Skip to content

Issues: code-423n4/2024-03-ondo-finance-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

75 Open 271 Closed
75 Open 271 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Upgraded Q -> 2 from #279 [1712732625766] downgraded by judge Judge downgraded the risk level of this issue grade-c QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax withdrawn by judge Special case: this finding was auto-generated by a judge and is now withdrawn; it can be ignored
#343 opened Apr 10, 2024 by c4-judge
3
QA Report bug Something isn't working grade-b Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#333 opened Apr 3, 2024 by c4-bot-6
2
Missing Checks during Rates/Emission Setting bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-181 grade-b Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_118_group AI based duplicate group recommendation
#332 opened Apr 3, 2024 by c4-bot-5
3
QA Report bug Something isn't working grade-b insufficient quality report This report is not of sufficient quality Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#323 opened Apr 3, 2024 by c4-bot-4
3
QA Report bug Something isn't working grade-b Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#319 opened Apr 3, 2024 by c4-bot-7
7
No slippage protection in _mintRebasingOUSG bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-117 grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_05_group AI based duplicate group recommendation
#316 opened Apr 3, 2024 by c4-bot-10
7
Potential Reduction in Instant Minting and Redemption Limits due to Fee Incorporation bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-47 grade-b Q-08 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_20_group AI based duplicate group recommendation
#312 opened Apr 3, 2024 by c4-bot-7
3
Integration issue in ousgInstantManager with BUILD if minUSTokens is set by blackrock. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) edited-by-warden M-01 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#309 opened Apr 3, 2024 by c4-bot-10
24
QA Report bug Something isn't working edited-by-warden grade-b insufficient quality report This report is not of sufficient quality Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#307 opened Apr 3, 2024 by c4-bot-1
4
Inadequate Handling of BUIDL Redemption Limit in OUSG Instant Manager 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-02 primary issue Highest quality submission among a set of duplicates 🤖_124_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#306 opened Apr 3, 2024 by c4-bot-6
20
QA Report bug Something isn't working grade-b insufficient quality report This report is not of sufficient quality Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#301 opened Apr 3, 2024 by c4-bot-2
2
QA Report bug Something isn't working grade-a Q-11 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#294 opened Apr 3, 2024 by c4-bot-9
2
No slippage control in mint and mintRebasingOUSG function ! bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-117 grade-b Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_05_group AI based duplicate group recommendation
#290 opened Apr 3, 2024 by c4-bot-4
7
QA Report bug Something isn't working grade-a Q-12 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#287 opened Apr 3, 2024 by c4-bot-8
2
QA Report bug Something isn't working grade-b Q-13 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sufficient quality report This report is of sufficient quality
#285 opened Apr 3, 2024 by c4-bot-2
2
users will loose their deposited USDC when redeeming due to rounding issues bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-246 grade-b Q-14 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_85_group AI based duplicate group recommendation
#284 opened Apr 3, 2024 by c4-bot-7
4
QA Report bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) grade-a high quality report This report is of especially high quality Q-17 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons
#279 opened Apr 3, 2024 by c4-bot-5
8
OUSGInstantManager will allow Excessive OUSG Token Minting During USDC Depeg Event 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working disagree with severity Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments) H-01 primary issue Highest quality submission among a set of duplicates 🤖_59_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") upgraded by judge Original issue severity upgraded from QA/Gas by judge
#278 opened Apr 3, 2024 by c4-bot-3
11
Users are able to pay no fees for both minting and redeeming bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b insufficient quality report This report is not of sufficient quality primary issue Highest quality submission among a set of duplicates Q-16 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_163_group AI based duplicate group recommendation
#276 opened Apr 3, 2024 by c4-bot-2
8
OUSGInstantManager::mintRebasingOUSG() lacks slippage protection bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-117 edited-by-warden grade-b Q-18 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_05_group AI based duplicate group recommendation
#268 opened Apr 3, 2024 by c4-bot-9
7
OUSG Price slippage is not taken into account on mint/redeem bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-117 grade-b Q-21 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_05_group AI based duplicate group recommendation
#250 opened Apr 3, 2024 by c4-bot-1
10
Incorrect usage of decimals cause losses of dust value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden grade-b primary issue Highest quality submission among a set of duplicates Q-15 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_85_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#246 opened Apr 3, 2024 by c4-bot-9
9
The ousgInstantManager.sol could get DoSed if the price of the OUSG ever becomes lower than 105e18 bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-20 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_59_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#245 opened Apr 3, 2024 by c4-bot-6
10
Rounding down allows users to gain free OUSG by repeatedly wrapping and unwrapping bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b high quality report This report is of especially high quality primary issue Highest quality submission among a set of duplicates Q-22 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_29_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#238 opened Apr 3, 2024 by c4-bot-6
14
oracle should be working on " MINIMUM_OUSG_PRICE" bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-338 grade-b Q-25 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_04_group AI based duplicate group recommendation
#224 opened Apr 3, 2024 by c4-bot-4
3
ProTip! Add no:assignee to see everything that’s not assigned.