function of morphoyearnogwethstrategy ","pathname":"/alchemix-v3/57665-sc-low-incorrect-balance-measurement-in-deallocate-function-of-morphoyearnogwethstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5006d143305bdeb93def3d10c60f3503a33cb4be","title":"58089 sc low arithmetic underflow revert in deallocate ","pathname":"/alchemix-v3/58089-sc-low-arithmetic-underflow-revert-in-deallocate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b658b78962e8716e08d1ba0a5aa584dbb4282358","title":"58722 sc medium tokenauto strategy allocation uses maxdeposit which may allocate less than requested leaving any excess funds permanently locked","pathname":"/alchemix-v3/58722-sc-medium-tokenauto-strategy-allocation-uses-maxdeposit-which-may-allocate-less-than-requested","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"037210cfe81a973e38fd5d0818f1a50f93e479d5","title":"56692 sc medium zeroxswapverifier verification will always revert due to wrong hardcoded execution function selectors","pathname":"/alchemix-v3/56692-sc-medium-zeroxswapverifier-verification-will-always-revert-due-to-wrong-hardcoded-execution-f","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"282e6a50ac778dd6e9e40b6e580a9fd7d54806f4","title":"57102 sc high tvl overstatement from mytsharesdeposited desync enables softened liquidations no haircut over redemptions transmuter ","pathname":"/alchemix-v3/57102-sc-high-tvl-overstatement-from-mytsharesdeposited-desync-enables-softened-liquidations-no-hair","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7328db0ba9ace248816899ca27de3b3394c06780","title":"58762 sc insight manipulation of feeinunderlying through front running during liquidations on ethereum","pathname":"/alchemix-v3/58762-sc-insight-manipulation-of-feeinunderlying-through-front-running-during-liquidations-on-ethere","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7230759348d92322e40e49a7cb9c229656b684df","title":"56633 sc low access control flaw in acceptadminownership prevents secure admin transfer leading to potential permanent loss of curator control","pathname":"/alchemix-v3/56633-sc-low-access-control-flaw-in-acceptadminownership-prevents-secure-admin-transfer-leading-to-p","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"991db60b06aa4039bf793e4f4eb8c451caa74822","title":"58036 sc critical incorrect fee deduction may drain collateral pool when account balance is insufficient","pathname":"/alchemix-v3/58036-sc-critical-incorrect-fee-deduction-may-drain-collateral-pool-when-account-balance-is-insuffic","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7a7e6ed82847be10d8c1131d12c84f0f3ac35c8e","title":"57129 sc high missing mytsharesdeposited decrement in liquidation functions causes permanent tvl inflation","pathname":"/alchemix-v3/57129-sc-high-missing-mytsharesdeposited-decrement-in-liquidation-functions-causes-permanent-tvl-inf","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1290e886246a504e7a452b19dd07fe734130aa8d","title":"58778 sc low zeroxswapverifier implements incorrect data extraction logic enabling verification bypass in future strategy integrations","pathname":"/alchemix-v3/58778-sc-low-zeroxswapverifier-implements-incorrect-data-extraction-logic-enabling-verification-bypa","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a7d8eb21b7abbbee42dac98213d31fa07db07aae","title":"57090 sc low ownership transfer failure in alchemistcurator https github com alchemix finance v3 poc blob immunefi audit src alchemistcurator sol prevents future dao governance or recovery","pathname":"/alchemix-v3/57090-sc-low-ownership-transfer-failure-in-alchemistcurator-https-github-com-alchemix-finance-v3-poc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"bc2c7d14bdaa62c25a6bae2658719b532eda4104","title":"57360 sc critical unreconciled repayment fee transfer enables myt overpayment and tvl inflation","pathname":"/alchemix-v3/57360-sc-critical-unreconciled-repayment-fee-transfer-enables-myt-overpayment-and-tvl-inflation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1e50c737eef7058f079260687f614d6b654339a8","title":"57697 sc low missing recipient from checks in zeroxswapverifier enable direct asset theft","pathname":"/alchemix-v3/57697-sc-low-missing-recipient-from-checks-in-zeroxswapverifier-enable-direct-asset-theft","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9cf4db301935b745ccec8a770c4b4a7d43aaa912","title":"56451 sc low alchemistallocator allocate and deallocate do not enforce cap checks as intended","pathname":"/alchemix-v3/56451-sc-low-alchemistallocator-allocate-and-deallocate-do-not-enforce-cap-checks-as-intended","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"23a8c709ff1888a2fbaa1f45f5dfd9ca7d92fa3f","title":"56956 sc high lack of slippage control in tokemak strategies can make myt suffer losses on allocation","pathname":"/alchemix-v3/56956-sc-high-lack-of-slippage-control-in-tokemak-strategies-can-make-myt-suffer-losses-on-allocatio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ca56b3b970f4f4d8f00a49f3569f9eaa5769a183","title":"56947 sc low flawed access control in alchemistcurator admin transfer pattern leads to risk of permanent loss of control","pathname":"/alchemix-v3/56947-sc-low-flawed-access-control-in-alchemistcurator-admin-transfer-pattern-leads-to-risk-of-perma","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0df667b91fff3f348f2cba4d46574c96c80f1686","title":"56522 sc medium tokeautousdstrategy allocate and tokeautoethstrategy allocate may suffer a denial of service dos due to token amount mismatch in autopilotrouter depositmax ","pathname":"/alchemix-v3/56522-sc-medium-tokeautousdstrategy-allocate-and-tokeautoethstrategy-allocate-may-suffer-a-denial-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7b7b25df69e115de8e4c76a4220c2665779e96e4","title":"58257 sc low in tokeautoeth deallocate can be dosed if the vault incuring losses","pathname":"/alchemix-v3/58257-sc-low-in-tokeautoeth-deallocate-can-be-dosed-if-the-vault-incuring-losses","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dfa8b75e0da4f446e6bb7d30efc54da2f4ef27e6","title":"57530 sc high stale tvl accounting in liquidations leads to protocol insolvency","pathname":"/alchemix-v3/57530-sc-high-stale-tvl-accounting-in-liquidations-leads-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ed668904ca68e2e8275063fa4f10a611211585e4","title":"56516 sc high allocate assets in killswitch mode can lead to assets stuck on contract","pathname":"/alchemix-v3/56516-sc-high-allocate-assets-in-killswitch-mode-can-lead-to-assets-stuck-on-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b34f72a1780026f2f20c32138bfdf2713d4e7de5","title":"58410 sc low tokemak strategy deallocation causes toke token lockup","pathname":"/alchemix-v3/58410-sc-low-tokemak-strategy-deallocation-causes-toke-token-lockup","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"eb596ba4185120e63ab0dc9396cb63faae9c623e","title":"58462 sc low incorrect post withdraw balance measurement causes false loss reporting and mis accounting in morphoyearnogwethstrategy deallocate ","pathname":"/alchemix-v3/58462-sc-low-incorrect-post-withdraw-balance-measurement-causes-false-loss-reporting-and-mis-account","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2d1ab6aa19305910a1bc85907518cb4d430bbd9c","title":"56583 sc low wrong 2 step transferadminownership logic and insufficient checks in alchemistcurator sol leads to permanent admin ownership loss ","pathname":"/alchemix-v3/56583-sc-low-wrong-2-step-transferadminownership-logic-and-insufficient-checks-in-alchemistcurator-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dc98ce5fe3635930e7afd0a94eac07d48258b1bc","title":"58345 sc low operators in alchemistallocator sol can allocate higher than dao defined limits","pathname":"/alchemix-v3/58345-sc-low-operators-in-alchemistallocator-sol-can-allocate-higher-than-dao-defined-limits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"24a7f5737a525269741dbf2bc8ec4a9f64a32285","title":"58110 sc low morphoyearnogwethstrategy will always report strategy loss","pathname":"/alchemix-v3/58110-sc-low-morphoyearnogwethstrategy-will-always-report-strategy-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"97bc145603ff256054127e443a62210efafc7ee9","title":"58424 sc low morphoyearnogweth strategy balance check order bug","pathname":"/alchemix-v3/58424-sc-low-morphoyearnogweth-strategy-balance-check-order-bug","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"20131012a9d0835fe72ec716b0d04ef730ccaf85","title":"57975 sc low broken admin rotation in acceptadminownership causes permanent governance lockout","pathname":"/alchemix-v3/57975-sc-low-broken-admin-rotation-in-acceptadminownership-causes-permanent-governance-lockout","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c98b060fc9ea5c6ca70756bc64ba8eb9548a5df5","title":"58163 sc critical total loss of user funds in claim redemption ","pathname":"/alchemix-v3/58163-sc-critical-total-loss-of-user-funds-in-claim-redemption","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b9ebe46a2922fc82caf4a249486912ec476e274d","title":"57604 sc high nominal accounting mismatch in moonwell strategies leads to permanent locking of all generated yield","pathname":"/alchemix-v3/57604-sc-high-nominal-accounting-mismatch-in-moonwell-strategies-leads-to-permanent-locking-of-all-g","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7b32364ec7c56a9a8722c118f755fa4ce5cd6997","title":"58469 sc low pending admin cannot accept ownership","pathname":"/alchemix-v3/58469-sc-low-pending-admin-cannot-accept-ownership","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"419ad4f228619fcbf17a24154c02c205ef7f1636","title":"57565 sc medium the amount of dust will be permanently locked in stargateethpoolstrategy ","pathname":"/alchemix-v3/57565-sc-medium-the-amount-of-dust-will-be-permanently-locked-in-stargateethpoolstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8144de2dd85e313e801ea3ab113789561d9ed7fe","title":"57860 sc high incorrect mytsharesdeposited accounting inflates collateral and underreports bad debt enabling insolvency","pathname":"/alchemix-v3/57860-sc-high-incorrect-mytsharesdeposited-accounting-inflates-collateral-and-underreports-bad-debt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ea97175f1a7ac7c0695c51b7da499fbc48317046","title":"58534 sc high zero slippage protection in toke strategies allocation","pathname":"/alchemix-v3/58534-sc-high-zero-slippage-protection-in-toke-strategies-allocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"db14cc8568e57c57411d939c512295dac551c453","title":"58473 sc low wrong redeemed amount calculation in morphoyearnogweth strategy","pathname":"/alchemix-v3/58473-sc-low-wrong-redeemed-amount-calculation-in-morphoyearnogweth-strategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4651f1d1ddb9f52b9d63efcbf63e07d8061eac62","title":"58724 sc critical partial redemption burns full position accounting desynchronization and potential underpayment in transmuter claimredemption ","pathname":"/alchemix-v3/58724-sc-critical-partial-redemption-burns-full-position-accounting-desynchronization-and-potential","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a9d843ad1231f9ed9d354f396c8800fbbf799737","title":"58615 sc high mytsharesdeposited didn t get updated after forcerepay doliquidation called","pathname":"/alchemix-v3/58615-sc-high-mytsharesdeposited-didn-t-get-updated-after-forcerepay-doliquidation-called","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ec7e3dffef40f8aae8e1dc01abee13aff8c83163","title":"58098 sc high there is a problem from ledger tvl sesync inliquidations cause a under liquidation and systemic insolvency risk","pathname":"/alchemix-v3/58098-sc-high-there-is-a-problem-from-ledger-tvl-sesync-inliquidations-cause-a-under-liquidation-and","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"29ad942ea93b1a119b97cdd928bb9c9bc77ba07b","title":"56494 sc insight gas optimization redundant external calls in strategy deallocate functions","pathname":"/alchemix-v3/56494-sc-insight-gas-optimization-redundant-external-calls-in-strategy-deallocate-functions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"edf8c762be5952c5237061ab33e991761636312a","title":"57017 sc medium aavev3arbwethstrategy cant claim aave incentive","pathname":"/alchemix-v3/57017-sc-medium-aavev3arbwethstrategy-cant-claim-aave-incentive","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a2582b077b6c1f680e32e1ea1844e391c955faa5","title":"58077 sc low reward tokens are incorrectly claimed to strategy contract during deallocation leads to permanent token loss","pathname":"/alchemix-v3/58077-sc-low-reward-tokens-are-incorrectly-claimed-to-strategy-contract-during-deallocation-leads-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"934109efa5a8986a97831a7001f750b1f3eb3c52","title":"57096 sc medium the implementation of tokeautoeth allocate is incorrect","pathname":"/alchemix-v3/57096-sc-medium-the-implementation-of-tokeautoeth-allocate-is-incorrect","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"92df9af868e1b4d769a1ffbdedb9ef659add6cee","title":"57957 sc medium loss of eulereth vault yields for euler weth strategy","pathname":"/alchemix-v3/57957-sc-medium-loss-of-eulereth-vault-yields-for-euler-weth-strategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"857260c8017534dd5de74e834a0e07f6a4daa4f5","title":"58338 sc critical alchemistv3 repayment fee can exceed remaining collateral leading to position insolvency","pathname":"/alchemix-v3/58338-sc-critical-alchemistv3-repayment-fee-can-exceed-remaining-collateral-leading-to-position-inso","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"849e240afe2016057d9404aff5b75c478c1fdff8","title":"58780 sc high weth yield will be locked on aaveweth pool on arbitrum ","pathname":"/alchemix-v3/58780-sc-high-weth-yield-will-be-locked-on-aaveweth-pool-on-arbitrum","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e3cbb432a452a438e79ede69650c94af903891ce","title":"58735 sc insight calculateliquidation reverts due to divide by zero if targetcollateralization fixed point scalar ","pathname":"/alchemix-v3/58735-sc-insight-calculateliquidation-reverts-due-to-divide-by-zero-if-targetcollateralization-fixed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"26a1ae2aaec8674226cc01fe7a4f9158ddefa7e7","title":"58526 sc high missing accounting update in liquidation functions leads to permanent dos on deposits","pathname":"/alchemix-v3/58526-sc-high-missing-accounting-update-in-liquidation-functions-leads-to-permanent-dos-on-deposits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c5500dfb5bc6ec3a1e7c47eb6b4f6c71362bf2ea","title":"58683 sc critical there is an issue in earmarked debt eeduction in the repay can causes a permanent fund freeze","pathname":"/alchemix-v3/58683-sc-critical-there-is-an-issue-in-earmarked-debt-eeduction-in-the-repay-can-causes-a-permanent","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"74dd53a06d1816beecf518c73d5c9eee77d80129","title":"58471 sc high accounting error in forcerepay doliquidation overstates tvl enabling under scaled redemptions and potential insolvency","pathname":"/alchemix-v3/58471-sc-high-accounting-error-in-forcerepay-doliquidation-overstates-tvl-enabling-under-scaled-rede","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ce16d91829ceafe5b451d30e50e2b70f4030b5b0","title":"58116 sc high tvl accounting mismatch leading to protocol insolvency","pathname":"/alchemix-v3/58116-sc-high-tvl-accounting-mismatch-leading-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d18da1e5a525342aa57a826a124595f837ebb575","title":"57506 sc high force repay don t update cumulativeearmarked variable","pathname":"/alchemix-v3/57506-sc-high-force-repay-don-t-update-cumulativeearmarked-variable","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dc360fd467ba9e2ebaad133dc589bcf79e7953a0","title":"58348 sc low zeroxswapverifier accepts malicious 0x calldata recipient not bound minout ignored transferfrom misused attacker can route strategy vault funds to self direct theft ","pathname":"/alchemix-v3/58348-sc-low-zeroxswapverifier-accepts-malicious-0x-calldata-recipient-not-bound-minout-ignored-tran","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5da5078c96c154b2f1c47e8f2b63ff75dec90b07","title":"56519 sc critical unchecked repayment fee transfer in liquidate pays liquidators from other users collateral","pathname":"/alchemix-v3/56519-sc-critical-unchecked-repayment-fee-transfer-in-liquidate-pays-liquidators-from-other-users-co","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dbb22c7175086ba8a33d649be2e6fb9f6f58ef06","title":"57977 sc high inconsistent rawlocked state of a user after subdebt leads to irrecoverable user collateral loss","pathname":"/alchemix-v3/57977-sc-high-inconsistent-rawlocked-state-of-a-user-after-subdebt-leads-to-irrecoverable-user-colla","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4ab86e60ed331bfdefb1b8b8ba5c204bc95a5724","title":"57590 sc critical double counted transmuter cover in redeem allows overstated redemptions and potential over withdraw over borrow","pathname":"/alchemix-v3/57590-sc-critical-double-counted-transmuter-cover-in-redeem-allows-overstated-redemptions-and-potent","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"75e83c5e7e7a5f01311af484aad1a6dc46f1bb29","title":"56706 sc medium stargateethpoolstrategy incomplete eth wrapping causes withdrawal dos","pathname":"/alchemix-v3/56706-sc-medium-stargateethpoolstrategy-incomplete-eth-wrapping-causes-withdrawal-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e5f89b51060976a47dfb2a496d09466b1ec54203","title":"58635 sc high cumulativeearmarked is not subtracted in forcerepay ","pathname":"/alchemix-v3/58635-sc-high-cumulativeearmarked-is-not-subtracted-in-forcerepay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"086a91217eae580f46c110c5536469a952cf09ee","title":"57067 sc low overstated per account locked collateral due to global clamp in subdebt","pathname":"/alchemix-v3/57067-sc-low-overstated-per-account-locked-collateral-due-to-global-clamp-in-subdebt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"79c97aec82d1148d3bf55ba70cb863d2a62714dc","title":"57345 sc high missing cumulativeearmarked decrement in forcerepay breaks earmarking invariant leading to unfair redemption burden distribution","pathname":"/alchemix-v3/57345-sc-high-missing-cumulativeearmarked-decrement-in-forcerepay-breaks-earmarking-invariant-leadin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ca4b734241d45f241e108f53b2ab462fa3af1722","title":"58198 sc low broken two step admin transfer pattern","pathname":"/alchemix-v3/58198-sc-low-broken-two-step-admin-transfer-pattern","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fe7352466c0c2a1811a72569385280f5c8922696","title":"58578 sc low zeroxswapverifier allows attackers to drain strategy tokens via crafted calldata","pathname":"/alchemix-v3/58578-sc-low-zeroxswapverifier-allows-attackers-to-drain-strategy-tokens-via-crafted-calldata","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0afe537909f6791911f583cbddeba247d01e1d8d","title":"57771 sc medium fee not collected in forcerepay when should","pathname":"/alchemix-v3/57771-sc-medium-fee-not-collected-in-forcerepay-when-should","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"85b3b44158c6cd75c4096ebf997cad534025325a","title":"57534 sc low small debt positions cannot be liquidated due to zero amount checks on token vaults","pathname":"/alchemix-v3/57534-sc-low-small-debt-positions-cannot-be-liquidated-due-to-zero-amount-checks-on-token-vaults","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"12a790d341a558beeb962e273967850e17e0b102","title":"56418 sc low two step owner transfer is broken and can lead to unforseen damages","pathname":"/alchemix-v3/56418-sc-low-two-step-owner-transfer-is-broken-and-can-lead-to-unforseen-damages","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"52851b522b51273179f6103c71819da6d8530611","title":"58087 sc medium moonwellusdcstrategy ignores redeemunderlying error codes temporary freezing of funds withdrawals revert ","pathname":"/alchemix-v3/58087-sc-medium-moonwellusdcstrategy-ignores-redeemunderlying-error-codes-temporary-freezing-of-fund","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4335cd1a5877e8d800034e65e111885f70996f75","title":"58004 sc high protocol insolvency from cumulativeearmarked during forcerepay ","pathname":"/alchemix-v3/58004-sc-high-protocol-insolvency-from-cumulativeearmarked-during-forcerepay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7100a97e92e915286758f7f9474d03b2758d90bb","title":"58236 sc high accounting mismatch forcerepay doliquidation fail to decrement mytsharesdeposited locking deposit capacity and overstating collateral","pathname":"/alchemix-v3/58236-sc-high-accounting-mismatch-forcerepay-doliquidation-fail-to-decrement-mytsharesdeposited-lock","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a474989caefa71eb0920ca2776e6fd3177fe6976","title":"58289 sc low missing addresses verification in zeroxswapverifier","pathname":"/alchemix-v3/58289-sc-low-missing-addresses-verification-in-zeroxswapverifier","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4004976a5780bc0e108fcb40a4dec0011bd5cbc4","title":"58739 sc insight decimals mismatch causes 1e12 under reporting in strategy returns letting allocations silently exceed per strategy and global caps","pathname":"/alchemix-v3/58739-sc-insight-decimals-mismatch-causes-1e12-under-reporting-in-strategy-returns-letting-allocatio","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6e8c9871e96ef7b12a88bdd3b8114ba1bb8bd6df","title":"57088 sc high unscaled collateral accounting in redeem lets users withdraw more than intended","pathname":"/alchemix-v3/57088-sc-high-unscaled-collateral-accounting-in-redeem-lets-users-withdraw-more-than-intended","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d721160323eff36fb5350633ffe83587ed71aa2d","title":"58324 sc high incorrect return value in deallocate function leads to permanent fund locking in mytstrategy implementations","pathname":"/alchemix-v3/58324-sc-high-incorrect-return-value-in-deallocate-function-leads-to-permanent-fund-locking-in-mytst","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"93c9cffca86b8555f03c7bb5d9db46e983f3ec52","title":"58051 sc low incorrect access control in acceptadminownership ","pathname":"/alchemix-v3/58051-sc-low-incorrect-access-control-in-acceptadminownership","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7e87f68b2133716a57a9db0a932db6f76580a9d5","title":"58394 sc high mev opportunity because no slippage protection in tokeautoethstrategy","pathname":"/alchemix-v3/58394-sc-high-mev-opportunity-because-no-slippage-protection-in-tokeautoethstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"af43208e53d7d550aaf0561da42a6ce33faac262","title":"56949 sc insight uncapped collateral transfer in redemption leads to accounting discrepancy enabling theft of user funds","pathname":"/alchemix-v3/56949-sc-insight-uncapped-collateral-transfer-in-redemption-leads-to-accounting-discrepancy-enabling","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7632754d2a0d72d21991dd70a2a87bc341641cf9","title":"57787 sc high asset can be transferred to strategies even when the killswitch enabled without posibility to use this funds for allocation","pathname":"/alchemix-v3/57787-sc-high-asset-can-be-transferred-to-strategies-even-when-the-killswitch-enabled-without-posibi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b42367143119d859598718021f413af6cd577e0a","title":"58519 sc high double counting of collateral due to mytsharesdeposited not being updated during liquidations","pathname":"/alchemix-v3/58519-sc-high-double-counting-of-collateral-due-to-mytsharesdeposited-not-being-updated-during-liqui","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3076b47fb719cda6cffe94ff5dbfd394b81d894f","title":"57079 sc low h 1 morphoyearnogweth strategy incorrect balance measurement order in deallocate causes dos on withdrawals with any loss","pathname":"/alchemix-v3/57079-sc-low-h-1-morphoyearnogweth-strategy-incorrect-balance-measurement-order-in-deallocate-causes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"55da52cc01134d7f64615a58ba04115b12f40672","title":"58702 sc high no slippage provided in auto strategy implementation will open room for mev attacks","pathname":"/alchemix-v3/58702-sc-high-no-slippage-provided-in-auto-strategy-implementation-will-open-room-for-mev-attacks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ec7ca976e2e4026cbba559e9aca1b02695728b55","title":"58347 sc high accounting drift due to missing mytsharesdeposited decrements during liquidation","pathname":"/alchemix-v3/58347-sc-high-accounting-drift-due-to-missing-mytsharesdeposited-decrements-during-liquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4fdedb6c6cbc3b41d8f5fea8a145eaabdd66b1f1","title":"58769 sc high forcerepay fails to decrement global cumulativeearmarked causing redemption accounting desynchronization and potential protocol wide redemption halt","pathname":"/alchemix-v3/58769-sc-high-forcerepay-fails-to-decrement-global-cumulativeearmarked-causing-redemption-accounting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"59399fd3dd0477c4684711cedda812c475042178","title":"58796 sc low incorrect balance snapshot in deallocate causes wethredeemed always 0","pathname":"/alchemix-v3/58796-sc-low-incorrect-balance-snapshot-in-deallocate-causes-wethredeemed-always-0","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e7091423ada5a805b243fcc924c133c73f3c0264","title":"58714 sc low pending admin cannot accept ownership in alchemistcurator sol ","pathname":"/alchemix-v3/58714-sc-low-pending-admin-cannot-accept-ownership-in-alchemistcurator-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d422ac77e9d3396eccf0080000131c1b238ef782","title":"58575 sc low operator limit bypass ","pathname":"/alchemix-v3/58575-sc-low-operator-limit-bypass","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5ff9f18e1d269a0e76c94392b3b91889bbe54cdb","title":"56324 sc low missing from owner check in transferfrom verifier direct theft of user funds","pathname":"/alchemix-v3/56324-sc-low-missing-from-owner-check-in-transferfrom-verifier-direct-theft-of-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ab8170a46f6a3f88a888454dfc6d99b40984b76e","title":"57680 sc high peapodsethstrategy unable to withdraw yield from price share increase","pathname":"/alchemix-v3/57680-sc-high-peapodsethstrategy-unable-to-withdraw-yield-from-price-share-increase","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"14e917f16ade86766c5a0e33f78101f54ebb1980","title":"57167 sc medium missing claim function in euler and morpho strategies leads to loss of yield rewards","pathname":"/alchemix-v3/57167-sc-medium-missing-claim-function-in-euler-and-morpho-strategies-leads-to-loss-of-yield-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7c4a49c444a9547f67f41ac54172ea86d1ef5d2d","title":"58002 sc low missing submitremovestrategy function ","pathname":"/alchemix-v3/58002-sc-low-missing-submitremovestrategy-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"792549b3ce2c0ef38f42949937ac6b8524a66e79","title":"56346 sc insight redundant calculation of feeamount in repay function","pathname":"/alchemix-v3/56346-sc-insight-redundant-calculation-of-feeamount-in-repay-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9b0f2fd77db56275a9fbacf0bf7b74953ef2569f","title":"57749 sc low zeroxswapverifier misses critical sender recipient minout validations allowing malicious 0x calldata to drain funds critical direct theft ","pathname":"/alchemix-v3/57749-sc-low-zeroxswapverifier-misses-critical-sender-recipient-minout-validations-allowing-maliciou","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6acb07202098012a098f52e6d38588fb46f17e52","title":"56776 sc high tvl manipulation via missing mytsharesdeposited decrement in liquidations","pathname":"/alchemix-v3/56776-sc-high-tvl-manipulation-via-missing-mytsharesdeposited-decrement-in-liquidations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"795734a57903400f2a780b08f6e4bf38b9a96e7e","title":"57023 sc high global earmark not reduced in forcerepay lets redeem over burn global debt cross account leakage protocol insolvency ","pathname":"/alchemix-v3/57023-sc-high-global-earmark-not-reduced-in-forcerepay-lets-redeem-over-burn-global-debt-cross-accou","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a3f40760e9e943ad7b2a77487a2c7c6074d25247","title":"57950 sc high unit mismatch in adddebt collateralization check allows unbacked debt issuance and protocol insolvency","pathname":"/alchemix-v3/57950-sc-high-unit-mismatch-in-adddebt-collateralization-check-allows-unbacked-debt-issuance-and-pro","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"008522a083688f1c425d920e3d2388aceba5dbf7","title":"58270 sc critical incorrect handling of debt cover in redeem can affect early liquidation and incorrectly sync accounts","pathname":"/alchemix-v3/58270-sc-critical-incorrect-handling-of-debt-cover-in-redeem-can-affect-early-liquidation-and-incorr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4210189b56d398a769b435f39dfe70ceabde4039","title":"58398 sc high no slippage protection on large allocation deposits","pathname":"/alchemix-v3/58398-sc-high-no-slippage-protection-on-large-allocation-deposits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b20c17cd2ed050414deecdbaf10b67d07b0d0243","title":"58413 sc critical attacker user can prevent earmark from updating the earnmarkweight causing the transmuter action to repay det gradually to fail for all users","pathname":"/alchemix-v3/58413-sc-critical-attacker-user-can-prevent-earmark-from-updating-the-earnmarkweight-causing-the-tra","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ff10dc2c4d81bdd0c1873a052a0f8ad088a97257","title":"57288 sc high flawed rounding logic in tokeautoeth deallocate function causes permanent freezing of funds","pathname":"/alchemix-v3/57288-sc-high-flawed-rounding-logic-in-tokeautoeth-deallocate-function-causes-permanent-freezing-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fefc65e2be42c932195598ab2f5bc755fd1b3bea","title":"57704 sc high missing global state update in forcerepay leads to permanent freezing of unclaimed yield","pathname":"/alchemix-v3/57704-sc-high-missing-global-state-update-in-forcerepay-leads-to-permanent-freezing-of-unclaimed-yie","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"66ec715d105b0ab5631a9d9c00520168857929df","title":"56555 sc critical user can avoid bad debt ratio scaling when claiming redeem leading to protocol insolvency","pathname":"/alchemix-v3/56555-sc-critical-user-can-avoid-bad-debt-ratio-scaling-when-claiming-redeem-leading-to-protocol-ins","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a6c09686e77452a68edf50371b7a047732d6fe4f","title":"58442 sc high liquidation breaks core accounting invariant missing cumulativeearmarked update in forcerepay causes permanent state drift","pathname":"/alchemix-v3/58442-sc-high-liquidation-breaks-core-accounting-invariant-missing-cumulativeearmarked-update-in-for","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fe200aba421dc2bf6416eca0c38f6f1d5db67882","title":"56800 sc medium minimum collateral change lets liquidators seize compliant accounts","pathname":"/alchemix-v3/56800-sc-medium-minimum-collateral-change-lets-liquidators-seize-compliant-accounts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8fe323092e9f503f8ebe56501eb8a523a384dcf0","title":"58515 sc medium a liquidated position can end the liquidation process still below collateralizationlowerbound allowing for double liquidation of positions ","pathname":"/alchemix-v3/58515-sc-medium-a-liquidated-position-can-end-the-liquidation-process-still-below-collateralizationl","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8a0030e50f05c85206a5d9701b8127b725fb62b0","title":"56571 sc high inflated claim payouts from double counted myt after liquidation","pathname":"/alchemix-v3/56571-sc-high-inflated-claim-payouts-from-double-counted-myt-after-liquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d3586ab470db59b94e643796406ab919f3b33b65","title":"58757 sc critical forgotten cover in earmark causes systematic over earmarking and temporary freezing of user collateral","pathname":"/alchemix-v3/58757-sc-critical-forgotten-cover-in-earmark-causes-systematic-over-earmarking-and-temporary-freezin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b448de3c315e285ec8212e38bcfea84a22f6ae25","title":"58143 sc low unused cap enforcement variables adjusted ","pathname":"/alchemix-v3/58143-sc-low-unused-cap-enforcement-variables-adjusted","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"63b7206102f0693df04e3b417cd808036f38713b","title":"57866 sc low failure to verify the recipient s address can result in the theft of purchased tokens","pathname":"/alchemix-v3/57866-sc-low-failure-to-verify-the-recipient-s-address-can-result-in-the-theft-of-purchased-tokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"581413014f7ccbc2782ac7d3b798177b56daa63c","title":"58781 sc high totallocked accounting mismatch leading to token balance deficit in alchemistv3","pathname":"/alchemix-v3/58781-sc-high-totallocked-accounting-mismatch-leading-to-token-balance-deficit-in-alchemistv3","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4935fc13555757723da933e47da4ee4600cf7012","title":"58352 sc low assets become permanently stuck in tokeautoeth strategy due to strict balance check","pathname":"/alchemix-v3/58352-sc-low-assets-become-permanently-stuck-in-tokeautoeth-strategy-due-to-strict-balance-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7e791125efb867e6352224030191eb4b29386f3b","title":"58547 sc high mismatched accounting and transfer for capped fees ","pathname":"/alchemix-v3/58547-sc-high-mismatched-accounting-and-transfer-for-capped-fees","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7f0216faa8c1a6851f3924b29ca1139ed0efa394","title":"57272 sc medium silent failures on moonwell deposit are not catched by strategy","pathname":"/alchemix-v3/57272-sc-medium-silent-failures-on-moonwell-deposit-are-not-catched-by-strategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7e8b725c7f304027a974b2e24dac4a9eaec6b3e3","title":"58423 sc low pending admin cannot accept ownership transfer in alchemistcurator ","pathname":"/alchemix-v3/58423-sc-low-pending-admin-cannot-accept-ownership-transfer-in-alchemistcurator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"25e1c2166dd5dbf5e33aab8cc819664e362f8056","title":"57632 sc high inflated tvl in mytsharesdeposited hides protocol insolvency","pathname":"/alchemix-v3/57632-sc-high-inflated-tvl-in-mytsharesdeposited-hides-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2091c0cc6ea537f2d153b95dea60368d567534db","title":"56911 sc low incorrectly implemented two step admin ownership transfer mechanism prevents new admin to accept role","pathname":"/alchemix-v3/56911-sc-low-incorrectly-implemented-two-step-admin-ownership-transfer-mechanism-prevents-new-admin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5215e01cbc8c7e18d9b4e3a4fdd710ab4f2197ec","title":"57730 sc high liquidation does not decrease mytsharesdeposited","pathname":"/alchemix-v3/57730-sc-high-liquidation-does-not-decrease-mytsharesdeposited","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b7b0905af5ce334831f37fd3974062e76cd4323b","title":"56678 sc high missing internal myt shares accounting in liquidation functions causes deposit blocking and protocol insolvency risk through inflated tvl calculations","pathname":"/alchemix-v3/56678-sc-high-missing-internal-myt-shares-accounting-in-liquidation-functions-causes-deposit-blockin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a0ebe4f3205229353091dc6c61fbb114b2891244","title":"57448 sc insight unnecessary computation of lockedcollateral in adddebt and subdebt ","pathname":"/alchemix-v3/57448-sc-insight-unnecessary-computation-of-lockedcollateral-in-adddebt-and-subdebt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"23cf12c18e606d2a0bc18bf92a58940850b15c96","title":"57973 sc critical repay doesnt set lasttransmutertokenbalance leading to the same balance covering earmark twice ","pathname":"/alchemix-v3/57973-sc-critical-repay-doesnt-set-lasttransmutertokenbalance-leading-to-the-same-balance-covering-e","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c70afc34785609c1d5033d19ad8709e990ff2460","title":"57514 sc low calldata verification bypass in 0x preflight logic enables arbitrary from recipient manipulation and direct fund theft","pathname":"/alchemix-v3/57514-sc-low-calldata-verification-bypass-in-0x-preflight-logic-enables-arbitrary-from-recipient-man","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"70752a02545ca258be259fa66b27b982f4ea9304","title":"57637 sc low acceptadminownership doesn t allow expected user approval","pathname":"/alchemix-v3/57637-sc-low-acceptadminownership-doesn-t-allow-expected-user-approval","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4e2606f01d15cf88025857a46377fdc9425b7f08","title":"56719 sc high the function forcerepay reduces debt before clamp creating unbacked loan forgiveness and protocol insolvency","pathname":"/alchemix-v3/56719-sc-high-the-function-forcerepay-reduces-debt-before-clamp-creating-unbacked-loan-forgiveness-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5c78fa78b29936d329b0a0b081f4161c8bb7b5a1","title":"58419 sc low alchemistcurator two step ownership transfer mis implemented","pathname":"/alchemix-v3/58419-sc-low-alchemistcurator-two-step-ownership-transfer-mis-implemented","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"57809956a912e0e3ce99b84bab13fe2c2bc59391","title":"58120 sc low incorrect balance measurement in morphoyearnogweth strategy leads to incorrect deallocation loss registering","pathname":"/alchemix-v3/58120-sc-low-incorrect-balance-measurement-in-morphoyearnogweth-strategy-leads-to-incorrect-dealloca","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1df067d0c546b946e3dad8620b527c3b1e44ba6c","title":"56791 sc high missing mytsharesdeposited decrements in token transfers","pathname":"/alchemix-v3/56791-sc-high-missing-mytsharesdeposited-decrements-in-token-transfers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"784b5689cbd30d8328a6fa38fbd7f23d0f11a086","title":"56689 sc low reward token toke is stuck in myt","pathname":"/alchemix-v3/56689-sc-low-reward-token-toke-is-stuck-in-myt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a655a0039cee2fd75d8547979f3370d9811801ce","title":"56839 sc medium moonwell strategies fail to check compound error codes causing silent allocation failures","pathname":"/alchemix-v3/56839-sc-medium-moonwell-strategies-fail-to-check-compound-error-codes-causing-silent-allocation-fai","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5619dc15de76718a651da0516144d8a689114379","title":"58542 sc low low logic error in morphoyearnogwethstrategy deallocate wethredeemed always zero all deallocations emit strategydeallocationloss ","pathname":"/alchemix-v3/58542-sc-low-low-logic-error-in-morphoyearnogwethstrategy-deallocate-wethredeemed-always-zero-all-de","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4984832186e8f84d867c1df7ac3785c84fab84a3","title":"56348 sc insight incorrect apy calculation in mytstrategy approxapy causes underreported yields","pathname":"/alchemix-v3/56348-sc-insight-incorrect-apy-calculation-in-mytstrategy-approxapy-causes-underreported-yields","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"70561a88147b78557af697bd44747fba6c663896","title":"58667 sc insight permit2 is approved the wrong asset which leads to loss of funds or failing swaps","pathname":"/alchemix-v3/58667-sc-insight-permit2-is-approved-the-wrong-asset-which-leads-to-loss-of-funds-or-failing-swaps","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"056cdfd36e14c14785e589ad4098e7d105c77628","title":"56350 sc insight implementation contract alchemistv3 not locked disableinitializers missing ","pathname":"/alchemix-v3/56350-sc-insight-implementation-contract-alchemistv3-not-locked-disableinitializers-missing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"da9197cbcce369543b4c43ec79902324c439f7fb","title":"57622 sc low lack of claimed reward handling in myt strategies will keep all external token rewards stuck forever","pathname":"/alchemix-v3/57622-sc-low-lack-of-claimed-reward-handling-in-myt-strategies-will-keep-all-external-token-rewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"bb9c7cd3f6ff6e4fbdf84e87f57e65e702b0af7d","title":"56730 sc insight transmuter tokenuri is not eip 721 compliance","pathname":"/alchemix-v3/56730-sc-insight-transmuter-tokenuri-is-not-eip-721-compliance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5206634555740110349bc2e588d6821f88ffafdf","title":"58273 sc medium incorrect hardcoded 0x settler function selectors","pathname":"/alchemix-v3/58273-sc-medium-incorrect-hardcoded-0x-settler-function-selectors","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d0f336ea12f88233b3ac7a36ed7375328552b7e4","title":"57849 sc high funds gets stuck even when killswitch is enabled","pathname":"/alchemix-v3/57849-sc-high-funds-gets-stuck-even-when-killswitch-is-enabled","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9a9cd3fab954d7f1e04621ce5a82b57f8d623b20","title":"57169 sc low zeroxswapverifier policy bypass via rfq filldata prefix token amount spoof ","pathname":"/alchemix-v3/57169-sc-low-zeroxswapverifier-policy-bypass-via-rfq-filldata-prefix-token-amount-spoof","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4c4f056d0897eff8ae93d7308dc78e45938c0081","title":"57093 sc critical potential locked funds due to partial redeem shortfall and miss calculation lead to user loss their myt token forever ","pathname":"/alchemix-v3/57093-sc-critical-potential-locked-funds-due-to-partial-redeem-shortfall-and-miss-calculation-lead-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"de8096018464219ba3f6378d7eb380c51e4c2d0f","title":"58703 sc insight cached interest rate calculation in peapodseth strategy leads to inaccurate apr apy estimates","pathname":"/alchemix-v3/58703-sc-insight-cached-interest-rate-calculation-in-peapodseth-strategy-leads-to-inaccurate-apr-apy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a90a9d5c27491dfe6a51015ddbde82b0cc93962d","title":"57621 sc low improper reward claiming in tokeautoethstrategy sends toke tokens to wrong address causing permanent freezing of unclaimed yield","pathname":"/alchemix-v3/57621-sc-low-improper-reward-claiming-in-tokeautoethstrategy-sends-toke-tokens-to-wrong-address-caus","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"71b191a03cc319ca381e7c3779d747cdbf963917","title":"58207 sc high alchemistv3 mytsharesdeposited not reduced when repaid collateral sent to transmuter","pathname":"/alchemix-v3/58207-sc-high-alchemistv3-mytsharesdeposited-not-reduced-when-repaid-collateral-sent-to-transmuter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"360de921e59a95396dc2f797db6dc6f2320c6c56","title":"57511 sc medium protocol could atleast be taking a part of the protocol fee","pathname":"/alchemix-v3/57511-sc-medium-protocol-could-atleast-be-taking-a-part-of-the-protocol-fee","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ace4699205c25049120206b2fd59c6e14234592f","title":"57582 sc critical calling earmark one block apart skips the block s earmark value","pathname":"/alchemix-v3/57582-sc-critical-calling-earmark-one-block-apart-skips-the-block-s-earmark-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"361f5abea6be5431fadb9c844a88e8c64385ca76","title":"58076 sc insight fix unit mismatch in doliquidation collateralinunderlying collateralindebt","pathname":"/alchemix-v3/58076-sc-insight-fix-unit-mismatch-in-doliquidation-collateralinunderlying-collateralindebt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"bd6f87256150fdebeeb1cbdd260d6698386eab4e","title":"58209 sc medium lack of slippage protection in transmuter claimredemption and alchemistv3 withdraw leads to user yield losses","pathname":"/alchemix-v3/58209-sc-medium-lack-of-slippage-protection-in-transmuter-claimredemption-and-alchemistv3-withdraw-l","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b0e8dca8ea8a864614e99854d9654df05b632bd1","title":"56751 sc medium stargateethpoolstrategy deallocate function redeem less weth than expected","pathname":"/alchemix-v3/56751-sc-medium-stargateethpoolstrategy-deallocate-function-redeem-less-weth-than-expected","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6585aba71501d01e66af4a89904b9ee2359d7a45","title":"58146 sc insight whitelist can be disabled repeatedly contradicting intended program behavior ","pathname":"/alchemix-v3/58146-sc-insight-whitelist-can-be-disabled-repeatedly-contradicting-intended-program-behavior","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"bc9957557c70e155a62be9393b567aa774082d7f","title":"58452 sc high mytstrategy allocation underflow in deallocate when allocation profits exceed old allocation","pathname":"/alchemix-v3/58452-sc-high-mytstrategy-allocation-underflow-in-deallocate-when-allocation-profits-exceed-old-allo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4d4d16fdf61a94f7896a84c7945d1aaa2fa461d1","title":"56859 sc medium lp underlying mismatch in stargateethpoolstrategy deallocate causes withdrawal dos","pathname":"/alchemix-v3/56859-sc-medium-lp-underlying-mismatch-in-stargateethpoolstrategy-deallocate-causes-withdrawal-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6ea0a66b05d43fe940ce1adc3d9f5d8cafe740de","title":"56809 sc high vulnerable redemption survival ratio in sync allows theft of altokens","pathname":"/alchemix-v3/56809-sc-high-vulnerable-redemption-survival-ratio-in-sync-allows-theft-of-altokens","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"db6c0f1065cab0df2a8d64f55cac3f6550c656b9","title":"57328 sc low once tokelockduration is the opposite of zero in tokeautoethstrategy accumulated rewards in acctoke can be stuck","pathname":"/alchemix-v3/57328-sc-low-once-tokelockduration-is-the-opposite-of-zero-in-tokeautoethstrategy-accumulated-reward","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fabd0bd3c5c9acdaba86209e05577514ba2ca27c","title":"56732 sc critical incorrect boundary condition in querygraph leads to systematic under earmarking and transmuter redemption fund loss","pathname":"/alchemix-v3/56732-sc-critical-incorrect-boundary-condition-in-querygraph-leads-to-systematic-under-earmarking-an","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"da81c83eb003677905173179d4d464c7bffb9bb5","title":"56961 sc low incorrect balance snapshot check in deallocate logs false deallocation loss in morphoyearnogweth strategy","pathname":"/alchemix-v3/56961-sc-low-incorrect-balance-snapshot-check-in-deallocate-logs-false-deallocation-loss-in-morphoye","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8c72e33bf66a19b08abddc7c5eb18389a0442d35","title":"57791 sc insight receipt token misconfiguration in aave strategies","pathname":"/alchemix-v3/57791-sc-insight-receipt-token-misconfiguration-in-aave-strategies","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"bd4924ee9423ed63ae3f662e150727a5da2038b0","title":"57692 sc high alchemistv3 liquidation fee loss vulnerability","pathname":"/alchemix-v3/57692-sc-high-alchemistv3-liquidation-fee-loss-vulnerability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a6be70b2e00375121fbfa4b353420d2a231e3ebf","title":"56462 sc insight unused mapping causes unnecessary storage gas consumption","pathname":"/alchemix-v3/56462-sc-insight-unused-mapping-causes-unnecessary-storage-gas-consumption","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"71315d707ee89fdfa5dcecb02da7c660bea08f21","title":"57122 sc critical mismatch between capped fee and returned fee in resolverepaymentfee ","pathname":"/alchemix-v3/57122-sc-critical-mismatch-between-capped-fee-and-returned-fee-in-resolverepaymentfee","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0fadb93c4a29e63a6a5ed8e7c15bdfa11e6ce13e","title":"58474 sc high liquidator will bypass liquidation fees affecting protocol revenue","pathname":"/alchemix-v3/58474-sc-high-liquidator-will-bypass-liquidation-fees-affecting-protocol-revenue","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d7739e0695ff6e2beffecc8ee27077af4f815877","title":"56965 sc critical alchemistv3 handling of added transmuter coverage includes an error that enables an attacker to cause protocol insolvency","pathname":"/alchemix-v3/56965-sc-critical-alchemistv3-handling-of-added-transmuter-coverage-includes-an-error-that-enables-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e960d04fbe1937fdd000801f13ae417c86a1c899","title":"58274 sc high liquidation fee logic in doliquidation strands liquidator rewards when balance is exhausted freezing funds","pathname":"/alchemix-v3/58274-sc-high-liquidation-fee-logic-in-doliquidation-strands-liquidator-rewards-when-balance-is-exha","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"f1ab5dcdd9e0aa93056471cf66523170cdf349aa","title":"58734 sc low broken strategy realassets calculation","pathname":"/alchemix-v3/58734-sc-low-broken-strategy-realassets-calculation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"478d90cc9020862763ac6ca87a53d30dea23ee17","title":"58522 sc high earmark consumes excess cover inflating cumulativeearmarked","pathname":"/alchemix-v3/58522-sc-high-earmark-consumes-excess-cover-inflating-cumulativeearmarked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fe830577fe9434b15384532d75197e49d7ea4f02","title":"57770 sc medium admin can bypass permissionedcalls protection using multicall","pathname":"/alchemix-v3/57770-sc-medium-admin-can-bypass-permissionedcalls-protection-using-multicall","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e6d132b4b75752d08e70d23863870db4462629a9","title":"57982 sc low permanently stuck rewards in the vault","pathname":"/alchemix-v3/57982-sc-low-permanently-stuck-rewards-in-the-vault","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d2a9d7f221fcfda05afbec48548eb81e449cdbf5","title":"58358 sc high mismatched collateralweight and rawlocked causes incorrect collateral removal in sync","pathname":"/alchemix-v3/58358-sc-high-mismatched-collateralweight-and-rawlocked-causes-incorrect-collateral-removal-in-sync","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"11bb36ab49f18f72ed9480dcb9dff202dad5cc36","title":"56737 sc medium the return value of mint is not checked","pathname":"/alchemix-v3/56737-sc-medium-the-return-value-of-mint-is-not-checked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"57bc74cd21d02983cc762561fe8fd83aa89bba85","title":"58131 sc critical rounding errors in debt to collateral conversions allow attackers to drain protocol assets","pathname":"/alchemix-v3/58131-sc-critical-rounding-errors-in-debt-to-collateral-conversions-allow-attackers-to-drain-protoco","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4cf5ab36f7ce9cb7ed21aaa70351ec5bc9fab183","title":"58400 sc low alchemist allocator does not actually enforce caps","pathname":"/alchemix-v3/58400-sc-low-alchemist-allocator-does-not-actually-enforce-caps","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"70eecc2a5fac4e876ef96729f0385ccaa7f75ea6","title":"58792 sc high the cumulativeearmark does not decrease in forcerepay which lead to transfer more collateral from users even when all earmark debt cleared which breaks the alchemix v3 core logic","pathname":"/alchemix-v3/58792-sc-high-the-cumulativeearmark-does-not-decrease-in-forcerepay-which-lead-to-transfer-more-coll","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6ef974876eb7abf514db7323a5e24d3b32d457d3","title":"57212 sc high totallocked is not properly decremented in the redeem function causing system insolvency ","pathname":"/alchemix-v3/57212-sc-high-totallocked-is-not-properly-decremented-in-the-redeem-function-causing-system-insolven","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"021609fe032cc35a14d12b56578737cf19d816c6","title":"57793 sc high cumulativeearmarked variable is not updated in forcerepay function breaking core internal logic and leading to user funds being stuck ","pathname":"/alchemix-v3/57793-sc-high-cumulativeearmarked-variable-is-not-updated-in-forcerepay-function-breaking-core-inter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2888a122e6fcd9c3ac442f711cc0f2720c359b0c","title":"57114 sc low inherited setadmin function allows to bypass two step admin ownership transfer mechanism","pathname":"/alchemix-v3/57114-sc-low-inherited-setadmin-function-allows-to-bypass-two-step-admin-ownership-transfer-mechanis","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"761d53fe207004f617f11f460e1292c12410093d","title":"58450 sc high missing transmuter balance update after redemption blocks future earmarking and underfunds redemptions","pathname":"/alchemix-v3/58450-sc-high-missing-transmuter-balance-update-after-redemption-blocks-future-earmarking-and-underf","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"66d4ab6c493567a206f9f23ee0bd121b6bcaa14e","title":"56757 sc high incorrect leftover collateral check blocks liquidator fee payment leading broken incentives delayed deleveraging","pathname":"/alchemix-v3/56757-sc-high-incorrect-leftover-collateral-check-blocks-liquidator-fee-payment-leading-broken-incen","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"edbd4d632edad8dc03137d3f397627b1f6e25577","title":"58719 sc insight insight gas optimization save gas by using the cached fee amount in burn and repay in alchemist sol ","pathname":"/alchemix-v3/58719-sc-insight-insight-gas-optimization-save-gas-by-using-the-cached-fee-amount-in-burn-and-repay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b3ed627a07cfcd11123a90787329e916798a614b","title":"58356 sc insight the alchemist tokeauto strategies doesn t use recommended best practice by tokeauto ","pathname":"/alchemix-v3/58356-sc-insight-the-alchemist-tokeauto-strategies-doesn-t-use-recommended-best-practice-by-tokeauto","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"24c814c869cea87419042c000f0b2db16d33a7ea","title":"56491 sc critical user collateral loss triggered by setminimumcollateralization update","pathname":"/alchemix-v3/56491-sc-critical-user-collateral-loss-triggered-by-setminimumcollateralization-update","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e282d7ea5292997b8ec1a24fa57c4f98c4b96bdb","title":"58628 sc high attackers can avoid redemption losses by temporarily burning and re borrowing the debt","pathname":"/alchemix-v3/58628-sc-high-attackers-can-avoid-redemption-losses-by-temporarily-burning-and-re-borrowing-the-debt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5dc167b0eec33ab70b034ee719f2f5d321ee4d1d","title":"58626 sc critical repayment fee overpayment in liquidation repay only path","pathname":"/alchemix-v3/58626-sc-critical-repayment-fee-overpayment-in-liquidation-repay-only-path","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3a48a8487cf1b47d3245cffd32683fc7d96714f7","title":"56336 sc insight stargateethpoolstrategy deallocate would emit false deallocating loss event in some cases","pathname":"/alchemix-v3/56336-sc-insight-stargateethpoolstrategy-deallocate-would-emit-false-deallocating-loss-event-in-some","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"07a1a531949623f79cb1da1ff70573536c3290ae","title":"58133 sc low toke rewards permanently locked in strategy adapter","pathname":"/alchemix-v3/58133-sc-low-toke-rewards-permanently-locked-in-strategy-adapter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d10d5b4a07029835fc4943f4f7a46a47f25a1c2d","title":"58129 sc high missing mytsharesdeposited update in forcerepay causes accounting inconsistency which can dos deposit and liquidation","pathname":"/alchemix-v3/58129-sc-high-missing-mytsharesdeposited-update-in-forcerepay-causes-accounting-inconsistency-which","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"94eb24763f0ec53d52c59226e6b07521345eaa78","title":"56328 sc insight redundant require statement in eulerusdcstrategy deallocate function leads to unnecessary gas consumption","pathname":"/alchemix-v3/56328-sc-insight-redundant-require-statement-in-eulerusdcstrategy-deallocate-function-leads-to-unnec","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"998a39ac3ecfd562ee0565952ab0a512b379b617","title":"57633 sc high block gated earmark call in redeem nullifies prefunded transmuter cover on the first redemption of each block leading to collateral overpayment and potential protocol insolvency","pathname":"/alchemix-v3/57633-sc-high-block-gated-earmark-call-in-redeem-nullifies-prefunded-transmuter-cover-on-the-first-r","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a6fc48e86f20275fc9c2318b76bfe858dd0ef495","title":"57585 sc high alchemistv3 does not properly update cdp collateralbalance when redemptions exceed totallocked which enables some cdps to over withdraw collateral on account of others","pathname":"/alchemix-v3/57585-sc-high-alchemistv3-does-not-properly-update-cdp-collateralbalance-when-redemptions-exceed-tot","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e351d5199e5477c6f74caf0ad59f6a1b876e64ec","title":"57460 sc high protocol fails to subtract fee from total locked when burning and repaying","pathname":"/alchemix-v3/57460-sc-high-protocol-fails-to-subtract-fee-from-total-locked-when-burning-and-repaying","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1bfd4005eab261b6ed45119d080244de1a4297d4","title":"58555 sc low alchemistcurator 2 step ownership transfer is implemented incorrectly","pathname":"/alchemix-v3/58555-sc-low-alchemistcurator-2-step-ownership-transfer-is-implemented-incorrectly","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4ee7f8487ee89f7f1c51b50ca8bf7d84ff031b3d","title":"58086 sc high mis accounting of myt outflows inflates tvl distorts collateralization and can dos deposits liquidations","pathname":"/alchemix-v3/58086-sc-high-mis-accounting-of-myt-outflows-inflates-tvl-distorts-collateralization-and-can-dos-dep","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0315d331335aed1a60f0c86b1131bf4a18cb4c43","title":"58590 sc low incorrect balance read ordering in morphoyearnogwethstrategy deallocate","pathname":"/alchemix-v3/58590-sc-low-incorrect-balance-read-ordering-in-morphoyearnogwethstrategy-deallocate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9067d1c84139cdf1a328df103f877b012dc9aaca","title":"57189 sc high alchemistcurator contract not implement setforcedeallocatepenalty","pathname":"/alchemix-v3/57189-sc-high-alchemistcurator-contract-not-implement-setforcedeallocatepenalty","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"cbe86c9fd503fb72112b31c8698e8cd3917d4fc5","title":"56395 sc high accounting desync in liquidation outflows leads to artificial deposit cap exhaustion and denial of service on recapitalization","pathname":"/alchemix-v3/56395-sc-high-accounting-desync-in-liquidation-outflows-leads-to-artificial-deposit-cap-exhaustion-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"22336eebe8f7e4920f32d40da586cefb0dcc312e","title":"58203 sc medium moonwell strategies silent failure due to unchecked mint and redeemunderlying return values","pathname":"/alchemix-v3/58203-sc-medium-moonwell-strategies-silent-failure-due-to-unchecked-mint-and-redeemunderlying-return","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"f7641be8009684691d35196da09eb172fa7d8f1d","title":"56846 sc medium liquidation will return because of insufficient funds","pathname":"/alchemix-v3/56846-sc-medium-liquidation-will-return-because-of-insufficient-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7a9aa732832edb3e4138ee528a1a09a4473f617a","title":"57335 sc medium zero min out erc 4626 deposits cause under mint and permanent allocation loss","pathname":"/alchemix-v3/57335-sc-medium-zero-min-out-erc-4626-deposits-cause-under-mint-and-permanent-allocation-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3e551abb8685efd6cad8d5985817036ad1179f78","title":"58105 sc medium zeroxswapverifier decodes execute payload with wrong abi bytes vs bytes temporary freezing of funds","pathname":"/alchemix-v3/58105-sc-medium-zeroxswapverifier-decodes-execute-payload-with-wrong-abi-bytes-vs-bytes-temporary-fr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1258d8486b0abac7ac49edcaae5e5f57366c2044","title":"58491 sc high mytsharesdeposited not reduced on liquidation leading to deposit cap bypass and potential insovency","pathname":"/alchemix-v3/58491-sc-high-mytsharesdeposited-not-reduced-on-liquidation-leading-to-deposit-cap-bypass-and-potent","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6f820a36818e53e5374dbeeb656de76504110df5","title":"58210 sc low incorrect balance measurement in deallocation disables loss detection in morphoyearnogweth ","pathname":"/alchemix-v3/58210-sc-low-incorrect-balance-measurement-in-deallocation-disables-loss-detection-in-morphoyearnogw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"db8e34e605d16dc84454811bfc7c065bc72b5437","title":"57546 sc low moonwellusdcstrategy fail to claim its reward from moonwell comptroller","pathname":"/alchemix-v3/57546-sc-low-moonwellusdcstrategy-fail-to-claim-its-reward-from-moonwell-comptroller","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"f4e8da6917fdd9312eac802b5b6cdc69b38f5c7a","title":"57751 sc high there is a problem related to forced liquidation branch and this creates issue thatk cna drains protocol backing ","pathname":"/alchemix-v3/57751-sc-high-there-is-a-problem-related-to-forced-liquidation-branch-and-this-creates-issue-thatk-c","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"cca670f8c527dcd11fd26062dc6ab4bd0cbff694","title":"57941 sc high incorrect handling of deallocate return val causes any interest gains in a strategy to become unclaimable and permanently locked","pathname":"/alchemix-v3/57941-sc-high-incorrect-handling-of-deallocate-return-val-causes-any-interest-gains-in-a-strategy-to","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"69569ab84a7bb2103e0d9c2ba76b30b670cc282a","title":"56806 sc insight broken withdrawal logic in aavev3arbwethstrategy permanently locks user funds","pathname":"/alchemix-v3/56806-sc-insight-broken-withdrawal-logic-in-aavev3arbwethstrategy-permanently-locks-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6603e9a955b72b1985b84252d3c3dc8c75dcd41e","title":"58572 sc high liquidation of account collateral doesn t subtract mytsharesdeposited which creates bad debt in the system and causes insolvency ","pathname":"/alchemix-v3/58572-sc-high-liquidation-of-account-collateral-doesn-t-subtract-mytsharesdeposited-which-creates-ba","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0962369e9098fd17952a00ac671aaf3f6e6d3d4c","title":"58078 sc low access control bypass in zeroxswapverifier missing owner validation","pathname":"/alchemix-v3/58078-sc-low-access-control-bypass-in-zeroxswapverifier-missing-owner-validation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e0878de4c3c1715ebe6e4899a08099cf1c70b97a","title":"58403 sc medium missing checks for transaction return values in moonwell strategies","pathname":"/alchemix-v3/58403-sc-medium-missing-checks-for-transaction-return-values-in-moonwell-strategies","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9a5fdfe25b798f4f9d28b4c906208c8afa62f2fb","title":"57439 sc low incorrect baddebtratio rounding in transmuter claimredemption may cause funds to become permanently stuck","pathname":"/alchemix-v3/57439-sc-low-incorrect-baddebtratio-rounding-in-transmuter-claimredemption-may-cause-funds-to-become","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c758fdd389074905f422d0ba3de10fd2b1a83e7e","title":"57123 sc low incorrect 2 step ownership in alchemistcurator","pathname":"/alchemix-v3/57123-sc-low-incorrect-2-step-ownership-in-alchemistcurator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"534f2cedcd594ba84f38ff9f0c93a9ce4d385bbb","title":"56365 sc critical liquidation fee overdraft drains pooled collateral","pathname":"/alchemix-v3/56365-sc-critical-liquidation-fee-overdraft-drains-pooled-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a849380587acfb2695eb3ec5d35d1d930bf59cc8","title":"58488 sc low tokeautousdstrategy claims rewards to itself automatically when deallocate is called but since reward token is tokemak the rewards remain permanently locked","pathname":"/alchemix-v3/58488-sc-low-tokeautousdstrategy-claims-rewards-to-itself-automatically-when-deallocate-is-called-bu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"76bc7c32ffb81ed668577147f389467e321849fa","title":"58019 sc high flawed killswitch implementation in mytstrategy leads to permanent loss of funds","pathname":"/alchemix-v3/58019-sc-high-flawed-killswitch-implementation-in-mytstrategy-leads-to-permanent-loss-of-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9e700ade15e0f5a0e669ef5bd7050b16b27f2aa2","title":"56975 sc high liquidation fee trapping in alchemistv3","pathname":"/alchemix-v3/56975-sc-high-liquidation-fee-trapping-in-alchemistv3","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b40d53265d08db0e8ce08db9fc55f905762f560e","title":"58507 sc critical repayment fee after forcerepay could result in socialized loss during global undercollateralization","pathname":"/alchemix-v3/58507-sc-critical-repayment-fee-after-forcerepay-could-result-in-socialized-loss-during-global-under","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e53943f3da6ed87e3f49313543df134310a9b06a","title":"56882 sc low missing cap enforcement in alchemistallocator allows operators to bypass risk controls","pathname":"/alchemix-v3/56882-sc-low-missing-cap-enforcement-in-alchemistallocator-allows-operators-to-bypass-risk-controls","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"166d78b88d4ca9c73267422b371294094401662c","title":"57788 sc medium missing claimrewards implementation in aavev3arbusdcstrategy leads to permanent loss of aave incentive rewards","pathname":"/alchemix-v3/57788-sc-medium-missing-claimrewards-implementation-in-aavev3arbusdcstrategy-leads-to-permanent-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2f01a4470e60e142aa0b786d26e3b7710f62d65b","title":"56909 sc low incorrect balance snapshot in strategy deallocation causes false loss events and masks real shortfalls","pathname":"/alchemix-v3/56909-sc-low-incorrect-balance-snapshot-in-strategy-deallocation-causes-false-loss-events-and-masks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"22f59b6441aea16289ef51f2fb3417432f047e8a","title":"57563 sc insight reward tokens being permanently frozen in tokeautousdstrategy","pathname":"/alchemix-v3/57563-sc-insight-reward-tokens-being-permanently-frozen-in-tokeautousdstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4a82dc22f34cf21d9162c72d1bd97ef3a86e48c6","title":"57036 sc high unconditional debt reduction before protocol fee check in force repayment ","pathname":"/alchemix-v3/57036-sc-high-unconditional-debt-reduction-before-protocol-fee-check-in-force-repayment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"50c732d1fac88356da34a68765878528b34971e5","title":"58115 sc medium incorrect weth deposit amount prevents deposited eth through receive function to cover strategy loss ","pathname":"/alchemix-v3/58115-sc-medium-incorrect-weth-deposit-amount-prevents-deposited-eth-through-receive-function-to-cov","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"130d5bd1bf85b17e1d9624912e1d716b65029521","title":"56873 sc medium incorrect eth wrapping condition in moonwellwethstrategy deallocate leads to temporary freezing of funds","pathname":"/alchemix-v3/56873-sc-medium-incorrect-eth-wrapping-condition-in-moonwellwethstrategy-deallocate-leads-to-tempora","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"30c7961df7f3158c6e1e3940d2784bec321ea1a0","title":"56602 sc low function takes incorrect modifier","pathname":"/alchemix-v3/56602-sc-low-function-takes-incorrect-modifier","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9c180d79fad772021300f5f7aac30b8b121a6e7d","title":"56628 sc high liquidate does not update mytsharesdeposited that is reduced by fees","pathname":"/alchemix-v3/56628-sc-high-liquidate-does-not-update-mytsharesdeposited-that-is-reduced-by-fees","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5958c2981e48b3cbd7d92f77eec5c8537bd4aeb8","title":"58552 sc insight single transfer instead of multiple saves gas","pathname":"/alchemix-v3/58552-sc-insight-single-transfer-instead-of-multiple-saves-gas","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6f1d48ffef13e03b0285b6723e385f03a4630616","title":"57954 sc high lackf of tracking of excess cover in earmark function leads to permanent loss of cover value and stuck user positions ","pathname":"/alchemix-v3/57954-sc-high-lackf-of-tracking-of-excess-cover-in-earmark-function-leads-to-permanent-loss-of-cover","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"202624dae7d7b6b3fdaed33fd86d3157214f3e9f","title":"58313 sc medium incorrect allocation accounting and dust handling in stargateethpoolstrategy causes systematic loss cap mis accounting and deallocation reverts","pathname":"/alchemix-v3/58313-sc-medium-incorrect-allocation-accounting-and-dust-handling-in-stargateethpoolstrategy-causes","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"10a414b62c6a34383ce2ca473454fba1897b6dfc","title":"57476 sc high forcerepay fails to decrement global cumulativeearmarked","pathname":"/alchemix-v3/57476-sc-high-forcerepay-fails-to-decrement-global-cumulativeearmarked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c9990782afc001264548b74cac98fb60d4448b84","title":"57907 sc high incorrect forced repayment accounting allows debt forgiveness and frees locked collateral systemic loss ","pathname":"/alchemix-v3/57907-sc-high-incorrect-forced-repayment-accounting-allows-debt-forgiveness-and-frees-locked-collate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"24602afc6e876c20dcd8387077575cbc5a7ba5dc","title":"58787 sc medium when allocation amount is greater than the maxdeposit of tokeautoeth sol the remaining is stuck in tokeautoeth sol","pathname":"/alchemix-v3/58787-sc-medium-when-allocation-amount-is-greater-than-the-maxdeposit-of-tokeautoeth-sol-the-remaini","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"03ffb5fc5d63281f123a4f14aa9fda53126ea019","title":"58006 sc medium moonwellusdcstrategy allocate ignores compound style mint failures and corrupts vault accounting","pathname":"/alchemix-v3/58006-sc-medium-moonwellusdcstrategy-allocate-ignores-compound-style-mint-failures-and-corrupts-vaul","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ce3c6ba8ca52624fad5004b468d06118509fea6c","title":"58709 sc low naive 0x fill parsing lets attackers spoof token and amount checks","pathname":"/alchemix-v3/58709-sc-low-naive-0x-fill-parsing-lets-attackers-spoof-token-and-amount-checks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"502f40bdb20738c3f7747f8a9dbd19576c7e7234","title":"58387 sc high liquidator fee in the doliquidation function withheld when collateral is exhausted leading to seized fee trapped in protocol","pathname":"/alchemix-v3/58387-sc-high-liquidator-fee-in-the-doliquidation-function-withheld-when-collateral-is-exhausted-lea","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8a4a703d5f30548b8608fabb84fe74a34f3d0e71","title":"56817 sc high forcerepay doesn t decrement mytsharesdeposited inflating tvl","pathname":"/alchemix-v3/56817-sc-high-forcerepay-doesn-t-decrement-mytsharesdeposited-inflating-tvl","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5a508bc2446afe043f144ff4e071ee7781e0d6bd","title":"58185 sc medium incorrect survivalaccumulator accounting logic after earmarkweight reaches 128 breaks core system invariants and can lead to protocol insolvency","pathname":"/alchemix-v3/58185-sc-medium-incorrect-survivalaccumulator-accounting-logic-after-earmarkweight-reaches-128-break","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ac3d1e3ffd2dc5fdff078c8f3ae71dff40bafcac","title":"56878 sc medium the permissionedcalls check can be bypass","pathname":"/alchemix-v3/56878-sc-medium-the-permissionedcalls-check-can-be-bypass","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"93fd5c0fafdcb60ba390f5deb11ac1199076ecad","title":"58472 sc high liquidator base fee seized but not paid due to post deduction balance check","pathname":"/alchemix-v3/58472-sc-high-liquidator-base-fee-seized-but-not-paid-due-to-post-deduction-balance-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2baad488c568dc68e8b818386bbbc1fe22b47099","title":"58408 sc low underflow account rawlocked on subdebt due to rounding inconsistency","pathname":"/alchemix-v3/58408-sc-low-underflow-account-rawlocked-on-subdebt-due-to-rounding-inconsistency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dc24d8ecee3d5773982fa9a73027026c1b088bcc","title":"58354 sc high forcerepay does not decrement mytsharesdeposited causing a temporal blocking of new deposits","pathname":"/alchemix-v3/58354-sc-high-forcerepay-does-not-decrement-mytsharesdeposited-causing-a-temporal-blocking-of-new-de","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"86d3d9eea2ccffce2233052f133dcd36d0053ff7","title":"58320 sc critical incorrect fee return value in resolverepaymentfee enables fund theft under extreme conditions","pathname":"/alchemix-v3/58320-sc-critical-incorrect-fee-return-value-in-resolverepaymentfee-enables-fund-theft-under-extreme","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3ae7aee7a6fe4f1eb8591d209b1fa6e281bc2f57","title":"57316 sc low allocation cap enforcement missing deadcode","pathname":"/alchemix-v3/57316-sc-low-allocation-cap-enforcement-missing-deadcode","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"690a9be9f019b2da2eae3814dc2d7269e30bd8f0","title":"58743 sc low zeroxswapverifier recipient validation bypass","pathname":"/alchemix-v3/58743-sc-low-zeroxswapverifier-recipient-validation-bypass","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4ff621dc7043ac11b93a899b0469b9889238ce9b","title":"58323 sc critical the alchemist burn function experiences precision loss resulting in the avoidance of protocol fees","pathname":"/alchemix-v3/58323-sc-critical-the-alchemist-burn-function-experiences-precision-loss-resulting-in-the-avoidance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a212dc2e33165153998308e187a06b76f514d25a","title":"58666 sc low recipient owner not enforced in action verifiers enables theft of swap proceeds","pathname":"/alchemix-v3/58666-sc-low-recipient-owner-not-enforced-in-action-verifiers-enables-theft-of-swap-proceeds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d28f0dbb7a6bd1a9a528672406581d0eafce1b84","title":"56572 sc insight aave v3 lending pool is immutable in aave strategies","pathname":"/alchemix-v3/56572-sc-insight-aave-v3-lending-pool-is-immutable-in-aave-strategies","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"092dd705d37d67b909ca7327858f485b6b1c20a6","title":"56625 sc low broken ownership transfer logic in alchemistcurator permanently freezes contract operations","pathname":"/alchemix-v3/56625-sc-low-broken-ownership-transfer-logic-in-alchemistcurator-permanently-freezes-contract-operat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3ee4bfb65954e4436a73d56be7441b2d8ba2d094","title":"57995 sc high missing slippage protection in tokeautousdstrategy allocation function leads to permanent value loss","pathname":"/alchemix-v3/57995-sc-high-missing-slippage-protection-in-tokeautousdstrategy-allocation-function-leads-to-perman","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7af352d0b09b6dddc165a7d16daf2234caddcb74","title":"57746 sc low broken contract ownership logic at alchemistv3 sol","pathname":"/alchemix-v3/57746-sc-low-broken-contract-ownership-logic-at-alchemistv3-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dafa7f634d3430c6e6b7a78dce4167f8ca8fff9c","title":"57760 sc high mytstrategy allocate deallocate doesnt account for profit and loss ","pathname":"/alchemix-v3/57760-sc-high-mytstrategy-allocate-deallocate-doesnt-account-for-profit-and-loss","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b8b96be9446e8d2f4fc3dafd05d071c79c62435c","title":"57227 sc medium unchecked return codes in moonwellusdcstrategy leading to stuck funds ","pathname":"/alchemix-v3/57227-sc-medium-unchecked-return-codes-in-moonwellusdcstrategy-leading-to-stuck-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a5a4848ab48b14e932cd5f7458e380acd03061be","title":"57964 sc low improper validation of absolutecap and relativecap enables excessive fund allocation in alchemistallocator ","pathname":"/alchemix-v3/57964-sc-low-improper-validation-of-absolutecap-and-relativecap-enables-excessive-fund-allocation-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"678d32439479b5eafe239257c2f3d47adf0d4d11","title":"58730 sc medium an attacker can prevent any tokenauto strategy allocation by making a donation to the vault of as little as 1 wei of underlying token","pathname":"/alchemix-v3/58730-sc-medium-an-attacker-can-prevent-any-tokenauto-strategy-allocation-by-making-a-donation-to-th","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9045adf18953a0b6a0a848a6c0621fa4b88d86d8","title":"57752 sc medium aave and euler incentives for myt will be lost due to unimplemented claimrewards function","pathname":"/alchemix-v3/57752-sc-medium-aave-and-euler-incentives-for-myt-will-be-lost-due-to-unimplemented-claimrewards-fun","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"53d67e49471c57e99e9b6e65e20b1aa68bfe08c2","title":"57983 sc low direct asset drain via zeroxswapverifier bypass and mytstrategy unlimited permit2 approvals","pathname":"/alchemix-v3/57983-sc-low-direct-asset-drain-via-zeroxswapverifier-bypass-and-mytstrategy-unlimited-permit2-appro","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4f7a2d141b667a25e9e0f75c42c3c834c2c6e1c8","title":"56827 sc high missing global earmark reduction in forcerepay ","pathname":"/alchemix-v3/56827-sc-high-missing-global-earmark-reduction-in-forcerepay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b4306da6d234132c6c8c1ab595ebbf726b9f8ba3","title":"56714 sc high accounting invariant violation in forcerepay leads to protocol insolvency","pathname":"/alchemix-v3/56714-sc-high-accounting-invariant-violation-in-forcerepay-leads-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6e639388c90f69ef4dee5b5e8a8f7aa55a4d95dd","title":"57989 sc low broken isvalidsignature leads to fund freezing ","pathname":"/alchemix-v3/57989-sc-low-broken-isvalidsignature-leads-to-fund-freezing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"db9a49d78f3e2f5fbb101b1deff1db090866eb1f","title":"58782 sc high rewards earned by eulerarbusdcstrategy will not be withdrawable from euler pool on arbitrum","pathname":"/alchemix-v3/58782-sc-high-rewards-earned-by-eulerarbusdcstrategy-will-not-be-withdrawable-from-euler-pool-on-arb","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3f55930ab256d0e3b3f068d14cc99fa84a0e381b","title":"56383 sc low the alchemistcurator acceptadminownership can t be called by the pending admin and if the function is called without pending admin the admin rigths will be lost","pathname":"/alchemix-v3/56383-sc-low-the-alchemistcurator-acceptadminownership-can-t-be-called-by-the-pending-admin-and-if-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"141562ea0d951457f8ca13ca0f678e7c3f114069","title":"57066 sc critical a malicious actor can keep calling poke at every block to prevent collateral earmarking exposing transmuter users to delayed redemptions and loss of funds","pathname":"/alchemix-v3/57066-sc-critical-a-malicious-actor-can-keep-calling-poke-at-every-block-to-prevent-collateral-earma","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d033c488baba7bbe833c7d4aa38ccf12b5ab0721","title":"58275 sc high account rawlocked not clear even when debt is clear","pathname":"/alchemix-v3/58275-sc-high-account-rawlocked-not-clear-even-when-debt-is-clear","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"699db5f896a05f6bd7aed0d9dd6f5136909c7531","title":"58480 sc low missing recipient and token binding in verifyswapcalldata leads to unauthorized fund transfers","pathname":"/alchemix-v3/58480-sc-low-missing-recipient-and-token-binding-in-verifyswapcalldata-leads-to-unauthorized-fund-tr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e26aa64decf873064cc05f8033bd24984122c9ba","title":"57330 sc critical resolverepaymentfee returns initial fee when fee is greater collateral balance","pathname":"/alchemix-v3/57330-sc-critical-resolverepaymentfee-returns-initial-fee-when-fee-is-greater-collateral-balance","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ee7eb12dfca7ebfdf42990059922749672fde602","title":"57740 sc high eulereth strategy will have weth locked in the strategy contract","pathname":"/alchemix-v3/57740-sc-high-eulereth-strategy-will-have-weth-locked-in-the-strategy-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d437b1b3c4223f0da4218cd803fb970f2681df92","title":"58771 sc high incorrect tracking of total deposited yield tokens mytsharesdeposited in liquidation and force repayment paths","pathname":"/alchemix-v3/58771-sc-high-incorrect-tracking-of-total-deposited-yield-tokens-mytsharesdeposited-in-liquidation-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"da3b7bd5fd02f0aedd97ca2db98eb70d3138a878","title":"58334 sc medium incorrect function selectors","pathname":"/alchemix-v3/58334-sc-medium-incorrect-function-selectors","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7383c0489328b69cdf223d6d4d5113aa4a50d2ea","title":"56960 sc medium missing slippage protection during redemption execution lead to loss of token for user ","pathname":"/alchemix-v3/56960-sc-medium-missing-slippage-protection-during-redemption-execution-lead-to-loss-of-token-for-us","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c4655c9ceb2de501a92aa382ad84f194958673a7","title":"58512 sc low mytstrategy isvalidsignature is implemented wrong and will not work","pathname":"/alchemix-v3/58512-sc-low-mytstrategy-isvalidsignature-is-implemented-wrong-and-will-not-work","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c8db9c8e2147875a0bea3d505ecdbb9ac2ebc3c3","title":"58531 sc critical querygraph function zero return bug causing tracking earmarking failure over progressive block intervals","pathname":"/alchemix-v3/58531-sc-critical-querygraph-function-zero-return-bug-causing-tracking-earmarking-failure-over-progr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5a825a18e9b6109186c4699cd8d68a07595b7fcc","title":"57394 sc low acceptadminownership only allows the current admin to finalise transfers","pathname":"/alchemix-v3/57394-sc-low-acceptadminownership-only-allows-the-current-admin-to-finalise-transfers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"beb15329f349a7c15753208633a90e80d43691a3","title":"58497 sc low the amount of weth redeemed is not calculated properly in morphoyearnogweth","pathname":"/alchemix-v3/58497-sc-low-the-amount-of-weth-redeemed-is-not-calculated-properly-in-morphoyearnogweth","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e39e891609bcd373137fb502873f665023d857d2","title":"56517 sc low zeroxswapverifier validates struct but executes external actions enabling direct fund theft","pathname":"/alchemix-v3/56517-sc-low-zeroxswapverifier-validates-struct-but-executes-external-actions-enabling-direct-fund-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d905fc69c0cd545a90abcd7af89c2bc2c21df98e","title":"56406 sc insight getestimatedyield never updates after snapshots","pathname":"/alchemix-v3/56406-sc-insight-getestimatedyield-never-updates-after-snapshots","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5f5572c69d8c52eaaac00b4707a62efd45089f4d","title":"58456 sc medium account can enter unliquidatable state with residual debt","pathname":"/alchemix-v3/58456-sc-medium-account-can-enter-unliquidatable-state-with-residual-debt","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7a9b78955cdbf799ced946b0be549b37c951dd87","title":"57861 sc high missing slippage protection in tokemak autopool allocation functions leads to direct theft of user funds","pathname":"/alchemix-v3/57861-sc-high-missing-slippage-protection-in-tokemak-autopool-allocation-functions-leads-to-direct-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a56d8ceca64450a548c25c4b57421c80a0133ca3","title":"57916 sc critical repay removes earmark meant to be reducing debt while collateral is still reduced","pathname":"/alchemix-v3/57916-sc-critical-repay-removes-earmark-meant-to-be-reducing-debt-while-collateral-is-still-reduced","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ed3b698a46ddd920fffc72066fd65181f42f4d1f","title":"58648 sc low incorrect wethbalancebefore read causes broken loss detection in deallocation","pathname":"/alchemix-v3/58648-sc-low-incorrect-wethbalancebefore-read-causes-broken-loss-detection-in-deallocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b42edae7f65dac7cb1e1208d947e5aa38731ca64","title":"57127 sc low pending admin should call the function instead of admin ","pathname":"/alchemix-v3/57127-sc-low-pending-admin-should-call-the-function-instead-of-admin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"003079dadb244253bec347ad789df16012c1716c","title":"58418 sc low verifyswapcalldata cant verify the output token of the swap","pathname":"/alchemix-v3/58418-sc-low-verifyswapcalldata-cant-verify-the-output-token-of-the-swap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d6467f14653e5bba4d2ada28dc4471cd3126cdd7","title":"56830 sc low broken admin ownership transfer logic acceptadminownership requires current admin instead of pending admin blocking role claim ","pathname":"/alchemix-v3/56830-sc-low-broken-admin-ownership-transfer-logic-acceptadminownership-requires-current-admin-inste","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8f281d9efc5e85ef5e00e979472cefe9d01da7f1","title":"58125 sc critical repayment fee overpayment from pooled collateral","pathname":"/alchemix-v3/58125-sc-critical-repayment-fee-overpayment-from-pooled-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8f109503066a0cfc63f5cd5b169a3e4838c25000","title":"57970 sc high forcerepay leaves cumulativeearmarked stale ","pathname":"/alchemix-v3/57970-sc-high-forcerepay-leaves-cumulativeearmarked-stale","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e6a18affb32923145efc56b2ac43ef51e5d4e3c4","title":"58249 sc low broken two step admin handover in alchemistcurator","pathname":"/alchemix-v3/58249-sc-low-broken-two-step-admin-handover-in-alchemistcurator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"48243e5d924f33a842500ca557ad2808801c4176","title":"57101 sc critical same block earmark early exit leaves stale transmuter balance causing under earmarking","pathname":"/alchemix-v3/57101-sc-critical-same-block-earmark-early-exit-leaves-stale-transmuter-balance-causing-under-earmar","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a71387c02533c0d6e15de72d91152259309311d5","title":"58516 sc low inverted min max logic in alchemistallocator operator cap calculation","pathname":"/alchemix-v3/58516-sc-low-inverted-min-max-logic-in-alchemistallocator-operator-cap-calculation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fe1994bb3630de9677364a0bf3ed7b153f07e58a","title":"56389 sc high mytsharesdeposited is not updated on liquidation outflows which could lead to solvency illusion and misreported global ratios","pathname":"/alchemix-v3/56389-sc-high-mytsharesdeposited-is-not-updated-on-liquidation-outflows-which-could-lead-to-solvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b512037b6a6cc7a10d3a614bfb546a9a05d14e32","title":"58688 sc critical alchemistv3 liquidate can steal other users collateral","pathname":"/alchemix-v3/58688-sc-critical-alchemistv3-liquidate-can-steal-other-users-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"98d4cb5d32f57e77eeb26af011d038e169da0cc9","title":"57777 sc low zerox swap verifier bypass enables direct theft of user funds","pathname":"/alchemix-v3/57777-sc-low-zerox-swap-verifier-bypass-enables-direct-theft-of-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"db7804045abd1e493550738246febf5843039ea3","title":"56798 sc critical flash vote exploit drains all funds via alchemistallocator","pathname":"/alchemix-v3/56798-sc-critical-flash-vote-exploit-drains-all-funds-via-alchemistallocator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8f3165daee505f0740da9408e1b746886f3d67ac","title":"58231 sc medium attacker can stop protocol from allocating assets to the autoeth vaults","pathname":"/alchemix-v3/58231-sc-medium-attacker-can-stop-protocol-from-allocating-assets-to-the-autoeth-vaults","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"62110d5a734abb1d72122092a0e003f9a0b7a427","title":"57148 sc high mytsharesdeposited variable is not correctly updated during liquidations leading to wrong assumptions and incorrect bad debt calculation in the transmuter ","pathname":"/alchemix-v3/57148-sc-high-mytsharesdeposited-variable-is-not-correctly-updated-during-liquidations-leading-to-wr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2e1cf4eeac4de6463b9628a6d3992b8a4863c7bb","title":"58736 sc high missing tvl accounting in forcerepay and doliquidation leads to protocol insolvency","pathname":"/alchemix-v3/58736-sc-high-missing-tvl-accounting-in-forcerepay-and-doliquidation-leads-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"85726891af9e91511ea451f3a18df6ff5fcc2c01","title":"57678 sc high liquidation fee is deducted from user but not paid to liquidator","pathname":"/alchemix-v3/57678-sc-high-liquidation-fee-is-deducted-from-user-but-not-paid-to-liquidator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"db4d56105293f1c6e83dd2470cd6d20787e6d573","title":"58658 sc high cumulativeearmarked not updated","pathname":"/alchemix-v3/58658-sc-high-cumulativeearmarked-not-updated","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ccdedcf0f7b9c85de7e753789192a1c6b6e60ab8","title":"58094 sc insight autopooleth vault slippage during lp token liquidation leads to temporary fund freezing","pathname":"/alchemix-v3/58094-sc-insight-autopooleth-vault-slippage-during-lp-token-liquidation-leads-to-temporary-fund-free","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8f954decef7ca7725a5deb6d9e773ef0d07c3329","title":"58527 sc low complete loss of all reward value on tokeautoethstrategy claimrewards","pathname":"/alchemix-v3/58527-sc-low-complete-loss-of-all-reward-value-on-tokeautoethstrategy-claimrewards","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"230251c7c1646f3e8152715d5d1c99460774d213","title":"58376 sc low claimrewards function permanently locks earned toke reward token on morpho vaultv2","pathname":"/alchemix-v3/58376-sc-low-claimrewards-function-permanently-locks-earned-toke-reward-token-on-morpho-vaultv2","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a4750c16d00dc8f6c74757bc791d967679647365","title":"57606 sc insight attacker can dos deposits by hitting the deposit cap","pathname":"/alchemix-v3/57606-sc-insight-attacker-can-dos-deposits-by-hitting-the-deposit-cap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4ce9778af1c05f55cb240a86f942aa72a7484e34","title":"56845 sc high the deposit will be reverted because mytsharesdeposited references an outdated value","pathname":"/alchemix-v3/56845-sc-high-the-deposit-will-be-reverted-because-mytsharesdeposited-references-an-outdated-value","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e8cc3c59dd7a4b5cdf7040127ac1563486261b0e","title":"56658 sc insight transmuter s tokenuri does not revert for nonexistent tokenids","pathname":"/alchemix-v3/56658-sc-insight-transmuter-s-tokenuri-does-not-revert-for-nonexistent-tokenids","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"33bdb9d8c8de11c83e3f9054e6ad61bed238645f","title":"56887 sc low incorrect balance tracking in morphoyearnogwethstrategy deallocate function leads to wrong loss event emission resend ","pathname":"/alchemix-v3/56887-sc-low-incorrect-balance-tracking-in-morphoyearnogwethstrategy-deallocate-function-leads-to-wr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b533388a60aa4c83d3e8e673a7f119d23a00ece4","title":"57972 sc high liquidation doesn t update mytsharesdeposited","pathname":"/alchemix-v3/57972-sc-high-liquidation-doesn-t-update-mytsharesdeposited","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8f6e944e1348d1d4b3b34d3544dd570d73721444","title":"56740 sc critical unbounded liquidation fee allows theft of shared collateral","pathname":"/alchemix-v3/56740-sc-critical-unbounded-liquidation-fee-allows-theft-of-shared-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"89bc3e16967a91bb752ec6bcd1f988a11d9e9e37","title":"58287 sc high mytsharesdeposited is not updated on some token transfer","pathname":"/alchemix-v3/58287-sc-high-mytsharesdeposited-is-not-updated-on-some-token-transfer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a279e7ef0c438dc14c419fb3ca61c8c66f711efa","title":"58579 sc low inconsistent admin management implementation in alchemistcurator sol","pathname":"/alchemix-v3/58579-sc-low-inconsistent-admin-management-implementation-in-alchemistcurator-sol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3de72dfde0be98f30b93306d320cd3057295a782","title":"58022 sc medium accounting mismatch and fund stuck due to dust eth on stargateethpoolstrategy","pathname":"/alchemix-v3/58022-sc-medium-accounting-mismatch-and-fund-stuck-due-to-dust-eth-on-stargateethpoolstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3d8443c326e4e21d2460b32b7b6695070a21c905","title":"58723 sc high cumulativeearmarked is not updated at forcerepay ","pathname":"/alchemix-v3/58723-sc-high-cumulativeearmarked-is-not-updated-at-forcerepay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"261c665ad740d2e8253da24866a561f7c57ebd3f","title":"58239 sc medium missing aave incentives rewards claiming mechanism leads to permanent loss of protocol royalties","pathname":"/alchemix-v3/58239-sc-medium-missing-aave-incentives-rewards-claiming-mechanism-leads-to-permanent-loss-of-protoc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"63699655d5b3f9db6fad73463091e013bc52c275","title":"58333 sc low incorrect onlyadmin modifier in acceptadminownership","pathname":"/alchemix-v3/58333-sc-low-incorrect-onlyadmin-modifier-in-acceptadminownership","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"216a93adac64e4d6637c839146c39599b05f8da8","title":"58520 sc low pending admin cannot accept ownership","pathname":"/alchemix-v3/58520-sc-low-pending-admin-cannot-accept-ownership","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2fe8b7c1726619643cb18eb0fbf9d4fb79318021","title":"58067 sc high asymmetric deallocation in tokeautoethstrategy leads to permanent weth funds stuck in strategy","pathname":"/alchemix-v3/58067-sc-high-asymmetric-deallocation-in-tokeautoethstrategy-leads-to-permanent-weth-funds-stuck-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1c8c5c65a0fb075ee651184b3fc95f41d9a25266","title":"58260 sc high inconsistent collateral accounting where force repay liquidation transfer out myt without adjusting tvl","pathname":"/alchemix-v3/58260-sc-high-inconsistent-collateral-accounting-where-force-repay-liquidation-transfer-out-myt-with","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"19285b98c30b822eea4c5520d416125cf644f48f","title":"57963 sc high incorrect mytsharesdeposited accounting in liquidate allows theft of user funds via corrupted bad debt ratio","pathname":"/alchemix-v3/57963-sc-high-incorrect-mytsharesdeposited-accounting-in-liquidate-allows-theft-of-user-funds-via-co","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9f55386fc4b11d3e540ded8f935707b3017d1c5c","title":"58645 sc medium incorrect weth wrapping amount in moonwellwethstrategy deallocate wraps ethredeemed instead of amount ","pathname":"/alchemix-v3/58645-sc-medium-incorrect-weth-wrapping-amount-in-moonwellwethstrategy-deallocate-wraps-ethredeemed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3425e879a571c2e4372ce7a18c531daea008a6bb","title":"58138 sc critical liquidator fees could surpass the user remaining collateral resulting in protocol insolvency","pathname":"/alchemix-v3/58138-sc-critical-liquidator-fees-could-surpass-the-user-remaining-collateral-resulting-in-protocol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"193324f01a15f1145636f122047c4486302da1ec","title":"58544 sc critical it is possible to underflow on sync making positions bricked forever","pathname":"/alchemix-v3/58544-sc-critical-it-is-possible-to-underflow-on-sync-making-positions-bricked-forever","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9dd895631389449946d3154f4c6d789df111dae9","title":"57725 sc high alchemistv liquidate is not updating the mytsharesdeposited which makes it inflated and can cause deposits dos and liquidations malfunction that may cause protocol insolvency ","pathname":"/alchemix-v3/57725-sc-high-alchemistv-liquidate-is-not-updating-the-mytsharesdeposited-which-makes-it-inflated-an","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"07f93975e0a75f71572f9821b5a69a59a57483c8","title":"58443 sc critical incorrect consumption of yield cover in redeem leading to reuse of accrued yield ","pathname":"/alchemix-v3/58443-sc-critical-incorrect-consumption-of-yield-cover-in-redeem-leading-to-reuse-of-accrued-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0a4876d85348ace4a3dce448cfc55cd342848b56","title":"56824 sc high missing update to mytsharesdeposited during liquidation","pathname":"/alchemix-v3/56824-sc-high-missing-update-to-mytsharesdeposited-during-liquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"30b33286cc78e335f2b7550ac1a3c658bde2368d","title":"56962 sc low balance check logic error in deallocate function leads to broken loss detection and false event emissions","pathname":"/alchemix-v3/56962-sc-low-balance-check-logic-error-in-deallocate-function-leads-to-broken-loss-detection-and-fal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6409baaf368b56fbbe14d82d48b7e8985bbe78a7","title":"57625 sc low incorrect cover accounting in earmark leads to earmarking failure and value leakage","pathname":"/alchemix-v3/57625-sc-low-incorrect-cover-accounting-in-earmark-leads-to-earmarking-failure-and-value-leakage","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"cde63ab0c3140d0399d45dfc4c6b1baf99a40ff8","title":"58447 sc critical unfair collateral loss through socialized redemption costs","pathname":"/alchemix-v3/58447-sc-critical-unfair-collateral-loss-through-socialized-redemption-costs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4a2b12e0ff91e6985cececbac1199cf9d9f4fd9a","title":"57196 sc high artificially inflated mytsharesdeposited in alchemixv3 sol deflates bad debt ratio in transmuter sol ","pathname":"/alchemix-v3/57196-sc-high-artificially-inflated-mytsharesdeposited-in-alchemixv3-sol-deflates-bad-debt-ratio-in","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"09a62150ac8b747c909bd47546fc1bb8ff6d0a5e","title":"56895 sc insight function approvemint is vulnerable to race conditions","pathname":"/alchemix-v3/56895-sc-insight-function-approvemint-is-vulnerable-to-race-conditions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b2fb567c631e13285ad7b94c6201d7531ee98855","title":"58755 sc high users position that are synced at certain times overestimate collateralbalance of the position","pathname":"/alchemix-v3/58755-sc-high-users-position-that-are-synced-at-certain-times-overestimate-collateralbalance-of-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8c0651d8294833ad60839e164bf20871e85cc882","title":"58269 sc high liquidator fee not paid when fee equals surplus","pathname":"/alchemix-v3/58269-sc-high-liquidator-fee-not-paid-when-fee-equals-surplus","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"591d7c442275dc756eff653220022f2826c224e3","title":"58383 sc high due to cumulativeearmarked not being updated in alchemix forcerepay user funds are locked longer due to slower debt decay and calculation of system collaterization rate is inc ","pathname":"/alchemix-v3/58383-sc-high-due-to-cumulativeearmarked-not-being-updated-in-alchemix-forcerepay-user-funds-are-loc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b5ba8742a5c094d9e1b21c23a7211cdcdb7f6022","title":"58636 sc low broken two step admin transfer prevents legitimate admin succession in alchemistcurator","pathname":"/alchemix-v3/58636-sc-low-broken-two-step-admin-transfer-prevents-legitimate-admin-succession-in-alchemistcurator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"aa898f3e471d6f0798782ebb7d5c94f06ad81a83","title":"56343 sc low morphoyearnogweth deallocate function always emits strategydeallocationloss due to flawed balance measurement","pathname":"/alchemix-v3/56343-sc-low-morphoyearnogweth-deallocate-function-always-emits-strategydeallocationloss-due-to-flaw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b3136219cd409fbdaad7c0953f8d39eb7c93449c","title":"56902 sc high strategy adapter aavev3opusdcstrategy would not work well with atoken rebasing mechanism","pathname":"/alchemix-v3/56902-sc-high-strategy-adapter-aavev3opusdcstrategy-would-not-work-well-with-atoken-rebasing-mechani","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ebed5bc83d86a4ad162249740e8b0ef8bde88d1a","title":"58215 sc high funds can become permanently stuck in adapter when kill switch is enabled","pathname":"/alchemix-v3/58215-sc-high-funds-can-become-permanently-stuck-in-adapter-when-kill-switch-is-enabled","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3df18b687684b36acc6b037c5c2a94baa58daaca","title":"56672 sc high inconsistent myt share accounting leads to under liquidation and solvency risk","pathname":"/alchemix-v3/56672-sc-high-inconsistent-myt-share-accounting-leads-to-under-liquidation-and-solvency-risk","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"526b93f0abc0592bd81f4c774742043c0d0ac8dc","title":"58088 sc low inadequate enforcement of global cap enables cumulative over allocation","pathname":"/alchemix-v3/58088-sc-low-inadequate-enforcement-of-global-cap-enables-cumulative-over-allocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b49bdb2f8c0c4f47811c5ad5049d1411822b860b","title":"57867 sc medium zeroxswapverifier erroneously rejects uniswap v3 swaps due to an an incorrect selector","pathname":"/alchemix-v3/57867-sc-medium-zeroxswapverifier-erroneously-rejects-uniswap-v3-swaps-due-to-an-an-incorrect-select","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1ef4100a37e5537be022bb0872a895b0519e73bc","title":"58466 sc high liquidation fee payment failure due to redundant wrong collateral check","pathname":"/alchemix-v3/58466-sc-high-liquidation-fee-payment-failure-due-to-redundant-wrong-collateral-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"692257544a428768335c9701601c5dab051cabc3","title":"56465 sc low gettotaldeposited doesn t reflect the correct total deposited","pathname":"/alchemix-v3/56465-sc-low-gettotaldeposited-doesn-t-reflect-the-correct-total-deposited","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b502372491a7a1b646c7b1d18f6eff64dffc8b3a","title":"57544 sc high mytsharesdeposited is not reduced upon fee transfers to protocol","pathname":"/alchemix-v3/57544-sc-high-mytsharesdeposited-is-not-reduced-upon-fee-transfers-to-protocol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5774c89997ccece7780eaa0591cb749148083fe2","title":"57311 sc medium moonwell allocation and deallocation can fail silently causing incorrect state updates and loss of yield","pathname":"/alchemix-v3/57311-sc-medium-moonwell-allocation-and-deallocation-can-fail-silently-causing-incorrect-state-updat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a1b4c3b97c9a6d71d7f2ea33837ff3989922a354","title":"56673 sc high zero cost fee farming via forced earmarked repayment","pathname":"/alchemix-v3/56673-sc-high-zero-cost-fee-farming-via-forced-earmarked-repayment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6c39904e3929d1a9886812a15a05ba04792ace57","title":"58369 sc high missing mytsharesdeposited decrements in forcerepay doliquidation leads to smart contract unable to operate due to lack of token funds","pathname":"/alchemix-v3/58369-sc-high-missing-mytsharesdeposited-decrements-in-forcerepay-doliquidation-leads-to-smart-contr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"af15f57cfc623ea5c78497145bdcb2d221e2f466","title":"56927 sc medium setminimumcollateralization function also needs a another check ","pathname":"/alchemix-v3/56927-sc-medium-setminimumcollateralization-function-also-needs-a-another-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9d477efa39fb58adb929980ba8beed15d5ac0fa2","title":"58080 sc medium aave v3 strategies fail to claim op arb liquidity mining rewards causing permanent loss of yield","pathname":"/alchemix-v3/58080-sc-medium-aave-v3-strategies-fail-to-claim-op-arb-liquidity-mining-rewards-causing-permanent-l","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"eec51b08bfa1b6d23ed98b93a880c14979a68b8d","title":"56983 sc low tokemak rewards sent to myt vault contract not strategy rewards stranded","pathname":"/alchemix-v3/56983-sc-low-tokemak-rewards-sent-to-myt-vault-contract-not-strategy-rewards-stranded","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9a5bf82c6fe4e71e795682b42141157214f236a7","title":"57726 sc high alchemistv3 myt tvl accounting drift on liquidation forcerepay blocks deposits via depositcap medium smart contract unable to operate due to lack of token funds ","pathname":"/alchemix-v3/57726-sc-high-alchemistv3-myt-tvl-accounting-drift-on-liquidation-forcerepay-blocks-deposits-via-dep","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c2447f1508f55c15da768fdc62fd5352202edf5b","title":"58741 sc medium action function signatures to 0x settler are wrong","pathname":"/alchemix-v3/58741-sc-medium-action-function-signatures-to-0x-settler-are-wrong","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b61c8a7b2466b8d6bc02dbcd2ba082ac066eb473","title":"58422 sc low morphoyearn og weth strategy always emits deallocation loss event due to zero delta calculation","pathname":"/alchemix-v3/58422-sc-low-morphoyearn-og-weth-strategy-always-emits-deallocation-loss-event-due-to-zero-delta-cal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"da69a0b8dfb71b256c388d138c7e78d19a83ebaf","title":"57208 sc insight it is possible to prevent lowering the deposit cap by front running","pathname":"/alchemix-v3/57208-sc-insight-it-is-possible-to-prevent-lowering-the-deposit-cap-by-front-running","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b9ad9b7d33f442304e99d8a6a547128f04838ac7","title":"58357 sc low permanent freezing of tokeautoeth strategy rewards in myt vault","pathname":"/alchemix-v3/58357-sc-low-permanent-freezing-of-tokeautoeth-strategy-rewards-in-myt-vault","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"095ef5b837cba6699a66e397ebcccaebb00737b0","title":"57479 sc low logical bug in alchemistcurator acceptadminownership asking to current admin to accept ownership ","pathname":"/alchemix-v3/57479-sc-low-logical-bug-in-alchemistcurator-acceptadminownership-asking-to-current-admin-to-accept","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"58037ce0351adc21e939b19f04168aaf420cb951","title":"58177 sc high transmuter claimredemption cant update mytsharesdeposited leading to permanent underlying value state inside alchemist","pathname":"/alchemix-v3/58177-sc-high-transmuter-claimredemption-cant-update-mytsharesdeposited-leading-to-permanent-underly","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b0606d42b383539a9305e9adaaabdec4aee8eaa5","title":"57291 sc insight hardcoded slippage in myt strategy","pathname":"/alchemix-v3/57291-sc-insight-hardcoded-slippage-in-myt-strategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7b9a4ebee54ec8b92231748903403126cacf5ec7","title":"56709 sc low zeroxswapverifier missing source validation","pathname":"/alchemix-v3/56709-sc-low-zeroxswapverifier-missing-source-validation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2815b83a4618628303970b85ca9ec3125e0efe23","title":"58033 sc medium unimplemented claimrewards function results in permanent freezing of aave incentive rewards","pathname":"/alchemix-v3/58033-sc-medium-unimplemented-claimrewards-function-results-in-permanent-freezing-of-aave-incentive","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c1ca6f43ce49a49cb97ad3ba224a041b4ea29e8f","title":"56855 sc medium liquidations fail with arithmetic underflow when forced repayment exhausts collateral","pathname":"/alchemix-v3/56855-sc-medium-liquidations-fail-with-arithmetic-underflow-when-forced-repayment-exhausts-collatera","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"03e3343e35f7e89c5870b874c9398d371342333f","title":"58672 sc low incorrect balance check sequence ","pathname":"/alchemix-v3/58672-sc-low-incorrect-balance-check-sequence","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"caffb47b526f8cb036739999d6dc1119fcccaac1","title":"58130 sc medium asymmetric validation in collateralization setters allows protocol misconfiguration breaking all borrowing","pathname":"/alchemix-v3/58130-sc-medium-asymmetric-validation-in-collateralization-setters-allows-protocol-misconfiguration","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"f8267ac53db149fa471a6ba2d0d04b1bcf44e7b4","title":"57152 sc high assets permanently locked due to killswitch flag","pathname":"/alchemix-v3/57152-sc-high-assets-permanently-locked-due-to-killswitch-flag","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7783f31706e30b2f714680c881f96207d2f06b26","title":"58754 sc high missing mytsharesdeposited decrements in alchemistv3 forcerepay doliquidation ","pathname":"/alchemix-v3/58754-sc-high-missing-mytsharesdeposited-decrements-in-alchemistv3-forcerepay-doliquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ceeb85d46d238e8b233926503b8dc9ecfca8b604","title":"57812 sc medium no function to claim aave incentives","pathname":"/alchemix-v3/57812-sc-medium-no-function-to-claim-aave-incentives","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5e110770fe81af26880cc365183848a72e4a0952","title":"58564 sc critical earmarked funds fail to accumulate when earmark is called in consecutive blocks","pathname":"/alchemix-v3/58564-sc-critical-earmarked-funds-fail-to-accumulate-when-earmark-is-called-in-consecutive-blocks","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1694691a64b76c6deff90770c9b8a2bbb425c0a0","title":"57183 sc medium missing incentive rewards claiming in multiple strategy contracts","pathname":"/alchemix-v3/57183-sc-medium-missing-incentive-rewards-claiming-in-multiple-strategy-contracts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"ee0884dfb3d0aa4b772c33a8e9d51939ca851d88","title":"58518 sc critical liquidation will steal repayment fee from innocent users funds","pathname":"/alchemix-v3/58518-sc-critical-liquidation-will-steal-repayment-fee-from-innocent-users-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"14aa85504add0816cf52a3093667855f582d8e27","title":"58705 sc low mismatch between emitted protocol fee and actual fee paid in forcerepay due to strict inequality check","pathname":"/alchemix-v3/58705-sc-low-mismatch-between-emitted-protocol-fee-and-actual-fee-paid-in-forcerepay-due-to-strict-i","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"f3fbbae05fed664d29e3c2a99da73588a7c6005b","title":"58707 sc medium moonwell strategy allocate does not revert when mint fails which can result in a sudden drop in myt share price and consequently sever under collateralization","pathname":"/alchemix-v3/58707-sc-medium-moonwell-strategy-allocate-does-not-revert-when-mint-fails-which-can-result-in-a-sud","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6a9147ad9e86159d00e0d49e885c7c1d013d8f82","title":"58627 sc low incorrect delta calculation in deallocate causes wethredeemed to always be zero ","pathname":"/alchemix-v3/58627-sc-low-incorrect-delta-calculation-in-deallocate-causes-wethredeemed-to-always-be-zero","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a9b1e477987a18cd9daa768d0033753f5c748bd7","title":"57024 sc low wethbalancebefore is computed after withdrawal in deallocate function in morphoyearnogwethstrategy contract leading to systematic strategydeallocationloss event emission ","pathname":"/alchemix-v3/57024-sc-low-wethbalancebefore-is-computed-after-withdrawal-in-deallocate-function-in-morphoyearnogw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b75dd356f264aa2e5cc56b1921a6bcd888b5bd02","title":"58773 sc medium in stargate incorrect allocation cap accounting leading to unnecessary dos","pathname":"/alchemix-v3/58773-sc-medium-in-stargate-incorrect-allocation-cap-accounting-leading-to-unnecessary-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"936ae094b3be5f61cb69b19c9c700ce66b2d1f84","title":"58010 sc high slippage tolerance not enforced in tokeautousdstrategy","pathname":"/alchemix-v3/58010-sc-high-slippage-tolerance-not-enforced-in-tokeautousdstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"06a0fb70026bd7883db542a8f0d2bb10e06c5c8b","title":"58266 sc high partial liquidation strands base fee due to post seizure balance check","pathname":"/alchemix-v3/58266-sc-high-partial-liquidation-strands-base-fee-due-to-post-seizure-balance-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c0296d93af58432f21dfcf05492ce72d7e56977a","title":"58101 sc critical repayment only liquidation overpays fee from pooled collateral","pathname":"/alchemix-v3/58101-sc-critical-repayment-only-liquidation-overpays-fee-from-pooled-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"27bfb4413c3e9a8167648f9d1de31ec888cc97b0","title":"56936 sc high missing mytsharesdeposited decrements on repay liquidation tvl drift false over collateralization and deposit cap dos","pathname":"/alchemix-v3/56936-sc-high-missing-mytsharesdeposited-decrements-on-repay-liquidation-tvl-drift-false-over-collat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2fcbda3f7adbe695f8e5a16878dd40d4705f87d8","title":"58360 sc low round down calculation in converttoshares leads to deallocation failure in tokeautoeth strategy","pathname":"/alchemix-v3/58360-sc-low-round-down-calculation-in-converttoshares-leads-to-deallocation-failure-in-tokeautoeth","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e67c05bf7d66872d13df68308a49eb73178f120d","title":"56622 sc critical repayment fee overpays liquidators using pooled collateral after forcerepay","pathname":"/alchemix-v3/56622-sc-critical-repayment-fee-overpays-liquidators-using-pooled-collateral-after-forcerepay","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0533fa29b64ef1208db6df2d35c44e704d3fb822","title":"58113 sc high stargateethpoolstrategy realassets return false real assets ","pathname":"/alchemix-v3/58113-sc-high-stargateethpoolstrategy-realassets-return-false-real-assets","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4ae264d220b4cd4303aae81f15c26039cb5da9e0","title":"58337 sc high incorrect handling of cumulativeearmarked in forcerepay leads to inflated survival accumulator ","pathname":"/alchemix-v3/58337-sc-high-incorrect-handling-of-cumulativeearmarked-in-forcerepay-leads-to-inflated-survival-acc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7df1b65f4fdac48c5e01caab4ccb061e3788873b","title":"58793 sc critical repayment fee overpayment from global collateral pool","pathname":"/alchemix-v3/58793-sc-critical-repayment-fee-overpayment-from-global-collateral-pool","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8abdf10fe324b37f9ae890f382e357fcd5144d43","title":"58464 sc critical repayment fee paid from protocol funds when user collateral is depleted","pathname":"/alchemix-v3/58464-sc-critical-repayment-fee-paid-from-protocol-funds-when-user-collateral-is-depleted","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9e831e14ebeb6eda3ad17d89d795dc074b29159d","title":"58259 sc low broken operator logic inside alchemistcurator","pathname":"/alchemix-v3/58259-sc-low-broken-operator-logic-inside-alchemistcurator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a53082afdba4c5559ab7bd8dafaf632171058cb0","title":"56923 sc high missing cumulativeearmarked update in forcerepay causes incorrect debt accounting in alchemistv3","pathname":"/alchemix-v3/56923-sc-high-missing-cumulativeearmarked-update-in-forcerepay-causes-incorrect-debt-accounting-in-a","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"86e7378727fa48e1c137dfa0140bf826eef7fd91","title":"58409 sc high high arithmetic underflow in mytstrategy sol s deallocate check prevents yield withdrawal","pathname":"/alchemix-v3/58409-sc-high-high-arithmetic-underflow-in-mytstrategy-sol-s-deallocate-check-prevents-yield-withdra","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"352ced38386446ac273b42fe09741c1ffceb0aab","title":"58435 sc high systemic accounting bug leads to protocol insolvency","pathname":"/alchemix-v3/58435-sc-high-systemic-accounting-bug-leads-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"12c8980d13e1f238866b95a6530af2439a11ccfc","title":"58573 sc critical alchemistv3 repayment fee cross account theft vulnerability","pathname":"/alchemix-v3/58573-sc-critical-alchemistv3-repayment-fee-cross-account-theft-vulnerability","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e5f66c0e040eaf467e52cd13ba921ea118697abb","title":"57308 sc high alchemistv3 does not update mytsharesdeposited when performing liquidation causing global accounting and liquidation logic mismatch","pathname":"/alchemix-v3/57308-sc-high-alchemistv3-does-not-update-mytsharesdeposited-when-performing-liquidation-causing-glo","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4855fcab677d04e65b692b72849d024728538fc1","title":"57599 sc low protocol wrongly withdraws before checking balance of withdraw","pathname":"/alchemix-v3/57599-sc-low-protocol-wrongly-withdraws-before-checking-balance-of-withdraw","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2de16fa2c17a08ad05c88f9e152d1f747cc38481","title":"58492 sc medium unbounded deposit exposure in tokeautoethstrategy allocate ","pathname":"/alchemix-v3/58492-sc-medium-unbounded-deposit-exposure-in-tokeautoethstrategy-allocate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"53e5e3feb80f5883211c564b17e25f381592b451","title":"58449 sc medium tokeautoeth strategy balance approval mismatch dos","pathname":"/alchemix-v3/58449-sc-medium-tokeautoeth-strategy-balance-approval-mismatch-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"525587bf4d7173f9bb7480cd1580fdc265ff8d38","title":"56775 sc medium permanent freezing of funds from precision dust strict deallocation check","pathname":"/alchemix-v3/56775-sc-medium-permanent-freezing-of-funds-from-precision-dust-strict-deallocation-check","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"32e8e4c5cf350946572d3db8b02c3eca3ceec278","title":"58244 sc low incorrect balance check order in morphoyearnogweth strategy leads to false deallocation loss events","pathname":"/alchemix-v3/58244-sc-low-incorrect-balance-check-order-in-morphoyearnogweth-strategy-leads-to-false-deallocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"cc736bb6cd0f41460b8e57a1d2c03ed02c78abbf","title":"58604 sc low verification bypass in verifyexecutemetatxncalldata enables arbitrary 0x actions to pass checks and execute in the zeroxswapverifier sol contract","pathname":"/alchemix-v3/58604-sc-low-verification-bypass-in-verifyexecutemetatxncalldata-enables-arbitrary-0x-actions-to-pas","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"bb585d6db85b954a63ac9fbab7414ac8f1905112","title":"57369 sc high deallocation may revert due to an underflow","pathname":"/alchemix-v3/57369-sc-high-deallocation-may-revert-due-to-an-underflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6b5e0c824e38b9419dd4a356098cb6ee14a0b7ff","title":"57028 sc insight wrong amount variable in repay event","pathname":"/alchemix-v3/57028-sc-insight-wrong-amount-variable-in-repay-event","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"cf93523c39ed7f5b503b9e7b6b8d45aeeee03655","title":"57331 sc medium conditional eth wrapping logic causes withdrawal dos in moonwellweth and stargateeth strategies","pathname":"/alchemix-v3/57331-sc-medium-conditional-eth-wrapping-logic-causes-withdrawal-dos-in-moonwellweth-and-stargateeth","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"58fb83c27019480652e9c9f2aa068ce42fa0e3b1","title":"57930 sc high allocation tracking underflow in strategy deallocation leads to protocol insolvency","pathname":"/alchemix-v3/57930-sc-high-allocation-tracking-underflow-in-strategy-deallocation-leads-to-protocol-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"bd7af0337d19b6f168296ca6f010344ea8418aa4","title":"56498 sc low reserve drainage due to incorrect balance measurement","pathname":"/alchemix-v3/56498-sc-low-reserve-drainage-due-to-incorrect-balance-measurement","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9412adcc1196a776bb2a16e9364d22b63f94d4c5","title":"58728 sc medium when the strategy is at a loss the assets cannot be withdrawn","pathname":"/alchemix-v3/58728-sc-medium-when-the-strategy-is-at-a-loss-the-assets-cannot-be-withdrawn","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5daa3685ec19e3f55004f3184b0541d72c9258c7","title":"58524 sc high when liquidating there are cases where the fee is not paid to the liquidator ","pathname":"/alchemix-v3/58524-sc-high-when-liquidating-there-are-cases-where-the-fee-is-not-paid-to-the-liquidator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"64aa78905e31e4b7aa08d026c008a8c414888d0a","title":"56982 sc medium incorrect function selectors used in zeroxswapverifier","pathname":"/alchemix-v3/56982-sc-medium-incorrect-function-selectors-used-in-zeroxswapverifier","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8bd25bc58ae273acc6aa2ca1f75c71069746f9c8","title":"58325 sc low operator can shift vault funds to risky strategies without oversight leading to potential loss of user funds ","pathname":"/alchemix-v3/58325-sc-low-operator-can-shift-vault-funds-to-risky-strategies-without-oversight-leading-to-potenti","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fb6f5ba2567f196cb6fa19c3292185e434116ad4","title":"58386 sc low rewards claimed during deallocation remain stranded on strategy and unaccounted","pathname":"/alchemix-v3/58386-sc-low-rewards-claimed-during-deallocation-remain-stranded-on-strategy-and-unaccounted","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"2ee66e2e3a27e04bc1712cb4a476fd7df8c1b6aa","title":"56832 sc low alchemistcurator contract doesn t allow to remove strategies from the myt morpho v2 vault ","pathname":"/alchemix-v3/56832-sc-low-alchemistcurator-contract-doesn-t-allow-to-remove-strategies-from-the-myt-morpho-v2-vau","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"45916d0245b3bd2a7ae29282829bef834b04c4bd","title":"56385 sc critical repayment fee can be paid from the pool even when the account has no collateral left","pathname":"/alchemix-v3/56385-sc-critical-repayment-fee-can-be-paid-from-the-pool-even-when-the-account-has-no-collateral-le","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"792c316616147084939f1981697ef5baf51602ac","title":"58502 sc high deposit cap denial of service due to stale mytsharesdeposited during liquidation","pathname":"/alchemix-v3/58502-sc-high-deposit-cap-denial-of-service-due-to-stale-mytsharesdeposited-during-liquidation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"16ad531505a3225ca9fd881372c7e591da03e2f7","title":"58310 sc low strategy fluidarbusdcstrategy cant claim fluid token reward","pathname":"/alchemix-v3/58310-sc-low-strategy-fluidarbusdcstrategy-cant-claim-fluid-token-reward","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e069ab476aaa5f57bcedcf0a61b1b6323ea6e233","title":"58288 sc critical incorrect fee payment logic leads to underpayment ","pathname":"/alchemix-v3/58288-sc-critical-incorrect-fee-payment-logic-leads-to-underpayment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6f7eded77baef665d5beb37e546fd4fd11302374","title":"56621 sc insight broken withdrawal logic in aavev3arbusdcstrategy permanently locks user funds","pathname":"/alchemix-v3/56621-sc-insight-broken-withdrawal-logic-in-aavev3arbusdcstrategy-permanently-locks-user-funds","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a42afda0cd1caa6eaa93539b0c5ae5833434d522","title":"57774 sc critical redemption earmark mechanism can be permanently blocked via single block earmark calls","pathname":"/alchemix-v3/57774-sc-critical-redemption-earmark-mechanism-can-be-permanently-blocked-via-single-block-earmark-c","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a12885ad58f577defbe15791ee78c26b96d48bf4","title":"56529 sc low incorrect token balance calculation in morphoyearnogwethstrategy sol deallocate leads to wrong event emitted every time","pathname":"/alchemix-v3/56529-sc-low-incorrect-token-balance-calculation-in-morphoyearnogwethstrategy-sol-deallocate-leads-t","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"53c26912b8a102e75f8b6505401b517050a1fd03","title":"58396 sc high total locked is not cleared proportionally to the total debt this forces the collateral weight to become incorrect and new users transmuter redeem repayment will repay more debt fo ","pathname":"/alchemix-v3/58396-sc-high-total-locked-is-not-cleared-proportionally-to-the-total-debt-this-forces-the-collatera","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4a29b37862874be730264fcbfa75696cfb37716b","title":"58428 sc low toke reward loss when calling deallocate","pathname":"/alchemix-v3/58428-sc-low-toke-reward-loss-when-calling-deallocate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"961ddf893d94bb9a1a6baeb155f21f0228bd44e3","title":"58056 sc low the auto eth and usdc staking rewards will stuck in vault","pathname":"/alchemix-v3/58056-sc-low-the-auto-eth-and-usdc-staking-rewards-will-stuck-in-vault","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"135e10b67b950a8103df8bb7cc3150dbf0d82079","title":"56836 sc low ownership transfer failure in alchemistcurator https github com alchemix finance v3 poc blob immunefi audit src alchemistcurator sol prevents future dao governance or recovery","pathname":"/alchemix-v3/56836-sc-low-ownership-transfer-failure-in-alchemistcurator-https-github-com-alchemix-finance-v3-poc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b3072b83e929633de82b7206e853e6aef78ec60e","title":"56518 sc insight claimwithdrawalqueue discards claimed amount","pathname":"/alchemix-v3/56518-sc-insight-claimwithdrawalqueue-discards-claimed-amount","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8700e408e7b8526de869514b06f7ce5a5c7b4bab","title":"56326 sc insight variable could be immutable","pathname":"/alchemix-v3/56326-sc-insight-variable-could-be-immutable","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4432ae02b4d1d97e362dd299b3341da8c87e566b","title":"57862 sc low incorrect balancebefore reading order in morphoyearnogwethstrategy deallocate function leads to wrong event emission","pathname":"/alchemix-v3/57862-sc-low-incorrect-balancebefore-reading-order-in-morphoyearnogwethstrategy-deallocate-function","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"750959b255c7207ad7a9df99ae96d71673eb1936","title":"56427 sc insight src utils permissionedproxy sol setpermissionedcall incomplete event emission because it doesnt include value argument for signature","pathname":"/alchemix-v3/56427-sc-insight-src-utils-permissionedproxy-sol-setpermissionedcall-incomplete-event-emission-becau","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"09092a3b38af5858cefef23c3241f8692d19a32d","title":"56794 sc critical liquidators can be overpaid due to accounting error ","pathname":"/alchemix-v3/56794-sc-critical-liquidators-can-be-overpaid-due-to-accounting-error","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d5bf1a877addaeaa7934a2990307f785fd8f00c4","title":"58040 sc low removestrategy is non functional","pathname":"/alchemix-v3/58040-sc-low-removestrategy-is-non-functional","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0a599f8447d08b1c5627f39aeb48148ecfda4506","title":"57053 sc critical integer division precision loss in normalizedebttokenstounderlying leads to permanent collateral locking","pathname":"/alchemix-v3/57053-sc-critical-integer-division-precision-loss-in-normalizedebttokenstounderlying-leads-to-perman","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"53aaefb7656a85eebe5ee6dc74cad6ec738b3bfb","title":"56815 sc high missing mytsharesdeposited decrements in internal outflows cause tvl inflation deposit dos","pathname":"/alchemix-v3/56815-sc-high-missing-mytsharesdeposited-decrements-in-internal-outflows-cause-tvl-inflation-deposit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5ce52a56075e6d228d16e53b295263349a794e5e","title":"57587 sc critical earmark reduction of transmuterdifference does not always account for the full transmuter balance diff which can cause permanent earmark to accrue in alchemist","pathname":"/alchemix-v3/57587-sc-critical-earmark-reduction-of-transmuterdifference-does-not-always-account-for-the-full-tra","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"848b1eb96faa49a2b2f4f8755e55de6234457832","title":"58112 sc high a malicious user can avoid getting penalized upon a transmuter redemption by depositing and withdrawing collateral in the alchemist","pathname":"/alchemix-v3/58112-sc-high-a-malicious-user-can-avoid-getting-penalized-upon-a-transmuter-redemption-by-depositin","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b2322358073be770e70b0728012d28c3a026c9c3","title":"57197 sc high incorrect totallocked reduction","pathname":"/alchemix-v3/57197-sc-high-incorrect-totallocked-reduction","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3acb3fcd8fa93e8a1d5b3c81104410c07fd577ed","title":"57837 sc low moonwellwethstrategy cant claim reward from moonwell comptroller","pathname":"/alchemix-v3/57837-sc-low-moonwellwethstrategy-cant-claim-reward-from-moonwell-comptroller","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c0d8da785b84a34240d69c3886adb39e43d58553","title":"57483 sc medium fees could be skipped when there is not enough collateral","pathname":"/alchemix-v3/57483-sc-medium-fees-could-be-skipped-when-there-is-not-enough-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"775779db700b3e83ae420e3838730406896b89d9","title":"58079 sc low missing from validation in zeroxswapverifier verifyswapcalldata enables direct theft of approved funds","pathname":"/alchemix-v3/58079-sc-low-missing-from-validation-in-zeroxswapverifier-verifyswapcalldata-enables-direct-theft-of","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"11959eb66631d90e174288933f613a8b05daab02","title":"56363 sc high mytsharesdeposited not correctly updated in all cases leading to incorrect protocol collateralization and reduced liquidation incentives","pathname":"/alchemix-v3/56363-sc-high-mytsharesdeposited-not-correctly-updated-in-all-cases-leading-to-incorrect-protocol-co","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8a321053b3d6838387a802ac3b88e89f17ad9340","title":"57918 sc high incorrect totallocked collateral accounting in alchemistv3","pathname":"/alchemix-v3/57918-sc-high-incorrect-totallocked-collateral-accounting-in-alchemistv3","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"95baccb1825cf1680b9fad6bcfe32963c53fe0bf","title":"56528 sc insight unbounded slippagebps can freeze withdrawals","pathname":"/alchemix-v3/56528-sc-insight-unbounded-slippagebps-can-freeze-withdrawals","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"115b51897b8a26526d4c27e4876e990fa489c408","title":"57825 sc high forced repay cover enables double counted debt reduction in redeem","pathname":"/alchemix-v3/57825-sc-high-forced-repay-cover-enables-double-counted-debt-reduction-in-redeem","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7057977185937f29f771b4f459ff747e3794ad25","title":"58797 sc low the tokeauto strategies implementation does not accurately report the actual assets held by the strategy","pathname":"/alchemix-v3/58797-sc-low-the-tokeauto-strategies-implementation-does-not-accurately-report-the-actual-assets-hel","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3332bb408dff5d6fb463d92c65dd03ce41e775b2","title":"58642 sc low cap bypass in alchemistallocator deallocate allows over deallocation beyond computed limits","pathname":"/alchemix-v3/58642-sc-low-cap-bypass-in-alchemistallocator-deallocate-allows-over-deallocation-beyond-computed-li","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a0dcfffeb8f9ce6bcfd2940c66854355ba1f5993","title":"58611 sc medium double counting of earmarked debt repayments as cover leads to user funds being stuck and protocol insolvency ","pathname":"/alchemix-v3/58611-sc-medium-double-counting-of-earmarked-debt-repayments-as-cover-leads-to-user-funds-being-stuc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0deab5178d66870bf7f6443f9fd569f692197bb2","title":"58189 sc low two step mechanism to transfer ownership is broken due to incorrect access control","pathname":"/alchemix-v3/58189-sc-low-two-step-mechanism-to-transfer-ownership-is-broken-due-to-incorrect-access-control","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7796df86796041ba0819e209cab63d98bda444e5","title":"58306 sc critical repayment fee not adjusted for insufficient collateral","pathname":"/alchemix-v3/58306-sc-critical-repayment-fee-not-adjusted-for-insufficient-collateral","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"18e376e25c7198c8942d6024ed7fcf969807415e","title":"58322 sc low incorrect emit due to wrong ordering of wethbalancebefore calculation","pathname":"/alchemix-v3/58322-sc-low-incorrect-emit-due-to-wrong-ordering-of-wethbalancebefore-calculation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4c34d2f5f63c343ed130d53e906cd5cddf1ed707","title":"57516 sc low arbitrary external call in zeroxswapverifier leads to theft of unclaimed yield","pathname":"/alchemix-v3/57516-sc-low-arbitrary-external-call-in-zeroxswapverifier-leads-to-theft-of-unclaimed-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"42dad59b73f13b9720c0f10380ebce95893b5eb7","title":"57832 sc insight cap logic error in alchemistallocator","pathname":"/alchemix-v3/57832-sc-insight-cap-logic-error-in-alchemistallocator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7b8b1379526bb43c9895c9447e2d85f7ab5c7d0a","title":"58718 sc medium in forcerepay protocol fee collection leads to theft of unclaimed yield","pathname":"/alchemix-v3/58718-sc-medium-in-forcerepay-protocol-fee-collection-leads-to-theft-of-unclaimed-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"748a5a6f57d0c429e99c29483c9a49ea99907c6f","title":"57668 sc high missing collateral tracking update during liquidation leads to inflated total value calculation and delayed under collateralization protection","pathname":"/alchemix-v3/57668-sc-high-missing-collateral-tracking-update-during-liquidation-leads-to-inflated-total-value-ca","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3b2fc55ce218e55c6f86bd32bb10d830edcbcc6f","title":"56332 sc low pending admin cannot accept ownership","pathname":"/alchemix-v3/56332-sc-low-pending-admin-cannot-accept-ownership","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fcedd6696a5cf15b50849939914ff79bd6f9c1d8","title":"58276 sc critical uncapped feeinyield in resolverepaymentfee allows for collateral theft from other depositors","pathname":"/alchemix-v3/58276-sc-critical-uncapped-feeinyield-in-resolverepaymentfee-allows-for-collateral-theft-from-other","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"55e2a6ede3d485ecd7e4481f45205f81c7d9e639","title":"58362 sc low users will lose tokemak rewards earned in tokeautoethstrategy","pathname":"/alchemix-v3/58362-sc-low-users-will-lose-tokemak-rewards-earned-in-tokeautoethstrategy","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"002a5320dcd7001eca612fe4eb28124ea232c2de","title":"56893 sc low pending admin cannot accept ownership in alchemistcurator","pathname":"/alchemix-v3/56893-sc-low-pending-admin-cannot-accept-ownership-in-alchemistcurator","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"454011850c81ba09c0078eeb16b1a3cdd6f11448","title":"58689 sc critical incorrect deduction logic in alchemistv3 redeem may lead to insufficient contract collateral","pathname":"/alchemix-v3/58689-sc-critical-incorrect-deduction-logic-in-alchemistv3-redeem-may-lead-to-insufficient-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"0384194427fb0d46926d9f29652ec63118b83779","title":"56801 sc insight function burn could be gas optimized","pathname":"/alchemix-v3/56801-sc-insight-function-burn-could-be-gas-optimized","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8d547722631e98fb884d2161e0661ff096fd8ae4","title":"57464 sc high incorrect accounting in stargate strategy causes protocol insolvency and user liquidations","pathname":"/alchemix-v3/57464-sc-high-incorrect-accounting-in-stargate-strategy-causes-protocol-insolvency-and-user-liquidat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7992ccb4c239bec2fb379b121174069e65b52d75","title":"57532 sc high assets are not accounted for when the contract is in killswitch mode","pathname":"/alchemix-v3/57532-sc-high-assets-are-not-accounted-for-when-the-contract-is-in-killswitch-mode","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"58f66afbffaceea5b3d2e33b88936cbdf5d06b1d","title":"58124 sc low direct theft of funds via malicious actions in execute call due to incorrect calldata verification","pathname":"/alchemix-v3/58124-sc-low-direct-theft-of-funds-via-malicious-actions-in-execute-call-due-to-incorrect-calldata-v","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"471778fbdcbb4881cff8fef52d19dda48c8d5806","title":"57926 sc low the conditional strategydeallocationloss event in morphoyearnogwethstrategy deallocate gets logged all the time due a misplacement in variable declaration","pathname":"/alchemix-v3/57926-sc-low-the-conditional-strategydeallocationloss-event-in-morphoyearnogwethstrategy-deallocate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fd647f2bce4d4fc433e5c169ef838f3a7b6602af","title":"57969 sc insight lack of incentive to liquidate small positions can cause the system to accumulate bad debt","pathname":"/alchemix-v3/57969-sc-insight-lack-of-incentive-to-liquidate-small-positions-can-cause-the-system-to-accumulate-b","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"a12662f4a3ace746a898f469e870dcf7ff2f0c1f","title":"57806 sc low staking graph argument bounds are incorrectly defined","pathname":"/alchemix-v3/57806-sc-low-staking-graph-argument-bounds-are-incorrectly-defined","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d7bbac80aa7d4d0db7eba5015ce19a98d7eb5c5c","title":"57447 sc high untracked myt outflows inflate tvl causing liquidation suppression","pathname":"/alchemix-v3/57447-sc-high-untracked-myt-outflows-inflate-tvl-causing-liquidation-suppression","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c1637bf0d9f0093f2908fedcee007c5177ff520d","title":"58605 sc medium missing claimrewards in aavev3arbusdcstrategy leads to permanent freezing of accrued aave incentives","pathname":"/alchemix-v3/58605-sc-medium-missing-claimrewards-in-aavev3arbusdcstrategy-leads-to-permanent-freezing-of-accrued","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"34f870e538aa6639a6796f5971632a40485af012","title":"57251 sc low curator cannot remove adapter due to timelock requirement","pathname":"/alchemix-v3/57251-sc-low-curator-cannot-remove-adapter-due-to-timelock-requirement","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"cfa13148cbdda1f934142bf84a3b3a2d42d95b97","title":"58061 sc high incorrect collateral and fee check in doliquidation allows liquidator to loose fee ","pathname":"/alchemix-v3/58061-sc-high-incorrect-collateral-and-fee-check-in-doliquidation-allows-liquidator-to-loose-fee","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"52e946f26546cb5dfcbbfc49009116889c91dc8f","title":"57816 sc insight critical incentive failure in calculateliquidation leads to protocol insolvency risk during global bad debt","pathname":"/alchemix-v3/57816-sc-insight-critical-incentive-failure-in-calculateliquidation-leads-to-protocol-insolvency-ris","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dd19dae851ce4cb7a56839a92e1600dd2b39ad2b","title":"58280 sc critical repayment s fee is charged from other users causing the contract to fail when the myt total balance of a user cannot cover the fee","pathname":"/alchemix-v3/58280-sc-critical-repayment-s-fee-is-charged-from-other-users-causing-the-contract-to-fail-when-the","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7cc1363e7ee4ac3fff3e21fccf536ab165fe9395","title":"57346 sc low alchemistallocator compares incompatible units asset wei vs wad percentage ","pathname":"/alchemix-v3/57346-sc-low-alchemistallocator-compares-incompatible-units-asset-wei-vs-wad-percentage","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"46af74e3e90a448fd07c61d449124435966a33bf","title":"58081 sc medium missing check in function alchemistv3 setminimumcollateralization could lead to set minimumcollateralization globalminimumcollateralization ","pathname":"/alchemix-v3/58081-sc-medium-missing-check-in-function-alchemistv3-setminimumcollateralization-could-lead-to-set","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"570f66c7cea23e8efa74b214830d81ad85966a5d","title":"58336 sc medium additive update to survival accumulator causing overflow ","pathname":"/alchemix-v3/58336-sc-medium-additive-update-to-survival-accumulator-causing-overflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"39bd3e973f708f3411cce2e42e64e4488fc1edd2","title":"58181 sc medium a griefer can cause a permanent dos in tokeautoeth tokeautousdcstrategy allocate ","pathname":"/alchemix-v3/58181-sc-medium-a-griefer-can-cause-a-permanent-dos-in-tokeautoeth-tokeautousdcstrategy-allocate","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"24dad236a317989e36cd4a6d2f7384246f32f73f","title":"58399 sc critical precision loss in baddebtratio calculation causes overpayment and dos","pathname":"/alchemix-v3/58399-sc-critical-precision-loss-in-baddebtratio-calculation-causes-overpayment-and-dos","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7a8dfdecad6e5030fc110bb6dd8efe3077dee3e7","title":"58326 sc insight the value of the burned peapods share token may exceed expectations","pathname":"/alchemix-v3/58326-sc-insight-the-value-of-the-burned-peapods-share-token-may-exceed-expectations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"092f57fc73b7c0958c99f66f00f8176fcdf1d9ed","title":"58639 sc medium off by one issue in the forcerepay function causes protocol to lose funds in the form of protocol fee ","pathname":"/alchemix-v3/58639-sc-medium-off-by-one-issue-in-the-forcerepay-function-causes-protocol-to-lose-funds-in-the-for","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9338e00ec3661e77223be3592ce5cae0d683b376","title":"58035 sc high killswitch early return in strategy causes vault to adapter asset leakage mis accounting and deallocation dos","pathname":"/alchemix-v3/58035-sc-high-killswitch-early-return-in-strategy-causes-vault-to-adapter-asset-leakage-mis-accounti","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9fd6cdfc4e97ac420a1ebc3663f50554ce98bc5e","title":"56442 sc high inflated totallocked because vault yield accrual would skew collateralweight calculation","pathname":"/alchemix-v3/56442-sc-high-inflated-totallocked-because-vault-yield-accrual-would-skew-collateralweight-calculati","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dcfb630909a9dcd260f3d1ca18dba7e21752ffcc","title":"57510 sc high stale locked collateral tracking during price appreciation causes disproportionate redemption losses","pathname":"/alchemix-v3/57510-sc-high-stale-locked-collateral-tracking-during-price-appreciation-causes-disproportionate-red","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c86c7066dd198a014c62def36f5f08d5d12905ac","title":"57745 sc high syn fails to update the rawlocked valuation leading to a loss of fund for users with rawlock 0 when total lock become 0 ","pathname":"/alchemix-v3/57745-sc-high-syn-fails-to-update-the-rawlocked-valuation-leading-to-a-loss-of-fund-for-users-with-r","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8117ce239ba0ef0ec1929ac6640fa5d8c0f96238","title":"56582 sc low alchemistcurator removestrategy is unable to remove strategies from vaults due to wrong logic implementation ","pathname":"/alchemix-v3/56582-sc-low-alchemistcurator-removestrategy-is-unable-to-remove-strategies-from-vaults-due-to-wrong","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4060b70f201e40c6f8d763349c090158de22f3d5","title":"58506 sc low adjusted cap limits are never enforced","pathname":"/alchemix-v3/58506-sc-low-adjusted-cap-limits-are-never-enforced","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4ecb5f968b722ff4fcd58a4603ddb9d1721c4a68","title":"56545 sc high force repayment leaves stale global earmarks freezing transmuter redemptions","pathname":"/alchemix-v3/56545-sc-high-force-repayment-leaves-stale-global-earmarks-freezing-transmuter-redemptions","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c9e7df84cdec28090bad695ef18173ed0d65e690","title":"57852 sc critical old borrowers steal from new borrowers after redemptions are claimed","pathname":"/alchemix-v3/57852-sc-critical-old-borrowers-steal-from-new-borrowers-after-redemptions-are-claimed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d74d6a96e3fa510a3a2a7d6bfc01765fe5c826b3","title":"57883 sc high mytsharesdeposited updates in liquidation functions leads to critical tvl inflation","pathname":"/alchemix-v3/57883-sc-high-mytsharesdeposited-updates-in-liquidation-functions-leads-to-critical-tvl-inflation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3cd84e88ced4f2484b3fe4395245d8c76cb86ae7","title":"57172 sc high missing mytsharesdeposited decrements in liquidation flows causes accounting divergence","pathname":"/alchemix-v3/57172-sc-high-missing-mytsharesdeposited-decrements-in-liquidation-flows-causes-accounting-divergenc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3591492259e71f4f4e5916b6253dbf6c69e84d9c","title":"58168 sc medium safe position liquidation vulnerability in alchemistv3 when minimumcollateralization equals collateralizationlowerbound","pathname":"/alchemix-v3/58168-sc-medium-safe-position-liquidation-vulnerability-in-alchemistv3-when-minimumcollateralization","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4a5ed0e87a6b730de6c6adb3d252e840a65a3fc1","title":"58149 sc low morphoyearnogweth incorrectly reports loss and triggers strategydeallocationloss event","pathname":"/alchemix-v3/58149-sc-low-morphoyearnogweth-incorrectly-reports-loss-and-triggers-strategydeallocationloss-event","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"c3565478002df5ba63dd42995e52c0b93f3592e8","title":"58772 sc critical resolverepaymentfee overpays liquidators when collateral is gone letting attackers drain myt","pathname":"/alchemix-v3/58772-sc-critical-resolverepaymentfee-overpays-liquidators-when-collateral-is-gone-letting-attackers","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"15e839b614c70d22a8ff0dac79b887be00c6a5cd","title":"58799 sc high forcerepay does not reduce cumulativeearmarked which leads to wrong accounting users debts are incorrectly higher which can cause wrongful liquidations","pathname":"/alchemix-v3/58799-sc-high-forcerepay-does-not-reduce-cumulativeearmarked-which-leads-to-wrong-accounting-users-d","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"791aab7692afae644b76feee3190774e2370c396","title":"58794 sc high hardcoded 0 amount as the minsharesout to depositmax function call does not provide slippage protection","pathname":"/alchemix-v3/58794-sc-high-hardcoded-0-amount-as-the-minsharesout-to-depositmax-function-call-does-not-provide-sl","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"7d6ce6cae575a445a1a95668ade188dff6901780","title":"57441 sc critical repay only fee drain in alchemistv3","pathname":"/alchemix-v3/57441-sc-critical-repay-only-fee-drain-in-alchemistv3","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"6b61872024683eed35a61a501e815f1e1b485800","title":"58301 sc critical accounting issue in liquidation logic after force repay we charge repayment fee even if collateral balanc cannot account for it","pathname":"/alchemix-v3/58301-sc-critical-accounting-issue-in-liquidation-logic-after-force-repay-we-charge-repayment-fee-ev","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"456631982c8708aa5bfa2b581aa9b8bf63b88787","title":"58192 sc high tokeautoeth strategy tokens locked when autopool router enforces maxdeposit cap","pathname":"/alchemix-v3/58192-sc-high-tokeautoeth-strategy-tokens-locked-when-autopool-router-enforces-maxdeposit-cap","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e9a7f4e81fe041093c5a3de3e64ba2b069cb942b","title":"57522 sc insight usecurrent flag ignored in preview functions in moonwell strategies","pathname":"/alchemix-v3/57522-sc-insight-usecurrent-flag-ignored-in-preview-functions-in-moonwell-strategies","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9e50a0049dfe04b53dbaa0b6c291504873eccc30","title":"58393 sc low wrong order in balance querying instructions in morphoyearnogwethstrategy deallocate function leads to always emit strategydeallocationloss event ","pathname":"/alchemix-v3/58393-sc-low-wrong-order-in-balance-querying-instructions-in-morphoyearnogwethstrategy-deallocate-fu","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"329f4dcb6cba11c1057ebf023002df47c3b3a1b6","title":"58363 sc high accounting corruption in liquidations due to missing global counter update","pathname":"/alchemix-v3/58363-sc-high-accounting-corruption-in-liquidations-due-to-missing-global-counter-update","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"348cad116c5d9db285f3fb0286fab48f8018312a","title":"57617 sc critical protocol paid repayment fee transfer allows draining of protocol myt yield ","pathname":"/alchemix-v3/57617-sc-critical-protocol-paid-repayment-fee-transfer-allows-draining-of-protocol-myt-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"72c27b7f904767c7da6d162385843d9e66cf5a9c","title":"56727 sc high underlying increase in forced repayments leads to insolvency","pathname":"/alchemix-v3/56727-sc-high-underlying-increase-in-forced-repayments-leads-to-insolvency","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e17d3fbebc79e3a0c14b93b02de1e9baf1169bf3","title":"58513 sc low broken access control in alchemistcurator acceptadminownership prevents admin transfer","pathname":"/alchemix-v3/58513-sc-low-broken-access-control-in-alchemistcurator-acceptadminownership-prevents-admin-transfer","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"d47b201d059b3a37b9597ffd5e7ba7cb0a4c436c","title":"57041 sc high deallocation accounting mismatch between vault and adapter","pathname":"/alchemix-v3/57041-sc-high-deallocation-accounting-mismatch-between-vault-and-adapter","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dc04bdbd18dd1225eded9d28c7763b5bd9fd46e7","title":"58346 sc high forcerepay fails to decrement cumulativeearmarked breaking earmark invariant and skewing redemptions","pathname":"/alchemix-v3/58346-sc-high-forcerepay-fails-to-decrement-cumulativeearmarked-breaking-earmark-invariant-and-skewi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"9607dcd9ee8426b0e9f98dd531649000d7d4bfed","title":"57646 sc medium abi signature mismatch in zeroxswapverifier causes complete failure to verify legitimate 0x settler transactions","pathname":"/alchemix-v3/57646-sc-medium-abi-signature-mismatch-in-zeroxswapverifier-causes-complete-failure-to-verify-legiti","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3c9ef9cd90a358e25185d7bae5ecdedc6ac4b233","title":"57526 sc medium stargateethpoolstrategy rounding mismatch freezes vaultv2 allocations","pathname":"/alchemix-v3/57526-sc-medium-stargateethpoolstrategy-rounding-mismatch-freezes-vaultv2-allocations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"b5f08e6c512a10b6138d79da1effe84f59c189f3","title":"58127 sc critical users can invoke the poke function whenever the lastearmarkdebtblock is exactly one block behind the current block number which lead to affecting users earmarked debt","pathname":"/alchemix-v3/58127-sc-critical-users-can-invoke-the-poke-function-whenever-the-lastearmarkdebtblock-is-exactly-on","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1b7cc4cca7469d7c36b1d70b6ce82af0a954b24a","title":"57533 sc high inaccurate tvl calculation prevents liquidations leading to protocol insolvency risk","pathname":"/alchemix-v3/57533-sc-high-inaccurate-tvl-calculation-prevents-liquidations-leading-to-protocol-insolvency-risk","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"e7d652cf316ffedcf48ff28bb5a78b45c0d7c786","title":"58530 sc high protocol insolvency via stale totallocked zeroed totallocked prevents collateralweight update in redeem leading to missed collateral haircut","pathname":"/alchemix-v3/58530-sc-high-protocol-insolvency-via-stale-totallocked-zeroed-totallocked-prevents-collateralweight","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"3449a50557a7eefdf216ee61da92566eb7045db5","title":"58606 sc high missing collateral accounting in liquidation leads to inflated bad debt calculations","pathname":"/alchemix-v3/58606-sc-high-missing-collateral-accounting-in-liquidation-leads-to-inflated-bad-debt-calculations","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"772788fe1bfbca8c0d569fc3794cce2befe3cfbe","title":"57545 sc medium stargate eth strategy rounding bug","pathname":"/alchemix-v3/57545-sc-medium-stargate-eth-strategy-rounding-bug","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"fa7198cb3a5dfc7458c951546d07460e53834622","title":"56402 sc high killswitch leaves vault assets stranded and blocks withdrawals","pathname":"/alchemix-v3/56402-sc-high-killswitch-leaves-vault-assets-stranded-and-blocks-withdrawals","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"5645cd4881abb4e815bc0b72a32262c8ea259a63","title":"58196 sc high aavev3arbusdcstrategy strategy will have its reward stuck in aave usdc","pathname":"/alchemix-v3/58196-sc-high-aavev3arbusdcstrategy-strategy-will-have-its-reward-stuck-in-aave-usdc","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"dbdc8288c7e69758d9cd1b3f1a351f1a1818dbb0","title":"57559 sc high missing mytsharesdeposited decrement in liquidation paths enables theft of unclaimed yield and protocol insolvency","pathname":"/alchemix-v3/57559-sc-high-missing-mytsharesdeposited-decrement-in-liquidation-paths-enables-theft-of-unclaimed-y","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"8daed01431813144537a9b86ae578adaed8fecf5","title":"58234 sc critical there is a problem related ot repayment fee overpayment can lead to protocol insolvency","pathname":"/alchemix-v3/58234-sc-critical-there-is-a-problem-related-ot-repayment-fee-overpayment-can-lead-to-protocol-insol","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"360a885ff96793b4d6073fbcf4c006d086d6941c","title":"58070 sc high forced repay accounting lets borrowers erase debt without paying equivalent assets protocol deficit insolvency ","pathname":"/alchemix-v3/58070-sc-high-forced-repay-accounting-lets-borrowers-erase-debt-without-paying-equivalent-assets-pro","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4a2976f749640ea8b280e68240b3e8ba78df47f5","title":"56702 sc critical claimredemption would not return all alasset that is not get converted to myt in some case","pathname":"/alchemix-v3/56702-sc-critical-claimredemption-would-not-return-all-alasset-that-is-not-get-converted-to-myt-in-s","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"4a9f1d6ba3a6a32abd81f5144e1573106df73f9b","title":"58425 sc high missing slippage protection when depositing to tokeauto strategies","pathname":"/alchemix-v3/58425-sc-high-missing-slippage-protection-when-depositing-to-tokeauto-strategies","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"177ae9f56a934c036064d7c79374d5c821b3f512","title":"57553 sc high mytsharesdeposited is not updated in liquidations which breaks bad debt ratio alchemistcr calculations and causes failures in bad debt handling and liquidation handling ","pathname":"/alchemix-v3/57553-sc-high-mytsharesdeposited-is-not-updated-in-liquidations-which-breaks-bad-debt-ratio-alchemis","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"1c400728e769553b30da219cd5a9de92f6b41bc9","title":"58416 sc low unclaimed extra rewards in tokemak integration lead to permanent freezing of yield","pathname":"/alchemix-v3/58416-sc-low-unclaimed-extra-rewards-in-tokemak-integration-lead-to-permanent-freezing-of-yield","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Alchemix V3"}]},{"id":"16626a83026a2c850b27ba51bae42d595a7c8b86","title":"Folks Finance: Staking Contracts","pathname":"/folks-finance-staking-contracts","siteSpaceId":"sitesp_stpzW"},{"id":"a2a7aa7bf99add465fa0335d1fd35dc5f536a4c8","title":"69376 sc low incorrect guard in setmigrationpermit prevents revocation after role removal breaking documented user control","pathname":"/folks-finance-staking-contracts/69376-sc-low-incorrect-guard-in-setmigrationpermit-prevents-revocation-after-role-removal-breaking-d","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"53a165a988d6b0ad450d633d8040dcb2a8d0b992","title":"69188 sc low setmigrationpermit revoke blocked after migrator role revocation","pathname":"/folks-finance-staking-contracts/69188-sc-low-setmigrationpermit-revoke-blocked-after-migrator-role-revocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"0df08dd8e8eb11f9b93455ef2c406d578d871b2d","title":"68970 sc insight insufficient event emission in migratepositionsfrom leads to loss of migration accounting visibility","pathname":"/folks-finance-staking-contracts/68970-sc-insight-insufficient-event-emission-in-migratepositionsfrom-leads-to-loss-of-migration-acco","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"124ffa97ba13d26949e47bc42b68ec8cc9f5b400","title":"69605 sc low users cannot revoke migration authorization after role revocation contrary to documented behavior","pathname":"/folks-finance-staking-contracts/69605-sc-low-users-cannot-revoke-migration-authorization-after-role-revocation-contrary-to-documente","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"96d10d532dcc36c4cd51be50f0a2400b497e735a","title":"69908 sc low stale migration approvals cannot be revoked after role revocation and automatically reactivate on role re grant","pathname":"/folks-finance-staking-contracts/69908-sc-low-stale-migration-approvals-cannot-be-revoked-after-role-revocation-and-automatically-rea","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"879a49e89c7b35258c2996e5a11e74598d5669f1","title":"69836 sc low setmigrationpermit blocks users from revoking permits after role removal stale permits auto reactivate on re grant and drain user funds","pathname":"/folks-finance-staking-contracts/69836-sc-low-setmigrationpermit-blocks-users-from-revoking-permits-after-role-removal-stale-permits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"f590011ebe570f706814cae6a9c9ca540aa2d4ca","title":"69794 sc low user cannot revoke migration approval if migrator loses migrator role","pathname":"/folks-finance-staking-contracts/69794-sc-low-user-cannot-revoke-migration-approval-if-migrator-loses-migrator-role","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"e9634a07477da243c93014cc3e711d1944c1b1f4","title":"69966 sc low cannot revoke migration permit after role revocation stale permits re activate on re grant ","pathname":"/folks-finance-staking-contracts/69966-sc-low-cannot-revoke-migration-permit-after-role-revocation-stale-permits-re-activate-on-re-gr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"06ff0c9766f689101ae95922baed9a3037949e5f","title":"69540 sc insight missing return value on withdraw and missing view function for withdrawable amount","pathname":"/folks-finance-staking-contracts/69540-sc-insight-missing-return-value-on-withdraw-and-missing-view-function-for-withdrawable-amount","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"22995086364216c79919907c5b11f38575bd3095","title":"69097 sc low broken migration permit revocation allows a re authorized migrator to transfer user principal and rewards without fresh consent","pathname":"/folks-finance-staking-contracts/69097-sc-low-broken-migration-permit-revocation-allows-a-re-authorized-migrator-to-transfer-user-pri","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"0b9ae22eb8dd6f7d9e273fe8b704505e273e5118","title":"69410 sc low migration permit cannot be revoked after migrator role removal","pathname":"/folks-finance-staking-contracts/69410-sc-low-migration-permit-cannot-be-revoked-after-migrator-role-removal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"539b089cbea02d69c541021b979be884a4c7bb00","title":"68906 sc insight missing reentrancy guard on function recovererc20 ","pathname":"/folks-finance-staking-contracts/68906-sc-insight-missing-reentrancy-guard-on-function-recovererc20","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"89662d7712923b28c57af0e10b8a4f84ef8dbf27","title":"69587 sc insight recovered event missing recipient makes fund attribution impossible with multiple managers","pathname":"/folks-finance-staking-contracts/69587-sc-insight-recovered-event-missing-recipient-makes-fund-attribution-impossible-with-multiple-m","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"242df9a5973e8bfbabb8aeada5a95f8fd8c6e339","title":"69650 sc low setmigrationpermit blocks revocation after role revoke enabling stale consent reuse","pathname":"/folks-finance-staking-contracts/69650-sc-low-setmigrationpermit-blocks-revocation-after-role-revoke-enabling-stale-consent-reuse","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"ec0097c860cab1b9f2216593fd19d1756fedaadc","title":"68880 sc insight missing reward parameter in staked event breaks off chain accounting","pathname":"/folks-finance-staking-contracts/68880-sc-insight-missing-reward-parameter-in-staked-event-breaks-off-chain-accounting","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"855a4305638a4414986384b9c1dc0a8d03d001a4","title":"69964 sc low users cannot revoke migration permission after migrator role revocation","pathname":"/folks-finance-staking-contracts/69964-sc-low-users-cannot-revoke-migration-permission-after-migrator-role-revocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"28ff466b5fd498ad59f0e6c570ea94139feb3c87","title":"69814 sc low stale migration permits cannot be revoked after migrator role removal","pathname":"/folks-finance-staking-contracts/69814-sc-low-stale-migration-permits-cannot-be-revoked-after-migrator-role-removal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"772ac532978aec3531f5a10b75fb1382b120490d","title":"69423 sc low audit multiple authorization and migration bugs in folks staking lead to direct theft fund freezing and operational failure","pathname":"/folks-finance-staking-contracts/69423-sc-low-audit-multiple-authorization-and-migration-bugs-in-folks-staking-lead-to-direct-theft-f","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"3979c3d9323a64f9bb9f6b3c7a8ad4897019484b","title":"69275 sc low protocol s explicit revoke at any time promise broken users cannot revoke migration consent during incident window","pathname":"/folks-finance-staking-contracts/69275-sc-low-protocol-s-explicit-revoke-at-any-time-promise-broken-users-cannot-revoke-migration-con","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"f9a30ec71b79f4c8804480efa470d6544c7bc39c","title":"68983 sc insight staketime field in userstake struct is stored but never used on chain wasting storage on every stake","pathname":"/folks-finance-staking-contracts/68983-sc-insight-staketime-field-in-userstake-struct-is-stored-but-never-used-on-chain-wasting-stora","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"69e02663c299a607ccd3020ecb777b2a185b49d3","title":"68872 sc insight copy paste typo in error parameter names","pathname":"/folks-finance-staking-contracts/68872-sc-insight-copy-paste-typo-in-error-parameter-names","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"e235e00f5cbed5eaad32a9082b2880a2a2ee37f7","title":"68955 sc low unconditional hasrole check in setmigrationpermit authorization entrapment","pathname":"/folks-finance-staking-contracts/68955-sc-low-unconditional-hasrole-check-in-setmigrationpermit-authorization-entrapment","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"cb35bcb90aab010315d1e9f6020c1eff85467779","title":"69463 sc low stale migration permits can be reactivated by re granting migrator role to a previously approved migrator","pathname":"/folks-finance-staking-contracts/69463-sc-low-stale-migration-permits-can-be-reactivated-by-re-granting-migrator-role-to-a-previously","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"aa270890fa3efeea8ec99f96936e4b784f71a119","title":"69738 sc low setmigrationpermit prevents users from revoking stale permits after migrator role is revoked","pathname":"/folks-finance-staking-contracts/69738-sc-low-setmigrationpermit-prevents-users-from-revoking-stale-permits-after-migrator-role-is-re","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"803af5796e68155ad8bd036d9ee0c844349b43c2","title":"69890 sc low users won t be able to revoke migration permits from revoked migrators","pathname":"/folks-finance-staking-contracts/69890-sc-low-users-won-t-be-able-to-revoke-migration-permits-from-revoked-migrators","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"2c2e8811f1d73f83d35daaa416483ea959c9a8da","title":"69245 sc insight no view function to compute current claimable amounts","pathname":"/folks-finance-staking-contracts/69245-sc-insight-no-view-function-to-compute-current-claimable-amounts","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"30fa4f74a9b7ee317226cfe40b031e226e2770c0","title":"69769 sc low setmigrationpermit prevents users from revoking migration consent after migrator role is revoked","pathname":"/folks-finance-staking-contracts/69769-sc-low-setmigrationpermit-prevents-users-from-revoking-migration-consent-after-migrator-role-i","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"e6aeb45bb888a5c7c6316a9aff84b09003aa710f","title":"69956 sc low users cannot revoke migration permits after migrator role is revoked stale permits enable unconsented future migrations","pathname":"/folks-finance-staking-contracts/69956-sc-low-users-cannot-revoke-migration-permits-after-migrator-role-is-revoked-stale-permits-enab","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"0827c9747dd2f144e07a0b522db65bc51e9feef9","title":"69860 sc low users are permanently prevented from revoking migration permits if the migrator s role is temporarily or permanently revoked","pathname":"/folks-finance-staking-contracts/69860-sc-low-users-are-permanently-prevented-from-revoking-migration-permits-if-the-migrator-s-role","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"1491f3cfa9457936276553ab24fcacb6092e4e42","title":"69031 sc low user cannot revoke permission from migrator if it does not have migrator role ","pathname":"/folks-finance-staking-contracts/69031-sc-low-user-cannot-revoke-permission-from-migrator-if-it-does-not-have-migrator-role","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"593e5047ba127916e334dbf72f1dc2cd20b0920e","title":"69263 sc low stale migration permit reactivation in folks finance staking contract","pathname":"/folks-finance-staking-contracts/69263-sc-low-stale-migration-permit-reactivation-in-folks-finance-staking-contract","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"c9d1e21922ec23a0be023e9902bd2e03fe282109","title":"69345 sc low migration permits cannot be revoked after migrator role is revoked despite readme claiming revocation is possible at any time ","pathname":"/folks-finance-staking-contracts/69345-sc-low-migration-permits-cannot-be-revoked-after-migrator-role-is-revoked-despite-readme-claim","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"96ed52f4b9491861b697e6dba27fd37555a4f00f","title":"69100 sc low permit irrevocability after migrator role revocation","pathname":"/folks-finance-staking-contracts/69100-sc-low-permit-irrevocability-after-migrator-role-revocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"1ee9ae0da03ab7876451cfc4af877f42a927a79c","title":"68995 sc insight event parameter typo referer in staked event vs referrer in stakeparams struct","pathname":"/folks-finance-staking-contracts/68995-sc-insight-event-parameter-typo-referer-in-staked-event-vs-referrer-in-stakeparams-struct","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"e29d69102795e568a4e6ec115eb1f12b816bf702","title":"69962 sc low users cannot revoke migration permission during migrator role rotation window","pathname":"/folks-finance-staking-contracts/69962-sc-low-users-cannot-revoke-migration-permission-during-migrator-role-rotation-window","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"6413016ed93ae8f4f74552f6ea0594f2079664f4","title":"69870 sc insight events emitted after external calls in recovererc20 and migratepositionsfrom violate cei pattern","pathname":"/folks-finance-staking-contracts/69870-sc-insight-events-emitted-after-external-calls-in-recovererc20-and-migratepositionsfrom-violat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"90dd9485e591519a3d436fc59db76805007a1d25","title":"69136 sc low missing revocation condition in setmigrationpermit prevents users from revoking stale migration permissions violating documented protocol guarantee","pathname":"/folks-finance-staking-contracts/69136-sc-low-missing-revocation-condition-in-setmigrationpermit-prevents-users-from-revoking-stale-m","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"f82c8fc455da82755f40a14a6b29e0f725d380c8","title":"69476 sc low users cannot revoke stale migration approvals after a migrator is offboarded so old permits can silently reactivate","pathname":"/folks-finance-staking-contracts/69476-sc-low-users-cannot-revoke-stale-migration-approvals-after-a-migrator-is-offboarded-so-old-per","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"76b073a95e6406db0a70e81c35e6986f38f1e11b","title":"69756 sc low staking setmigrationpermit unnecessary hasrole check on revocation blocks users from managing own permits","pathname":"/folks-finance-staking-contracts/69756-sc-low-staking-setmigrationpermit-unnecessary-hasrole-check-on-revocation-blocks-users-from-ma","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"6b6d5e1fb3ba63c3b1ed5bf0217c2dfa37266b15","title":"68870 sc insight reward calculation intermediate multiplication overflow","pathname":"/folks-finance-staking-contracts/68870-sc-insight-reward-calculation-intermediate-multiplication-overflow","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"5d28da5fd63eb95efc5a1abe8ace37b334be24cd","title":"69898 sc low stale migration approvals allow a re authorized migrator to move user positions without renewed consent","pathname":"/folks-finance-staking-contracts/69898-sc-low-stale-migration-approvals-allow-a-re-authorized-migrator-to-move-user-positions-without","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"ecbbd7d3d97839eb2055c591be1066ec7d230142","title":"69396 sc low users unable to remove migration permission from migrator who had role revoked","pathname":"/folks-finance-staking-contracts/69396-sc-low-users-unable-to-remove-migration-permission-from-migrator-who-had-role-revoked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"c44ce230e184379b9a31b2f90b0f8a695ac0c7df","title":"69141 sc low setmigrationpermit revocation silently blocked for de listed migrators contradicting documented guarantee","pathname":"/folks-finance-staking-contracts/69141-sc-low-setmigrationpermit-revocation-silently-blocked-for-de-listed-migrators-contradicting-do","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"fc9be18054bad787c9872084814af8b2cff0a9bd","title":"69420 sc insight avoid the use of floating pragma to ensure same compiler version used for testing is also used for deployment","pathname":"/folks-finance-staking-contracts/69420-sc-insight-avoid-the-use-of-floating-pragma-to-ensure-same-compiler-version-used-for-testing-i","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"2cdd9d1360b9ca8682aaacc12a3b757ff94eaddc","title":"68849 sc insight elapsed computed twice in withdraw code optimization ","pathname":"/folks-finance-staking-contracts/68849-sc-insight-elapsed-computed-twice-in-withdraw-code-optimization","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"43d87d073dede6e283dc2fb3e74f3260e25b4bbd","title":"69390 sc low users cannot revoke migration permit at any time breaking documented guarantee","pathname":"/folks-finance-staking-contracts/69390-sc-low-users-cannot-revoke-migration-permit-at-any-time-breaking-documented-guarantee","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"8d40b646b52640158b776040050b0622af349107","title":"69505 sc low user cannot revoke migration permit after migrator role is revoked","pathname":"/folks-finance-staking-contracts/69505-sc-low-user-cannot-revoke-migration-permit-after-migrator-role-is-revoked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"89b0a882a1357eaed5e867a5b67f9ecf6a9e587c","title":"68903 sc low users cannot revoke a migration permit after the migrator loses migrator role allowing stale approval to reactivate if the same address is re granted the role","pathname":"/folks-finance-staking-contracts/68903-sc-low-users-cannot-revoke-a-migration-permit-after-the-migrator-loses-migrator-role-allowing","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"41233637ddf5b2c4cd6c1a8e8d7873f8c01bfa03","title":"69008 sc low denial of service on migration permit revocation","pathname":"/folks-finance-staking-contracts/69008-sc-low-denial-of-service-on-migration-permit-revocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"e15790f767bbbe7e9aed7e37f77f13e9a63cb48c","title":"69929 sc low inability to revoke migrationpermits for revoked migrators leads to permanent state persistence of user approvals","pathname":"/folks-finance-staking-contracts/69929-sc-low-inability-to-revoke-migrationpermits-for-revoked-migrators-leads-to-permanent-state-per","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"77639f38fd53b14e10b5132ffe1adbad10572ccb","title":"69747 sc low broken migration permit revocation allows stale user consent to reactivate after migrator role is re granted","pathname":"/folks-finance-staking-contracts/69747-sc-low-broken-migration-permit-revocation-allows-stale-user-consent-to-reactivate-after-migrat","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"7a400ef3b7e4496b3d684b4c2b8f1b4f0bc67bbc","title":"69570 sc low users cannot revoke migration approvals for removed migrators contrary to what the docs says","pathname":"/folks-finance-staking-contracts/69570-sc-low-users-cannot-revoke-migration-approvals-for-removed-migrators-contrary-to-what-the-docs","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"62887c5de895c7cb6bc6aba9a4ccd102b8e119e9","title":"69527 sc low users cannot revoke migration authorization after migrator role removal","pathname":"/folks-finance-staking-contracts/69527-sc-low-users-cannot-revoke-migration-authorization-after-migrator-role-removal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"9053e53c831573863713d25282c52455e6e68f3b","title":"69493 sc low users cannot revoke permit for a role revoked migrator leading to residual permit risk if such migrator s role is ever reinstated","pathname":"/folks-finance-staking-contracts/69493-sc-low-users-cannot-revoke-permit-for-a-role-revoked-migrator-leading-to-residual-permit-risk","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"2f3d40b9e72e25c2d61e752fd1524945ff6b8de2","title":"69524 sc low role validation on revocation can lock migration permits","pathname":"/folks-finance-staking-contracts/69524-sc-low-role-validation-on-revocation-can-lock-migration-permits","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"6b89fecb83354a102fe00b07278e31d8e3175587","title":"69673 sc low users cannot revoke a migration permit after role removal","pathname":"/folks-finance-staking-contracts/69673-sc-low-users-cannot-revoke-a-migration-permit-after-role-removal","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"8e28ed01ce1effbeb29608078d51a0c6e3ef6d11","title":"69936 sc low users cannot revoke migration permits once the migrator s role has been revoked","pathname":"/folks-finance-staking-contracts/69936-sc-low-users-cannot-revoke-migration-permits-once-the-migrator-s-role-has-been-revoked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"62d6ef5f24c33411dedba940bd45b70ddbab0434","title":"69663 sc low users cannot revoke previously granted migration permit after migrator role is revoked","pathname":"/folks-finance-staking-contracts/69663-sc-low-users-cannot-revoke-previously-granted-migration-permit-after-migrator-role-is-revoked","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"c013b5616811e4793109aa4126f9f4ec667c1fc8","title":"69382 sc low irrevocable migration permit users cannot revoke permit after migrator role revocation","pathname":"/folks-finance-staking-contracts/69382-sc-low-irrevocable-migration-permit-users-cannot-revoke-permit-after-migrator-role-revocation","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"5ce16a26a806af8f2246bf10137aadb2ab9ceb85","title":"69146 sc low readme states migration permission can be revoked at any time but revocation becomes impossible after migrator role is removed","pathname":"/folks-finance-staking-contracts/69146-sc-low-readme-states-migration-permission-can-be-revoked-at-any-time-but-revocation-becomes-im","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"211edee9aeee459865e9290d8c48f4d8d82ddc48","title":"68879 sc insight essential function declarations missing from istakingv1 ","pathname":"/folks-finance-staking-contracts/68879-sc-insight-essential-function-declarations-missing-from-istakingv1","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"ef8e580637b25cd92c9726de3d19e3b2ef3f97fa","title":"69678 sc low lack of conditional role check in setmigrationpermit prevents users from revoking permits leading to unauthorized migration and theft of unclaimed yield","pathname":"/folks-finance-staking-contracts/69678-sc-low-lack-of-conditional-role-check-in-setmigrationpermit-prevents-users-from-revoking-permi","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"5d46da70fd113741b34f611e4e6b85b792520be3","title":"69926 sc low users cannot revoke migration permits after migrator role is removed enabling fund migration without re consent","pathname":"/folks-finance-staking-contracts/69926-sc-low-users-cannot-revoke-migration-permits-after-migrator-role-is-removed-enabling-fund-migr","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"af30b7670b72f9d940f5c9597e1b3820b827acd5","title":"69777 sc low setmigrationpermit does not deliver on specified functionalities ","pathname":"/folks-finance-staking-contracts/69777-sc-low-setmigrationpermit-does-not-deliver-on-specified-functionalities","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"4661f2a0576602f33f6e7e0d3f67fdbff905396a","title":"68994 sc low users cannot revoke migration permits after migrator role is removed","pathname":"/folks-finance-staking-contracts/68994-sc-low-users-cannot-revoke-migration-permits-after-migrator-role-is-removed","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"73c6854bd6a728ccd02b9da191b6e4a050384730","title":"69218 sc low access control defect in setmigrationpermit leads to irrevocable stale migration permits","pathname":"/folks-finance-staking-contracts/69218-sc-low-access-control-defect-in-setmigrationpermit-leads-to-irrevocable-stale-migration-permit","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"76116c051b333b08d3f759579f2b84ccff5f1970","title":"69278 sc low migration permission can not be removed from the migrator if its migrator role is revoked in advance","pathname":"/folks-finance-staking-contracts/69278-sc-low-migration-permission-can-not-be-removed-from-the-migrator-if-its-migrator-role-is-revok","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"3d3b31587c1d65956f8a63104e168fb49ffeb4d9","title":"69717 sc low users are unable to revoke migration permits for deprecated or demoted migrators","pathname":"/folks-finance-staking-contracts/69717-sc-low-users-are-unable-to-revoke-migration-permits-for-deprecated-or-demoted-migrators","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"bf3baefc6a77a1f9b4657cb3571569fd605d77d6","title":"69772 sc insight after a revert stakewithpermit might be prevented","pathname":"/folks-finance-staking-contracts/69772-sc-insight-after-a-revert-stakewithpermit-might-be-prevented","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]},{"id":"5945f3aa3dcf8fded9e1b01614f0cc6e09ce535f","title":"69330 sc low revoked migrators leave non revocable stale permits that reactivate on role re grant","pathname":"/folks-finance-staking-contracts/69330-sc-low-revoked-migrators-leave-non-revocable-stale-permits-that-reactivate-on-role-re-grant","siteSpaceId":"sitesp_stpzW","breadcrumbs":[{"label":"Folks Finance: Staking Contracts"}]}]}