├── README.md ├── data ├── 0x11singh99-590.json ├── 0x11singh99-G.md ├── 0x3b-144.json ├── 0x3b-264.json ├── 0x3b-267.json ├── 0x3b-268.json ├── 0x3b-271.json ├── 0x3b-457.json ├── 0x3b-86.json ├── 0x3b-87.json ├── 0x3b-Analysis.md ├── 0x3b-G.md ├── 0x3b-Q.md ├── 0xAnah-695.json ├── 0xAnah-G.md ├── 0xAsen-299.json ├── 0xBeirao-507.json ├── 0xBeirao-520.json ├── 0xBeirao-Analysis.md ├── 0xCiphky-167.json ├── 0xCiphky-170.json ├── 0xCiphky-396.json ├── 0xCiphky-402.json ├── 0xCiphky-403.json ├── 0xCiphky-410.json ├── 0xCiphky-80.json ├── 0xCiphky-81.json ├── 0xCiphky-82.json ├── 0xCiphky-83.json ├── 0xCiphky-84.json ├── 0xCiphky-85.json ├── 0xComfyCat-150.json ├── 0xComfyCat-151.json ├── 0xComfyCat-155.json ├── 0xComfyCat-578.json ├── 0xComfyCat-619.json ├── 0xComfyCat-664.json ├── 0xComfyCat-Q.md ├── 0xDING99YA-531.json ├── 0xDING99YA-546.json ├── 0xDING99YA-567.json ├── 0xDING99YA-637.json ├── 0xDING99YA-660.json ├── 0xE1-328.json ├── 0xE1-364.json ├── 0xHelium-58.json ├── 0xKbl-551.json ├── 0xSimeon-722.json ├── 0xSimeon-Analysis.md ├── 0xSmartContract-654.json ├── 0xSmartContract-Analysis.md ├── 0xStalin-265.json ├── 0xStalin-266.json ├── 0xStalin-273.json ├── 0xStalin-275.json ├── 0xStalin-280.json ├── 0xStalin-285.json ├── 0xStalin-571.json ├── 0xStalin-729.json ├── 0xStalin-Q.md ├── 0xSwahili-222.json ├── 0xSwahili-276.json ├── 0xSwahili-278.json ├── 0xVolcano-587.json ├── 0xVolcano-G.md ├── 0xWaitress-31.json ├── 0xWaitress-32.json ├── 0xWaitress-Q.md ├── 0xbepresent-164.json ├── 0xbepresent-223.json ├── 0xbepresent-230.json ├── 0xbepresent-238.json ├── 0xbepresent-244.json ├── 0xbepresent-592.json ├── 0xbepresent-718.json ├── 0xbrett8571-333.json ├── 0xbrett8571-335.json ├── 0xbrett8571-338.json ├── 0xbrett8571-340.json ├── 0xbrett8571-341.json ├── 0xbrett8571-342.json ├── 0xbrett8571-343.json ├── 0xbrett8571-344.json ├── 0xbrett8571-345.json ├── 0xbrett8571-346.json ├── 0xbrett8571-348.json ├── 0xbrett8571-349.json ├── 0xbrett8571-350.json ├── 0xbrett8571-Q.md ├── 0xhegel-478.json ├── 0xhex-680.json ├── 0xhex-G.md ├── 0xkazim-524.json ├── 0xkazim-529.json ├── 0xkazim-611.json ├── 0xkazim-620.json ├── 0xkazim-640.json ├── 0xmuxyz-381.json ├── 0xmuxyz-385.json ├── 0xpiken-431.json ├── 0xpiken-433.json ├── 0xpiken-Q.md ├── 0xta-661.json ├── 0xta-G.md ├── 0xvj-429.json ├── 3docSec-190.json ├── 3docSec-191.json ├── 3docSec-192.json ├── 3docSec-193.json ├── 3docSec-194.json ├── 3docSec-195.json ├── 3docSec-196.json ├── 3docSec-237.json ├── 3docSec-Q.md ├── 7siech-582.json ├── AISec-30.json ├── AISec-42.json ├── AISec-G.md ├── AM-210.json ├── AM-218.json ├── AM-219.json ├── AM-288.json ├── AS-446.json ├── AerialRaider-258.json ├── AerialRaider-259.json ├── AerialRaider-390.json ├── AerialRaider-Analysis.md ├── AerialRaider-G.md ├── AerialRaider-Q.md ├── Anirruth-180.json ├── Arabadzhiev-537.json ├── Arabadzhiev-Q.md ├── Arie71-547.json ├── Arie71-577.json ├── Arie71-589.json ├── Arie71-595.json ├── Arie71-Analysis.md ├── Arie71-Q.md ├── Audinarey-464.json ├── Audinarey-490.json ├── Audinarey-526.json ├── Audinarey-544.json ├── Audinarey-553.json ├── Aymen0909-541.json ├── Aymen0909-543.json ├── Aymen0909-602.json ├── Bauer-108.json ├── Bauer-172.json ├── Bauer-181.json ├── Bauer-199.json ├── Bauer-270.json ├── Bauer-Q.md ├── Bughunter101-135.json ├── Bughunter101-136.json ├── Bughunter101-138.json ├── Bughunter101-139.json ├── Bughunter101-140.json ├── CaeraDenoir-234.json ├── CaeraDenoir-645.json ├── CaeraDenoir-688.json ├── CaeraDenoir-79.json ├── CaeraDenoir-Analysis.md ├── CaeraDenoir-Q.md ├── Cooller458-38.json ├── DarkTower-209.json ├── DarkTower-260.json ├── DarkTower-398.json ├── Dastan-2.json ├── Dastan-26.json ├── Dastan-3.json ├── Dastan-4.json ├── Dastan-6.json ├── Dastan-7.json ├── Dastan-G.md ├── Dastan-Q.md ├── DavidGiladi-554.json ├── DavidGiladi-565.json ├── DavidGiladi-G.md ├── DavidGiladi-Q.md ├── DeFiHackLabs-397.json ├── DeFiHackLabs-399.json ├── DeFiHackLabs-523.json ├── DeFiHackLabs-556.json ├── DeFiHackLabs-574.json ├── DeFiHackLabs-579.json ├── DeFiHackLabs-600.json ├── DeFiHackLabs-638.json ├── DeFiHackLabs-Analysis.md ├── DeFiHackLabs-Q.md ├── Drynooo-120.json ├── Drynooo-124.json ├── Drynooo-125.json ├── Drynooo-127.json ├── Drynooo-137.json ├── Drynooo-185.json ├── Drynooo-Q.md ├── Eigenvectors-200.json ├── Eigenvectors-201.json ├── Eigenvectors-202.json ├── Eigenvectors-203.json ├── Eigenvectors-204.json ├── Eigenvectors-205.json ├── Eigenvectors-207.json ├── Eigenvectors-208.json ├── Eigenvectors-Q.md ├── EricWWFCP-171.json ├── EricWWFCP-173.json ├── EricWWFCP-174.json ├── EricWWFCP-G.md ├── EricWWFCP-Q.md ├── Eurovickk-505.json ├── Eurovickk-G.md ├── Fulum-448.json ├── Fulum-454.json ├── Fulum-458.json ├── Fulum-460.json ├── Fulum-717.json ├── GREY-HAWK-REACH-227.json ├── GREY-HAWK-REACH-242.json ├── GREY-HAWK-REACH-653.json ├── HALITUS-727.json ├── HChang26-104.json ├── HChang26-107.json ├── HChang26-116.json ├── HChang26-59.json ├── HChang26-60.json ├── HChang26-65.json ├── Hama-584.json ├── Hama-586.json ├── Hama-594.json ├── Hama-603.json ├── IceBear-37.json ├── IllIllI-293.json ├── InAllHonesty-100.json ├── InAllHonesty-101.json ├── InAllHonesty-112.json ├── InAllHonesty-71.json ├── InAllHonesty-Analysis.md ├── InAllHonesty-Q.md ├── Infect3d-596.json ├── Infect3d-647.json ├── Infect3d-651.json ├── Inspecktor-557.json ├── Inspecktor-558.json ├── J4X-422.json ├── J4X-435.json ├── J4X-437.json ├── J4X-489.json ├── J4X-530.json ├── J4X-560.json ├── J4X-581.json ├── J4X-Analysis.md ├── J4X-Q.md ├── JCK-701.json ├── JCK-703.json ├── JCK-705.json ├── JCK-Analysis.md ├── JCK-G.md ├── JCK-Q.md ├── JP_Courses-708.json ├── JP_Courses-724.json ├── JP_Courses-Analysis.md ├── JP_Courses-Q.md ├── Jiamin-286.json ├── Jiamin-287.json ├── Juntao-186.json ├── Juntao-187.json ├── Juntao-188.json ├── Juntao-263.json ├── KeyKiril-212.json ├── KeyKiril-290.json ├── KeyKiril-291.json ├── KeyKiril-297.json ├── KeyKiril-330.json ├── KeyKiril-Analysis.md ├── KeyKiril-G.md ├── KeyKiril-Q.md ├── LokiThe5th-413.json ├── LokiThe5th-432.json ├── LokiThe5th-671.json ├── Madalad-319.json ├── MaslarovK-274.json ├── MaslarovK-Q.md ├── MatricksDeCoder-47.json ├── MatricksDeCoder-49.json ├── MatricksDeCoder-50.json ├── MatricksDeCoder-51.json ├── MatricksDeCoder-61.json ├── MatricksDeCoder-Q.md ├── Mike_Bello90-371.json ├── Mike_Bello90-632.json ├── Mike_Bello90-711.json ├── Mike_Bello90-G.md ├── Mike_Bello90-Q.md ├── MiloTruck-491.json ├── MiloTruck-492.json ├── MiloTruck-494.json ├── MiloTruck-495.json ├── MiloTruck-496.json ├── MiloTruck-497.json ├── MiloTruck-498.json ├── MiloTruck-499.json ├── MiloTruck-500.json ├── MiloTruck-501.json ├── MiloTruck-502.json ├── MiloTruck-503.json ├── MiloTruck-533.json ├── MiloTruck-Q.md ├── MohammedRizwan-623.json ├── OMEN-616.json ├── OMEN-636.json ├── OMEN-665.json ├── OMEN-709.json ├── Phantom-588.json ├── Phantom-683.json ├── Phantom-699.json ├── Phantom-712.json ├── Phantom-Q.md ├── QiuhaoLi-407.json ├── QiuhaoLi-423.json ├── QiuhaoLi-430.json ├── QiuhaoLi-436.json ├── QiuhaoLi-439.json ├── QiuhaoLi-459.json ├── QiuhaoLi-472.json ├── QiuhaoLi-481.json ├── QiuhaoLi-733.json ├── QiuhaoLi-Q.md ├── Raihan-716.json ├── Raihan-G.md ├── Robert-648.json ├── Robert-650.json ├── Robert-652.json ├── Robert-655.json ├── Robert-676.json ├── SAAJ-605.json ├── SAAJ-Analysis.md ├── SAQ-673.json ├── SAQ-G.md ├── SHA_256-143.json ├── SHA_256-160.json ├── SHA_256-165.json ├── SHA_256-G.md ├── SHA_256-Q.md ├── SM3_SS-465.json ├── SM3_SS-G.md ├── SandNallani-400.json ├── SandNallani-405.json ├── Sathish9098-404.json ├── Sathish9098-462.json ├── Sathish9098-Analysis.md ├── Sathish9098-Q.md ├── Shahen-10.json ├── Shahen-8.json ├── Shawon-629.json ├── Silvermist-189.json ├── Silvermist-329.json ├── Soltho-13.json ├── Soltho-23.json ├── Soltho-G.md ├── SooYa-306.json ├── SooYa-473.json ├── SooYa-G.md ├── SovaSlava-372.json ├── SovaSlava-374.json ├── SovaSlava-377.json ├── SovaSlava-378.json ├── SovaSlava-379.json ├── SovaSlava-380.json ├── SovaSlava-384.json ├── SovaSlava-391.json ├── SovaSlava-G.md ├── SovaSlava-Q.md ├── SpicyMeatball-535.json ├── SpicyMeatball-568.json ├── SpicyMeatball-569.json ├── SpicyMeatball-662.json ├── T1MOH-34.json ├── T1MOH-35.json ├── T1MOH-36.json ├── T1MOH-40.json ├── T1MOH-46.json ├── T1MOH-62.json ├── T1MOH-66.json ├── T1MOH-732.json ├── T1MOH-Q.md ├── Thembani-27.json ├── Thembani-G.md ├── Timenov-52.json ├── Timenov-Q.md ├── Topmark-467.json ├── Topmark-580.json ├── Toshii-607.json ├── Toshii-609.json ├── Toshii-613.json ├── Toshii-644.json ├── Tricko-387.json ├── Tripathi-570.json ├── Tripathi-618.json ├── TrungOre-353.json ├── TrungOre-354.json ├── TrungOre-355.json ├── TrungOre-356.json ├── TrungOre-411.json ├── TrungOre-412.json ├── TuringConsulting-528.json ├── Udsen-561.json ├── Udsen-564.json ├── Udsen-663.json ├── Udsen-Q.md ├── VAD37-573.json ├── VAD37-575.json ├── VAD37-Q.md ├── Vagner-301.json ├── Vagner-304.json ├── Vagner-314.json ├── Walter-317.json ├── Walter-Q.md ├── XDZIBECX-672.json ├── XDZIBECX-690.json ├── Yanchuan-455.json ├── Yanchuan-468.json ├── Yanchuan-480.json ├── Yanchuan-493.json ├── Yanchuan-511.json ├── Yanchuan-521.json ├── Yanchuan-525.json ├── YusSecurity-154.json ├── YusSecurity-178.json ├── YusSecurity-269.json ├── YusSecurity-540.json ├── YusSecurity-562.json ├── YusSecurity-68.json ├── YusSecurity-98.json ├── YusSecurity-Q.md ├── ZanyBonzy-324.json ├── ZanyBonzy-327.json ├── ZanyBonzy-337.json ├── ZanyBonzy-Analysis.md ├── ZdravkoHr-114.json ├── ZdravkoHr-149.json ├── ZdravkoHr-236.json ├── ZdravkoHr-28.json ├── ZdravkoHr-318.json ├── ZdravkoHr-322.json ├── ZdravkoHr-334.json ├── ZdravkoHr-361.json ├── ZdravkoHr-362.json ├── ZdravkoHr-563.json ├── ZdravkoHr-685.json ├── ZdravkoHr-Analysis.md ├── ZdravkoHr-G.md ├── ZdravkoHr-Q.md ├── _nd_koo-477.json ├── _nd_koo-485.json ├── aariiif-243.json ├── aariiif-246.json ├── aariiif-247.json ├── aariiif-249.json ├── aariiif-250.json ├── aariiif-251.json ├── aariiif-252.json ├── aariiif-253.json ├── aariiif-254.json ├── aariiif-331.json ├── aariiif-332.json ├── albahaca-441.json ├── albahaca-474.json ├── albahaca-Analysis.md ├── albahaca-Q.md ├── almurhasan-277.json ├── almurhasan-282.json ├── almurhasan-283.json ├── almurhasan-284.json ├── almurhasan-302.json ├── almurhasan-309.json ├── almurhasan-312.json ├── almurhasan-315.json ├── arjun16-351.json ├── arjun16-G.md ├── ast3ros-513.json ├── ast3ros-514.json ├── ast3ros-515.json ├── ast3ros-516.json ├── ast3ros-517.json ├── ast3ros-Q.md ├── atrixs6-145.json ├── atrixs6-156.json ├── atrixs6-53.json ├── audityourcontracts-256.json ├── avanti-5.json ├── ayden-118.json ├── ayden-121.json ├── ayden-122.json ├── ayden-148.json ├── ayden-182.json ├── ayden-184.json ├── ayden-262.json ├── ayden-Q.md ├── b0g0-229.json ├── bareli-625.json ├── bareli-641.json ├── bareli-678.json ├── bareli-684.json ├── bdmcbri-255.json ├── cartlex_-311.json ├── cartlex_-366.json ├── cartlex_-369.json ├── cartlex_-566.json ├── cartlex_-730.json ├── cartlex_-G.md ├── cartlex_-Q.md ├── catellatech-248.json ├── catellatech-Analysis.md ├── caventa-102.json ├── caventa-105.json ├── caventa-106.json ├── caventa-109.json ├── caventa-110.json ├── caventa-113.json ├── caventa-119.json ├── caventa-215.json ├── caventa-261.json ├── caventa-272.json ├── caventa-414.json ├── caventa-89.json ├── caventa-92.json ├── caventa-93.json ├── caventa-96.json ├── caventa-Q.md ├── cheatc0d3-475.json ├── cheatc0d3-Q.md ├── circlelooper-388.json ├── circlelooper-392.json ├── clara-508.json ├── clara-Analysis.md ├── crunch-416.json ├── crunch-417.json ├── cryptothemex-626.json ├── cryptothemex-649.json ├── cryptothemex-99.json ├── cu5t0mpeo-88.json ├── cu5t0mpeo-90.json ├── cu5t0mpeo-91.json ├── cu5t0mpeo-94.json ├── d3e4-689.json ├── d3e4-691.json ├── d3e4-693.json ├── debo-111.json ├── debo-152.json ├── debo-153.json ├── debo-24.json ├── debo-25.json ├── debo-29.json ├── debo-360.json ├── debo-41.json ├── debo-Analysis.md ├── deepkin-115.json ├── deepkin-117.json ├── deepkin-Q.md ├── deth-298.json ├── deth-300.json ├── deth-305.json ├── deth-308.json ├── deth-320.json ├── deth-323.json ├── deth-326.json ├── deth-444.json ├── dethera-368.json ├── dethera-698.json ├── dethera-726.json ├── devival-445.json ├── devival-597.json ├── devival-606.json ├── devival-612.json ├── devival-631.json ├── devival-Analysis.md ├── digitizeworx-221.json ├── digitizeworx-Analysis.md ├── eeshenggoh-72.json ├── eeshenggoh-Q.md ├── elprofesor-668.json ├── elprofesor-669.json ├── elprofesor-670.json ├── elprofesor-674.json ├── elprofesor-679.json ├── elprofesor-681.json ├── elprofesor-Q.md ├── erictee-509.json ├── fatherOfBlocks-43.json ├── fatherOfBlocks-44.json ├── fatherOfBlocks-45.json ├── fatherOfBlocks-G.md ├── fatherOfBlocks-Q.md ├── flutter_developer-303.json ├── flutter_developer-G.md ├── fr33rh-126.json ├── fr33rh-175.json ├── fr33rh-39.json ├── fr33rh-415.json ├── fr33rh-452.json ├── fr33rh-Q.md ├── ggg_ttt_hhh-197.json ├── ggg_ttt_hhh-211.json ├── ggg_ttt_hhh-213.json ├── ggg_ttt_hhh-217.json ├── ggg_ttt_hhh-220.json ├── ggg_ttt_hhh-224.json ├── ggg_ttt_hhh-321.json ├── gizzy-389.json ├── gizzy-447.json ├── gizzy-450.json ├── gizzy-456.json ├── gizzy-466.json ├── golu-461.json ├── golu-Q.md ├── grearlake-352.json ├── grearlake-358.json ├── grearlake-359.json ├── gumgumzum-370.json ├── gumgumzum-694.json ├── gumgumzum-697.json ├── gumgumzum-Q.md ├── hash-365.json ├── hash-401.json ├── hash-428.json ├── hash-522.json ├── hash-642.json ├── hash-700.json ├── hash-Analysis.md ├── hash-Q.md ├── hunter_w3b-482.json ├── hunter_w3b-723.json ├── hunter_w3b-Analysis.md ├── hunter_w3b-G.md ├── imare-425.json ├── imare-426.json ├── imare-427.json ├── invitedtea-395.json ├── invitedtea-707.json ├── invitedtea-Analysis.md ├── inzinko-675.json ├── inzinko-692.json ├── inzinko-702.json ├── inzinko-725.json ├── inzinko-Q.md ├── jasonxiale-483.json ├── jasonxiale-484.json ├── jasonxiale-488.json ├── jasonxiale-510.json ├── jasonxiale-518.json ├── jasonxiale-519.json ├── jasonxiale-539.json ├── jasonxiale-Q.md ├── jauvany-549.json ├── jauvany-Analysis.md ├── joaovwfreire-289.json ├── joaovwfreire-376.json ├── joaovwfreire-383.json ├── josephdara-576.json ├── josephdara-604.json ├── josephdara-617.json ├── josephdara-633.json ├── josieg_74497-486.json ├── josieg_74497-487.json ├── josieg_74497-G.md ├── josieg_74497-Q.md ├── kali_defi-512.json ├── kali_defi-Q.md ├── karanctf-585.json ├── ke1caM-292.json ├── ke1caM-294.json ├── ke1caM-295.json ├── ke1caM-296.json ├── kodyvim-307.json ├── kodyvim-310.json ├── kodyvim-313.json ├── kodyvim-316.json ├── kodyvim-Q.md ├── lanrebayode77-393.json ├── lanrebayode77-394.json ├── leegh-593.json ├── leegh-G.md ├── lfzkoala-406.json ├── lfzkoala-409.json ├── lfzkoala-421.json ├── lfzkoala-Q.md ├── lsaudit-536.json ├── lsaudit-G.md ├── m4ttm-720.json ├── m4ttm-Analysis.md ├── m_Rassska-142.json ├── mahdikarimi-622.json ├── mahdikarimi-634.json ├── marchev-97.json ├── marqymarq10-157.json ├── marqymarq10-158.json ├── marqymarq10-159.json ├── marqymarq10-161.json ├── marqymarq10-162.json ├── marqymarq10-228.json ├── marqymarq10-G.md ├── matrix_0wl-469.json ├── matrix_0wl-548.json ├── matrix_0wl-591.json ├── matrix_0wl-599.json ├── matrix_0wl-608.json ├── matrix_0wl-615.json ├── matrix_0wl-682.json ├── max10afternoon-146.json ├── max10afternoon-166.json ├── n1punp-9.json ├── nailkhalimov-176.json ├── nailkhalimov-G.md ├── naman1778-667.json ├── naman1778-G.md ├── nirlin-545.json ├── nirlin-628.json ├── nirlin-714.json ├── nirlin-Analysis.md ├── nisedo-168.json ├── nisedo-169.json ├── nisedo-241.json ├── nisedo-245.json ├── nisedo-257.json ├── nisedo-G.md ├── nisedo-Q.md ├── nobody2018-54.json ├── nobody2018-55.json ├── nobody2018-56.json ├── nobody2018-57.json ├── nonseodion-451.json ├── nonseodion-527.json ├── nonseodion-635.json ├── nonseodion-686.json ├── nonseodion-721.json ├── nonseodion-Analysis.md ├── osmanozdemir1-373.json ├── osmanozdemir1-375.json ├── osmanozdemir1-382.json ├── osmanozdemir1-506.json ├── osmanozdemir1-534.json ├── osmanozdemir1-550.json ├── oualidpro-214.json ├── oualidpro-225.json ├── oualidpro-48.json ├── oualidpro-G.md ├── oualidpro-Q.md ├── peter-281.json ├── petrichor-715.json ├── petrichor-G.md ├── phenom80-231.json ├── phenom80-232.json ├── phenom80-233.json ├── phenom80-235.json ├── phenom80-239.json ├── phenom80-240.json ├── phenom80-G.md ├── phenom80-Q.md ├── psb01-555.json ├── radev_sw-206.json ├── radev_sw-532.json ├── radev_sw-542.json ├── radev_sw-583.json ├── radev_sw-659.json ├── radev_sw-Analysis.md ├── radev_sw-Q.md ├── rahul-704.json ├── rahul-Analysis.md ├── rbitbytes-216.json ├── rbitbytes-Q.md ├── rvierdiiev-123.json ├── rvierdiiev-128.json ├── rvierdiiev-129.json ├── rvierdiiev-133.json ├── rvierdiiev-134.json ├── rvierdiiev-63.json ├── rvierdiiev-64.json ├── rvierdiiev-73.json ├── rvierdiiev-74.json ├── rvierdiiev-75.json ├── rvierdiiev-76.json ├── rvierdiiev-77.json ├── rvierdiiev-78.json ├── rvierdiiev-95.json ├── said-408.json ├── sath26-336.json ├── seerether-363.json ├── seerether-367.json ├── serial-coder-614.json ├── serial-coder-624.json ├── serial-coder-630.json ├── serial-coder-639.json ├── serial-coder-646.json ├── shamsulhaq123-687.json ├── shamsulhaq123-G.md ├── skodi-479.json ├── sl1-440.json ├── sl1-442.json ├── smiling_heretic-419.json ├── smiling_heretic-443.json ├── spark-538.json ├── spark-Q.md ├── squeaky_cactus-103.json ├── squeaky_cactus-179.json ├── squeaky_cactus-183.json ├── squeaky_cactus-Q.md ├── stackachu-601.json ├── stackachu-627.json ├── stackachu-728.json ├── stackachu-Q.md ├── sumitchauhan-476.json ├── sumitchauhan-Analysis.md ├── supersizer0x-449.json ├── t0x1c-141.json ├── t0x1c-198.json ├── t0x1c-279.json ├── t0x1c-357.json ├── t0x1c-418.json ├── t0x1c-463.json ├── t0x1c-572.json ├── t0x1c-643.json ├── t0x1c-706.json ├── tabriz-559.json ├── tabriz-713.json ├── tabriz-G.md ├── tabriz-Q.md ├── tallo-147.json ├── tallo-163.json ├── tezeoffor-677.json ├── tezeoffor-696.json ├── tezeoffor-710.json ├── tezeoffor-719.json ├── tezeoffor-Q.md ├── theunicorndog-177.json ├── theunicorndog-325.json ├── theunicorndog-339.json ├── theunicorndog-347.json ├── theunicorndog-Analysis.md ├── theunicorndog-G.md ├── theunicorndog-Q.md ├── trachev-420.json ├── trachev-552.json ├── trachev-598.json ├── trachev-666.json ├── unique-453.json ├── unique-470.json ├── unique-471.json ├── unique-Analysis.md ├── unique-G.md ├── unique-Q.md ├── versiyonbir-14.json ├── versiyonbir-15.json ├── versiyonbir-16.json ├── versiyonbir-17.json ├── versiyonbir-18.json ├── versiyonbir-19.json ├── versiyonbir-20.json ├── versiyonbir-21.json ├── versiyonbir-22.json ├── versiyonbir-G.md ├── wisdomn_-386.json ├── wisdomn_-424.json ├── wisdomn_-438.json ├── wisdomn_-504.json ├── wisdomn_-G.md ├── xAlismx-656.json ├── xAlismx-658.json ├── xeros-610.json ├── xeros-621.json ├── xeros-657.json ├── ybansal2403-226.json ├── ybansal2403-G.md ├── yumsec-130.json ├── yumsec-131.json ├── yumsec-132.json ├── yumsec-Q.md ├── zaevlad-67.json ├── zaevlad-69.json ├── zaevlad-70.json ├── zhanmingjing-11.json ├── zhanmingjing-12.json ├── ziyou--33.json ├── ziyou--434.json └── ziyou--G.md └── report.md /data/0x11singh99-590.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x11singh99", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 590, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/590" 8 | } -------------------------------------------------------------------------------- /data/0x3b-144.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 144, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/144" 8 | } -------------------------------------------------------------------------------- /data/0x3b-264.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "2", 5 | "title": "Borrower can front-run lenders to extend his delinquency period ", 6 | "issueId": 264, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/264" 8 | } -------------------------------------------------------------------------------- /data/0x3b-267.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "2", 5 | "title": "Lenders can scedule small withdraws to maximise APR", 6 | "issueId": 267, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/267" 8 | } -------------------------------------------------------------------------------- /data/0x3b-268.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "2", 5 | "title": "Normal expired batches could be payed before the unpaid ones", 6 | "issueId": 268, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/268" 8 | } -------------------------------------------------------------------------------- /data/0x3b-271.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 271, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/271" 8 | } -------------------------------------------------------------------------------- /data/0x3b-457.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 457, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/457" 8 | } -------------------------------------------------------------------------------- /data/0x3b-86.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "3", 5 | "title": "`overrideSanction` and `removeSanctionOverride` do not have access control", 6 | "issueId": 86, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/86" 8 | } -------------------------------------------------------------------------------- /data/0x3b-87.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0x3b", 4 | "risk": "2", 5 | "title": "The Borrower may prevent a lender from being nuked in order to avoid becoming delinquent.", 6 | "issueId": 87, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/87" 8 | } -------------------------------------------------------------------------------- /data/0xAnah-695.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xAnah", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 695, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/695" 8 | } -------------------------------------------------------------------------------- /data/0xBeirao-507.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xBeirao", 4 | "risk": "3", 5 | "title": " A user can DOS the borrow operation", 6 | "issueId": 507, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/507" 8 | } -------------------------------------------------------------------------------- /data/0xBeirao-520.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xBeirao", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 520, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/520" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-167.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "3", 5 | "title": "Inability to Adjust Market Capacity and Close Market", 6 | "issueId": 167, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/167" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-170.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "3", 5 | "title": "Possible to block Withdrawals and activate Delinquency Fee Once Market Is Closed", 6 | "issueId": 170, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/170" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-402.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "2", 5 | "title": "Sanctioned lender will still accrue interest contrary to the docs", 6 | "issueId": 402, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/402" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-403.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "2", 5 | "title": "create2 and create return value not checked", 6 | "issueId": 403, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/403" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-80.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "2", 5 | "title": "Any address can withdraw from the vaults contrary to the docs", 6 | "issueId": 80, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/80" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-81.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "3", 5 | "title": "Sanctioned users can avoid being blocked and keep earning fees", 6 | "issueId": 81, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/81" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-82.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "3", 5 | "title": "Create escrow parameters are mixed up, giving the sanctioned user the borrower role", 6 | "issueId": 82, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/82" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-83.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "2", 5 | "title": "Borrower can change vault values after closing vault contrary to the docs", 6 | "issueId": 83, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/83" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-84.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "2", 5 | "title": "writeState Should Be Before the Transfer in Borrow and collectFees Functions", 6 | "issueId": 84, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/84" 8 | } -------------------------------------------------------------------------------- /data/0xCiphky-85.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xCiphky", 4 | "risk": "2", 5 | "title": "max/min constraints are not enforced after deployment", 6 | "issueId": 85, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/85" 8 | } -------------------------------------------------------------------------------- /data/0xComfyCat-151.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xComfyCat", 4 | "risk": "2", 5 | "title": "Unable to update market maxTotalSupply after the market has been deployed", 6 | "issueId": 151, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/151" 8 | } -------------------------------------------------------------------------------- /data/0xComfyCat-155.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xComfyCat", 4 | "risk": "2", 5 | "title": "Any address can obtain WithdrawOnly role via controller `updateLenderAuthorization`", 6 | "issueId": 155, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/155" 8 | } -------------------------------------------------------------------------------- /data/0xComfyCat-619.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xComfyCat", 4 | "risk": "2", 5 | "title": "Unsafe uint32 conversion during queueWithdrawal can brick the market", 6 | "issueId": 619, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/619" 8 | } -------------------------------------------------------------------------------- /data/0xComfyCat-664.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xComfyCat", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 664, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/664" 8 | } -------------------------------------------------------------------------------- /data/0xE1-328.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xE1", 4 | "risk": "3", 5 | "title": "setAnnualInterestBips is never Reset back to default value", 6 | "issueId": 328, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/328" 8 | } -------------------------------------------------------------------------------- /data/0xE1-364.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xE1", 4 | "risk": "2", 5 | "title": "Floating Pragma", 6 | "issueId": 364, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/364" 8 | } -------------------------------------------------------------------------------- /data/0xHelium-58.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xHelium", 4 | "risk": "3", 5 | "title": "A malicious borrower can prevent lenders from placing a withdrawal request", 6 | "issueId": 58, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/58" 8 | } -------------------------------------------------------------------------------- /data/0xKbl-551.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xKbl", 4 | "risk": "3", 5 | "title": "Parameters passed to createEscrow are not in the right order", 6 | "issueId": 551, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/551" 8 | } -------------------------------------------------------------------------------- /data/0xSimeon-722.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xSimeon", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 722, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/722" 8 | } -------------------------------------------------------------------------------- /data/0xSmartContract-654.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xSmartContract", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 654, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/654" 8 | } -------------------------------------------------------------------------------- /data/0xStalin-571.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xStalin", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 571, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/571" 8 | } -------------------------------------------------------------------------------- /data/0xStalin-729.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xStalin", 4 | "risk": "2", 5 | "title": "Upgraded Q -> 2 from #571 [1699543659773]", 6 | "issueId": 729 7 | } -------------------------------------------------------------------------------- /data/0xSwahili-276.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xSwahili", 4 | "risk": "3", 5 | "title": "Unblocked accounts can never deposit funds", 6 | "issueId": 276, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/276" 8 | } -------------------------------------------------------------------------------- /data/0xSwahili-278.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xSwahili", 4 | "risk": "2", 5 | "title": "False accounting when blocking account with balance", 6 | "issueId": 278, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/278" 8 | } -------------------------------------------------------------------------------- /data/0xVolcano-587.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xVolcano", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 587, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/587" 8 | } -------------------------------------------------------------------------------- /data/0xWaitress-31.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xWaitress", 4 | "risk": "2", 5 | "title": "removeController in ArchController is reversible", 6 | "issueId": 31, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/31" 8 | } -------------------------------------------------------------------------------- /data/0xWaitress-32.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xWaitress", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 32, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/32" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-333.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "2", 5 | "title": "Revoking controllers doesn't disable or destroy contracts, posing security risks.", 6 | "issueId": 333, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/333" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-335.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "2", 5 | "title": "Blocked borrowers can still access deployed markets.", 6 | "issueId": 335, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/335" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-340.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "2", 5 | "title": "Removed markets retain control, risk operations, and trust violations.", 6 | "issueId": 340, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/340" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-341.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "2", 5 | "title": "Anyone can deploy and register controllers, risking system integrity.", 6 | "issueId": 341, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/341" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-343.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 343, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/343" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-344.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "3", 5 | "title": "Removing a borrower disrupts markets, updates, and user access rights.", 6 | "issueId": 344, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/344" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-345.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "2", 5 | "title": "Removing a market can \"brick\" the controller, impairing market management.", 6 | "issueId": 345, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/345" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-348.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "2", 5 | "title": "Setting reserve ratio doesn't account for potential interest accrual risks.", 6 | "issueId": 348, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/348" 8 | } -------------------------------------------------------------------------------- /data/0xbrett8571-349.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xbrett8571", 4 | "risk": "2", 5 | "title": "Usage of fixed-width uint104 and uint112 types risks integer overflow.", 6 | "issueId": 349, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/349" 8 | } -------------------------------------------------------------------------------- /data/0xhegel-478.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xhegel", 4 | "risk": "3", 5 | "title": "Missing `closeMarket` method in WildcatMarketController", 6 | "issueId": 478, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/478" 8 | } -------------------------------------------------------------------------------- /data/0xhex-680.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xhex", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 680, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/680" 8 | } -------------------------------------------------------------------------------- /data/0xkazim-524.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xkazim", 4 | "risk": "2", 5 | "title": "calling `executeWithdraw` may revert due to out of gas ", 6 | "issueId": 524, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/524" 8 | } -------------------------------------------------------------------------------- /data/0xkazim-529.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xkazim", 4 | "risk": "2", 5 | "title": "Unauthorized Users have Access to Critical Functions in `WildMarketConfig.sol`", 6 | "issueId": 529, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/529" 8 | } -------------------------------------------------------------------------------- /data/0xkazim-620.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xkazim", 4 | "risk": "3", 5 | "title": "calling `closeMarket` is not possible because of the `onlyController` modifier", 6 | "issueId": 620, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/620" 8 | } -------------------------------------------------------------------------------- /data/0xmuxyz-385.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xmuxyz", 4 | "risk": "2", 5 | "title": "Missing to track two more state changes when unblocking an existing blocked-lender", 6 | "issueId": 385, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/385" 8 | } -------------------------------------------------------------------------------- /data/0xpiken-431.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xpiken", 4 | "risk": "2", 5 | "title": "Borrower has no way to update `maxTotalSupply` of `market` or close market.", 6 | "issueId": 431, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/431" 8 | } -------------------------------------------------------------------------------- /data/0xpiken-433.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xpiken", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 433, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/433" 8 | } -------------------------------------------------------------------------------- /data/0xta-661.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xta", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 661, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/661" 8 | } -------------------------------------------------------------------------------- /data/0xvj-429.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "0xvj", 4 | "risk": "3", 5 | "title": "spender can front-run approve function to steal tokens from owner", 6 | "issueId": 429, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/429" 8 | } -------------------------------------------------------------------------------- /data/3docSec-190.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "3docSec", 4 | "risk": "3", 5 | "title": "Nuked lender's funds are escrowed for the wrong beneficiary ", 6 | "issueId": 190, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/190" 8 | } -------------------------------------------------------------------------------- /data/3docSec-192.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "3docSec", 4 | "risk": "3", 5 | "title": "WildcatMarket won't operate properly with amounts above 2^104", 6 | "issueId": 192, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/192" 8 | } -------------------------------------------------------------------------------- /data/3docSec-193.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "3docSec", 4 | "risk": "3", 5 | "title": "Borrowers can avoid delinquency altogether by limiting state-updating interactions", 6 | "issueId": 193, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/193" 8 | } -------------------------------------------------------------------------------- /data/3docSec-195.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "3docSec", 4 | "risk": "2", 5 | "title": "Incorrect msg.sender validation prevents markets closure", 6 | "issueId": 195, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/195" 8 | } -------------------------------------------------------------------------------- /data/3docSec-237.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "3docSec", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 237, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/237" 8 | } -------------------------------------------------------------------------------- /data/7siech-582.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "7siech", 4 | "risk": "3", 5 | "title": "Borrower can completely drain a market below its reserve ratio", 6 | "issueId": 582, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/582" 8 | } -------------------------------------------------------------------------------- /data/AISec-30.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AISec", 4 | "risk": "2", 5 | "title": "Race condition on ERC20 approval", 6 | "issueId": 30, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/30" 8 | } -------------------------------------------------------------------------------- /data/AISec-42.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AISec", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 42, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/42" 8 | } -------------------------------------------------------------------------------- /data/AM-210.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AM", 4 | "risk": "3", 5 | "title": "Market can not be closed ", 6 | "issueId": 210, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/210" 8 | } -------------------------------------------------------------------------------- /data/AM-218.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AM", 4 | "risk": "2", 5 | "title": "Borrower can be DoS from taking a borrow", 6 | "issueId": 218, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/218" 8 | } -------------------------------------------------------------------------------- /data/AM-219.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AM", 4 | "risk": "2", 5 | "title": "Not all users need to comply with OFAC", 6 | "issueId": 219, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/219" 8 | } -------------------------------------------------------------------------------- /data/AM-288.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AM", 4 | "risk": "3", 5 | "title": "Escrow contract can be hijacked and funds can be stolen or blocked", 6 | "issueId": 288, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/288" 8 | } -------------------------------------------------------------------------------- /data/AS-446.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AS", 4 | "risk": "3", 5 | "title": "Escrowed balance will be released to borrower rather than lender", 6 | "issueId": 446, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/446" 8 | } -------------------------------------------------------------------------------- /data/AerialRaider-258.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AerialRaider", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 258, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/258" 8 | } -------------------------------------------------------------------------------- /data/AerialRaider-259.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AerialRaider", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 259, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/259" 8 | } -------------------------------------------------------------------------------- /data/AerialRaider-390.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "AerialRaider", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 390, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/390" 8 | } -------------------------------------------------------------------------------- /data/Anirruth-180.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Anirruth", 4 | "risk": "2", 5 | "title": "Borrowers may end up paying more or less to lenders if using rebasing tokens", 6 | "issueId": 180, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/180" 8 | } -------------------------------------------------------------------------------- /data/Arabadzhiev-537.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Arabadzhiev", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 537, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/537" 8 | } -------------------------------------------------------------------------------- /data/Arie71-547.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Arie71", 4 | "risk": "3", 5 | "title": "Reentrancy", 6 | "issueId": 547, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/547" 8 | } -------------------------------------------------------------------------------- /data/Arie71-577.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Arie71", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 577, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/577" 8 | } -------------------------------------------------------------------------------- /data/Arie71-589.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Arie71", 4 | "risk": "2", 5 | "title": "Steal funds", 6 | "issueId": 589, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/589" 8 | } -------------------------------------------------------------------------------- /data/Arie71-595.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Arie71", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 595, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/595" 8 | } -------------------------------------------------------------------------------- /data/Audinarey-464.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Audinarey", 4 | "risk": "2", 5 | "title": "Borrower APR calculation accuracy loss", 6 | "issueId": 464, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/464" 8 | } -------------------------------------------------------------------------------- /data/Audinarey-490.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Audinarey", 4 | "risk": "3", 5 | "title": "availableLiquidity is wrongly calculated", 6 | "issueId": 490, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/490" 8 | } -------------------------------------------------------------------------------- /data/Audinarey-544.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Audinarey", 4 | "risk": "3", 5 | "title": "Borrower can pay less than their outstanding debt balance during market closure", 6 | "issueId": 544, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/544" 8 | } -------------------------------------------------------------------------------- /data/Audinarey-553.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Audinarey", 4 | "risk": "3", 5 | "title": "borrower may pay in excess of their outstanding total debt during market closure", 6 | "issueId": 553, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/553" 8 | } -------------------------------------------------------------------------------- /data/Bauer-108.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bauer", 4 | "risk": "2", 5 | "title": "`approve()` and `transferFrom()` functions of Pool tokens are subject to front-run attack", 6 | "issueId": 108, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/108" 8 | } -------------------------------------------------------------------------------- /data/Bauer-172.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bauer", 4 | "risk": "2", 5 | "title": "Use safeTransfer instead of transfer", 6 | "issueId": 172, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/172" 8 | } -------------------------------------------------------------------------------- /data/Bauer-181.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bauer", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 181, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/181" 8 | } -------------------------------------------------------------------------------- /data/Bauer-199.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bauer", 4 | "risk": "2", 5 | "title": "`approve()` and `transferFrom()` functions of Pool tokens are subject to front-run attack", 6 | "issueId": 199, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/199" 8 | } -------------------------------------------------------------------------------- /data/Bauer-270.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bauer", 4 | "risk": "2", 5 | "title": "Prevent the controller from closing the market", 6 | "issueId": 270, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/270" 8 | } -------------------------------------------------------------------------------- /data/Bughunter101-135.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bughunter101", 4 | "risk": "2", 5 | "title": "`WildcatMarketToken.approve()` has in-front attack problem", 6 | "issueId": 135, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/135" 8 | } -------------------------------------------------------------------------------- /data/Bughunter101-136.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bughunter101", 4 | "risk": "3", 5 | "title": "`nukeFromOrbit()` can be call by anyone", 6 | "issueId": 136, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/136" 8 | } -------------------------------------------------------------------------------- /data/Bughunter101-138.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bughunter101", 4 | "risk": "2", 5 | "title": "It will cause DoS if `chainalysisSanctionsList` is paused", 6 | "issueId": 138, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/138" 8 | } -------------------------------------------------------------------------------- /data/Bughunter101-139.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Bughunter101", 4 | "risk": "2", 5 | "title": "Anyone can call `resetReserveRatio()`", 6 | "issueId": 139, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/139" 8 | } -------------------------------------------------------------------------------- /data/CaeraDenoir-234.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "CaeraDenoir", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 234, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/234" 8 | } -------------------------------------------------------------------------------- /data/CaeraDenoir-688.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "CaeraDenoir", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 688, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/688" 8 | } -------------------------------------------------------------------------------- /data/CaeraDenoir-79.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "CaeraDenoir", 4 | "risk": "3", 5 | "title": "Borrowers are able to withdraw more collateral than the reserve ratio allows them to", 6 | "issueId": 79, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/79" 8 | } -------------------------------------------------------------------------------- /data/Cooller458-38.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Cooller458", 4 | "risk": "3", 5 | "title": "Unchecked Transfer", 6 | "issueId": 38, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/38" 8 | } -------------------------------------------------------------------------------- /data/DarkTower-260.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DarkTower", 4 | "risk": "2", 5 | "title": "Rebasing tokens get locked in the market contracts", 6 | "issueId": 260, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/260" 8 | } -------------------------------------------------------------------------------- /data/DarkTower-398.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DarkTower", 4 | "risk": "2", 5 | "title": "Reentrancy in WildcatMarketController.resetReserveRatio(address)", 6 | "issueId": 398, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/398" 8 | } -------------------------------------------------------------------------------- /data/Dastan-26.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Dastan", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 26, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/26" 8 | } -------------------------------------------------------------------------------- /data/Dastan-3.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Dastan", 4 | "risk": "3", 5 | "title": "Loans can be rolled an unlimited number of times", 6 | "issueId": 3, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/3" 8 | } -------------------------------------------------------------------------------- /data/Dastan-4.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Dastan", 4 | "risk": "3", 5 | "title": "Fully repaying a loan will result in debt payment being lost", 6 | "issueId": 4, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/4" 8 | } -------------------------------------------------------------------------------- /data/Dastan-6.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Dastan", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 6, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/6" 8 | } -------------------------------------------------------------------------------- /data/Dastan-7.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Dastan", 4 | "risk": "3", 5 | "title": "Unsafe ERC20 Operation", 6 | "issueId": 7, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/7" 8 | } -------------------------------------------------------------------------------- /data/DavidGiladi-554.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DavidGiladi", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 554, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/554" 8 | } -------------------------------------------------------------------------------- /data/DavidGiladi-565.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DavidGiladi", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 565, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/565" 8 | } -------------------------------------------------------------------------------- /data/DeFiHackLabs-399.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DeFiHackLabs", 4 | "risk": "2", 5 | "title": "The Wildcat Protocol allows a borrower to add himself as authorized lender.", 6 | "issueId": 399, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/399" 8 | } -------------------------------------------------------------------------------- /data/DeFiHackLabs-523.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DeFiHackLabs", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 523, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/523" 8 | } -------------------------------------------------------------------------------- /data/DeFiHackLabs-556.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DeFiHackLabs", 4 | "risk": "3", 5 | "title": "Wrong parameters used in calls to `createEscrow` function", 6 | "issueId": 556, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/556" 8 | } -------------------------------------------------------------------------------- /data/DeFiHackLabs-574.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DeFiHackLabs", 4 | "risk": "3", 5 | "title": "Lack of appropriate function in `WildcatMarketController` to close the market", 6 | "issueId": 574, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/574" 8 | } -------------------------------------------------------------------------------- /data/DeFiHackLabs-579.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DeFiHackLabs", 4 | "risk": "2", 5 | "title": "nukeFromOrbit() will always revert if borrower calls overrideSanction() manually", 6 | "issueId": 579, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/579" 8 | } -------------------------------------------------------------------------------- /data/DeFiHackLabs-638.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "DeFiHackLabs", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 638, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/638" 8 | } -------------------------------------------------------------------------------- /data/Drynooo-125.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Drynooo", 4 | "risk": "3", 5 | "title": "Lenders may act in bad faith to make borrowers delinquent", 6 | "issueId": 125, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/125" 8 | } -------------------------------------------------------------------------------- /data/Drynooo-127.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Drynooo", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 127, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/127" 8 | } -------------------------------------------------------------------------------- /data/Drynooo-137.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Drynooo", 4 | "risk": "3", 5 | "title": "Accuracy issues may lead to attacks", 6 | "issueId": 137, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/137" 8 | } -------------------------------------------------------------------------------- /data/Drynooo-185.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Drynooo", 4 | "risk": "2", 5 | "title": "transferFrom uses allowance even if spender == from", 6 | "issueId": 185, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/185" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-200.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "3", 5 | "title": "The borrower is not able to change the maxTotalSupply of a market", 6 | "issueId": 200, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/200" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-201.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "3", 5 | "title": "Markets can not be closed", 6 | "issueId": 201, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/201" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-202.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "3", 5 | "title": "A main invariant can be broken by updating the annualInterestBips", 6 | "issueId": 202, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/202" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-203.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "3", 5 | "title": "Paying protocol fees can be avoided", 6 | "issueId": 203, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/203" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-204.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "3", 5 | "title": "Sanctioned lenders are able to bypass the freeze of their funds", 6 | "issueId": 204, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/204" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-205.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "3", 5 | "title": "Scale factor changes depending on when called", 6 | "issueId": 205, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/205" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-207.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "2", 5 | "title": "Reserve Ratio Protection Period Oversight", 6 | "issueId": 207, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/207" 8 | } -------------------------------------------------------------------------------- /data/Eigenvectors-208.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eigenvectors", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 208, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/208" 8 | } -------------------------------------------------------------------------------- /data/EricWWFCP-171.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "EricWWFCP", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 171, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/171" 8 | } -------------------------------------------------------------------------------- /data/EricWWFCP-173.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "EricWWFCP", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 173, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/173" 8 | } -------------------------------------------------------------------------------- /data/Eurovickk-505.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Eurovickk", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 505, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/505" 8 | } -------------------------------------------------------------------------------- /data/Fulum-448.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Fulum", 4 | "risk": "2", 5 | "title": "An overflow inside `WildcatMarketWithdrawals::queueWithdrawal()` lead to a Denial of Service", 6 | "issueId": 448, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/448" 8 | } -------------------------------------------------------------------------------- /data/Fulum-460.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Fulum", 4 | "risk": "3", 5 | "title": "A sanctionned lender can transfer his funds before they are escrowed by `nukeFromOrbit()`.", 6 | "issueId": 460, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/460" 8 | } -------------------------------------------------------------------------------- /data/Fulum-717.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Fulum", 4 | "risk": "2", 5 | "title": "Unfair APR penalty can be added for the borrower when the underlying ERC20 token is paused.", 6 | "issueId": 717, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/717" 8 | } -------------------------------------------------------------------------------- /data/GREY-HAWK-REACH-242.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "GREY-HAWK-REACH", 4 | "risk": "2", 5 | "title": "Wrong accounting in transferFrom", 6 | "issueId": 242, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/242" 8 | } -------------------------------------------------------------------------------- /data/GREY-HAWK-REACH-653.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "GREY-HAWK-REACH", 4 | "risk": "2", 5 | "title": "Incompatibility with Rebase tokens", 6 | "issueId": 653, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/653" 8 | } -------------------------------------------------------------------------------- /data/HALITUS-727.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "HALITUS", 4 | "risk": "2", 5 | "title": "Borrower cannot change market capacity (max total supply) after creating a market", 6 | "issueId": 727, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/727" 8 | } -------------------------------------------------------------------------------- /data/HChang26-104.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "HChang26", 4 | "risk": "2", 5 | "title": "Lenders can exploit borrower and accrue free interest", 6 | "issueId": 104, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/104" 8 | } -------------------------------------------------------------------------------- /data/HChang26-107.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "HChang26", 4 | "risk": "3", 5 | "title": "Incorrect calculation in `closeMarket()` results in unpaid lenders", 6 | "issueId": 107, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/107" 8 | } -------------------------------------------------------------------------------- /data/HChang26-116.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "HChang26", 4 | "risk": "2", 5 | "title": "Sanctioned Users Exploit Security Flaw to Evade Sanctions and Access Funds", 6 | "issueId": 116, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/116" 8 | } -------------------------------------------------------------------------------- /data/HChang26-59.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "HChang26", 4 | "risk": "3", 5 | "title": "Incorrect Interest Rate Calculation in Delinquent Markets", 6 | "issueId": 59, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/59" 8 | } -------------------------------------------------------------------------------- /data/HChang26-65.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "HChang26", 4 | "risk": "2", 5 | "title": "Borrower's Sanction Override Leads to User Fund Loss", 6 | "issueId": 65, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/65" 8 | } -------------------------------------------------------------------------------- /data/Hama-584.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Hama", 4 | "risk": "2", 5 | "title": "Underflow Vulnerability in transferFrom Function", 6 | "issueId": 584, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/584" 8 | } -------------------------------------------------------------------------------- /data/Hama-586.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Hama", 4 | "risk": "2", 5 | "title": "Precision Loss in Interest Rate Calculation", 6 | "issueId": 586, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/586" 8 | } -------------------------------------------------------------------------------- /data/Hama-594.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Hama", 4 | "risk": "2", 5 | "title": "Potential Reversion in closeMarket due to Insufficient Borrower's Balance", 6 | "issueId": 594, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/594" 8 | } -------------------------------------------------------------------------------- /data/Hama-603.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Hama", 4 | "risk": "2", 5 | "title": "Continuous Borrowing Without Debt Reduction in borrow Function", 6 | "issueId": 603, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/603" 8 | } -------------------------------------------------------------------------------- /data/IceBear-37.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "IceBear", 4 | "risk": "2", 5 | "title": "Risk of silent overflow", 6 | "issueId": 37, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/37" 8 | } -------------------------------------------------------------------------------- /data/IllIllI-293.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "IllIllI", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 293, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/293" 8 | } -------------------------------------------------------------------------------- /data/InAllHonesty-100.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "InAllHonesty", 4 | "risk": "2", 5 | "title": "`closeMarket ` ignores the remaining delinquency time", 6 | "issueId": 100, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/100" 8 | } -------------------------------------------------------------------------------- /data/InAllHonesty-101.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "InAllHonesty", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 101, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/101" 8 | } -------------------------------------------------------------------------------- /data/InAllHonesty-112.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "InAllHonesty", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 112, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/112" 8 | } -------------------------------------------------------------------------------- /data/InAllHonesty-71.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "InAllHonesty", 4 | "risk": "2", 5 | "title": "Rebasing tokens break the protocol accounting", 6 | "issueId": 71, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/71" 8 | } -------------------------------------------------------------------------------- /data/Infect3d-647.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Infect3d", 4 | "risk": "3", 5 | "title": "OFAC sanctioned lender can frontrun nukeFromOrbit with a transfer of his funds", 6 | "issueId": 647, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/647" 8 | } -------------------------------------------------------------------------------- /data/Infect3d-651.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Infect3d", 4 | "risk": "2", 5 | "title": "Sanctionned funds keep earning APR, and protocol earning fees on these funds", 6 | "issueId": 651, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/651" 8 | } -------------------------------------------------------------------------------- /data/Inspecktor-558.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Inspecktor", 4 | "risk": "2", 5 | "title": "When depositing, tokens with transfer fees are not taken into account", 6 | "issueId": 558, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/558" 8 | } -------------------------------------------------------------------------------- /data/J4X-422.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "J4X", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 422, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/422" 8 | } -------------------------------------------------------------------------------- /data/J4X-435.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "J4X", 4 | "risk": "3", 5 | "title": "Real APR exceeds set interest rate", 6 | "issueId": 435, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/435" 8 | } -------------------------------------------------------------------------------- /data/J4X-437.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "J4X", 4 | "risk": "2", 5 | "title": "Sanctioned Lenders can taint markets", 6 | "issueId": 437, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/437" 8 | } -------------------------------------------------------------------------------- /data/J4X-489.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "J4X", 4 | "risk": "2", 5 | "title": "Lenders can frontrun removal", 6 | "issueId": 489, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/489" 8 | } -------------------------------------------------------------------------------- /data/J4X-530.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "J4X", 4 | "risk": "3", 5 | "title": "Signing of Agreement is not needed to deploy market", 6 | "issueId": 530, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/530" 8 | } -------------------------------------------------------------------------------- /data/J4X-560.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "J4X", 4 | "risk": "2", 5 | "title": "Rebasing tokens will get frozen in a closed market", 6 | "issueId": 560, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/560" 8 | } -------------------------------------------------------------------------------- /data/J4X-581.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "J4X", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 581, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/581" 8 | } -------------------------------------------------------------------------------- /data/JCK-701.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "JCK", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 701, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/701" 8 | } -------------------------------------------------------------------------------- /data/JCK-703.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "JCK", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 703, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/703" 8 | } -------------------------------------------------------------------------------- /data/JCK-705.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "JCK", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 705, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/705" 8 | } -------------------------------------------------------------------------------- /data/JP_Courses-708.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "JP_Courses", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 708, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/708" 8 | } -------------------------------------------------------------------------------- /data/JP_Courses-724.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "JP_Courses", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 724, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/724" 8 | } -------------------------------------------------------------------------------- /data/Jiamin-286.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Jiamin", 4 | "risk": "3", 5 | "title": "1", 6 | "issueId": 286, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/286" 8 | } -------------------------------------------------------------------------------- /data/Jiamin-287.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Jiamin", 4 | "risk": "3", 5 | "title": "2", 6 | "issueId": 287, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/287" 8 | } -------------------------------------------------------------------------------- /data/Juntao-186.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Juntao", 4 | "risk": "3", 5 | "title": "1", 6 | "issueId": 186, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/186" 8 | } -------------------------------------------------------------------------------- /data/Juntao-187.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Juntao", 4 | "risk": "3", 5 | "title": "2", 6 | "issueId": 187, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/187" 8 | } -------------------------------------------------------------------------------- /data/Juntao-188.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Juntao", 4 | "risk": "3", 5 | "title": "3", 6 | "issueId": 188, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/188" 8 | } -------------------------------------------------------------------------------- /data/Juntao-263.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Juntao", 4 | "risk": "3", 5 | "title": "4", 6 | "issueId": 263, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/263" 8 | } -------------------------------------------------------------------------------- /data/KeyKiril-290.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "KeyKiril", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 290, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/290" 8 | } -------------------------------------------------------------------------------- /data/KeyKiril-291.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "KeyKiril", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 291, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/291" 8 | } -------------------------------------------------------------------------------- /data/KeyKiril-297.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "KeyKiril", 4 | "risk": "2", 5 | "title": "A Lender might be blocked but still eligible to call \"releaseEscrow\"", 6 | "issueId": 297, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/297" 8 | } -------------------------------------------------------------------------------- /data/KeyKiril-330.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "KeyKiril", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 330, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/330" 8 | } -------------------------------------------------------------------------------- /data/LokiThe5th-413.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "LokiThe5th", 4 | "risk": "3", 5 | "title": "Markets cannot be closed at any time", 6 | "issueId": 413, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/413" 8 | } -------------------------------------------------------------------------------- /data/LokiThe5th-432.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "LokiThe5th", 4 | "risk": "2", 5 | "title": "Market deployments may fail silently", 6 | "issueId": 432, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/432" 8 | } -------------------------------------------------------------------------------- /data/LokiThe5th-671.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "LokiThe5th", 4 | "risk": "2", 5 | "title": "Interest accumulation linked to state updates may leak value", 6 | "issueId": 671, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/671" 8 | } -------------------------------------------------------------------------------- /data/Madalad-319.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Madalad", 4 | "risk": "2", 5 | "title": "Return value of assembly `create2` not checked", 6 | "issueId": 319, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/319" 8 | } -------------------------------------------------------------------------------- /data/MaslarovK-274.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MaslarovK", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 274, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/274" 8 | } -------------------------------------------------------------------------------- /data/MatricksDeCoder-47.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MatricksDeCoder", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 47, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/47" 8 | } -------------------------------------------------------------------------------- /data/MatricksDeCoder-49.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MatricksDeCoder", 4 | "risk": "2", 5 | "title": "Centralized Oracle Sanctions List ", 6 | "issueId": 49, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/49" 8 | } -------------------------------------------------------------------------------- /data/MatricksDeCoder-50.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MatricksDeCoder", 4 | "risk": "2", 5 | "title": "Owner can renounce ownership ", 6 | "issueId": 50, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/50" 8 | } -------------------------------------------------------------------------------- /data/MatricksDeCoder-51.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MatricksDeCoder", 4 | "risk": "2", 5 | "title": "Hardcoded Sanctions Address without update capabilities ", 6 | "issueId": 51, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/51" 8 | } -------------------------------------------------------------------------------- /data/MatricksDeCoder-61.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MatricksDeCoder", 4 | "risk": "2", 5 | "title": "Sanctions list can be bypassed by using a different address", 6 | "issueId": 61, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/61" 8 | } -------------------------------------------------------------------------------- /data/Mike_Bello90-632.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Mike_Bello90", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 632, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/632" 8 | } -------------------------------------------------------------------------------- /data/Mike_Bello90-711.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Mike_Bello90", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 711, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/711" 8 | } -------------------------------------------------------------------------------- /data/MiloTruck-491.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MiloTruck", 4 | "risk": "3", 5 | "title": "`codehash` check in factory contracts does not account for non-empty addresses", 6 | "issueId": 491, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/491" 8 | } -------------------------------------------------------------------------------- /data/MiloTruck-497.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MiloTruck", 4 | "risk": "2", 5 | "title": "`setAnnualInterestBips()` can be abused to keep a market's reserve ratio at 90%", 6 | "issueId": 497, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/497" 8 | } -------------------------------------------------------------------------------- /data/MiloTruck-499.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MiloTruck", 4 | "risk": "2", 5 | "title": "`create2WithStoredInitCode()` does not revert if contract deployment failed", 6 | "issueId": 499, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/499" 8 | } -------------------------------------------------------------------------------- /data/MiloTruck-503.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MiloTruck", 4 | "risk": "2", 5 | "title": "Protocol markets are incompatible with rebasing tokens", 6 | "issueId": 503, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/503" 8 | } -------------------------------------------------------------------------------- /data/MiloTruck-533.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "MiloTruck", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 533, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/533" 8 | } -------------------------------------------------------------------------------- /data/OMEN-616.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "OMEN", 4 | "risk": "2", 5 | "title": "potential griefing attack on setReserveRatioBips", 6 | "issueId": 616, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/616" 8 | } -------------------------------------------------------------------------------- /data/OMEN-636.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "OMEN", 4 | "risk": "3", 5 | "title": "potential revert on deployMarket ", 6 | "issueId": 636, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/636" 8 | } -------------------------------------------------------------------------------- /data/OMEN-665.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "OMEN", 4 | "risk": "3", 5 | "title": "potential griefing attack on deployMarket", 6 | "issueId": 665, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/665" 8 | } -------------------------------------------------------------------------------- /data/OMEN-709.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "OMEN", 4 | "risk": "3", 5 | "title": "potential DOS cause of rounding up at rayMul and rayDiv", 6 | "issueId": 709, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/709" 8 | } -------------------------------------------------------------------------------- /data/Phantom-588.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Phantom", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 588, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/588" 8 | } -------------------------------------------------------------------------------- /data/Phantom-683.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Phantom", 4 | "risk": "2", 5 | "title": "Underflow can be occurred in codebase", 6 | "issueId": 683, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/683" 8 | } -------------------------------------------------------------------------------- /data/Phantom-699.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Phantom", 4 | "risk": "2", 5 | "title": "The operation of the approve function in the WildcatMarketToken.sol file is invalid.", 6 | "issueId": 699, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/699" 8 | } -------------------------------------------------------------------------------- /data/Phantom-712.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Phantom", 4 | "risk": "2", 5 | "title": "An underflow occurred during the token transfer.", 6 | "issueId": 712, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/712" 8 | } -------------------------------------------------------------------------------- /data/QiuhaoLi-439.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "QiuhaoLi", 4 | "risk": "2", 5 | "title": "setMaxTotalSupply is not callable from the market controller", 6 | "issueId": 439, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/439" 8 | } -------------------------------------------------------------------------------- /data/QiuhaoLi-459.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "QiuhaoLi", 4 | "risk": "2", 5 | "title": "closeMarket should check if market is still being penalized for delinquency", 6 | "issueId": 459, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/459" 8 | } -------------------------------------------------------------------------------- /data/QiuhaoLi-481.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "QiuhaoLi", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 481, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/481" 8 | } -------------------------------------------------------------------------------- /data/QiuhaoLi-733.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "QiuhaoLi", 4 | "risk": "2", 5 | "title": "Upgraded Q -> 2 from #481 [1700080840600]", 6 | "issueId": 733 7 | } -------------------------------------------------------------------------------- /data/Raihan-716.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Raihan", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 716, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/716" 8 | } -------------------------------------------------------------------------------- /data/Robert-648.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Robert", 4 | "risk": "3", 5 | "title": "DoS Any Escrow by Frontrunning Creation with a Codehash Change", 6 | "issueId": 648, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/648" 8 | } -------------------------------------------------------------------------------- /data/Robert-650.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Robert", 4 | "risk": "3", 5 | "title": "DoS Any Controller by Frontrunning Creation with a Codehash Change", 6 | "issueId": 650, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/650" 8 | } -------------------------------------------------------------------------------- /data/Robert-652.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Robert", 4 | "risk": "3", 5 | "title": "DoS Any Market by Frontrunning Creation with a Codehash Change", 6 | "issueId": 652, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/652" 8 | } -------------------------------------------------------------------------------- /data/Robert-655.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Robert", 4 | "risk": "3", 5 | "title": "Permanent DoS on Market Creation Failure", 6 | "issueId": 655, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/655" 8 | } -------------------------------------------------------------------------------- /data/Robert-676.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Robert", 4 | "risk": "2", 5 | "title": "safeTransferFrom Does Not Check for Code at the Token Address", 6 | "issueId": 676, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/676" 8 | } -------------------------------------------------------------------------------- /data/SAAJ-605.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SAAJ", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 605, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/605" 8 | } -------------------------------------------------------------------------------- /data/SAQ-673.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SAQ", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 673, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/673" 8 | } -------------------------------------------------------------------------------- /data/SHA_256-143.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SHA_256", 4 | "risk": "2", 5 | "title": "ERC20 approve( ) race condition - Transaction order dependencies", 6 | "issueId": 143, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/143" 8 | } -------------------------------------------------------------------------------- /data/SHA_256-160.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SHA_256", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 160, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/160" 8 | } -------------------------------------------------------------------------------- /data/SHA_256-165.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SHA_256", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 165, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/165" 8 | } -------------------------------------------------------------------------------- /data/SM3_SS-465.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SM3_SS", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 465, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/465" 8 | } -------------------------------------------------------------------------------- /data/Sathish9098-404.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Sathish9098", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 404, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/404" 8 | } -------------------------------------------------------------------------------- /data/Sathish9098-462.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Sathish9098", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 462, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/462" 8 | } -------------------------------------------------------------------------------- /data/Shahen-10.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Shahen", 4 | "risk": "3", 5 | "title": "Permanently blocks a certain msg.sender from deploying controller ", 6 | "issueId": 10, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/10" 8 | } -------------------------------------------------------------------------------- /data/Shahen-8.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Shahen", 4 | "risk": "2", 5 | "title": "Unsafe casting in resetReserveRatio() function", 6 | "issueId": 8, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/8" 8 | } -------------------------------------------------------------------------------- /data/Shawon-629.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Shawon", 4 | "risk": "2", 5 | "title": "removes a lender with a single function call", 6 | "issueId": 629, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/629" 8 | } -------------------------------------------------------------------------------- /data/Silvermist-189.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Silvermist", 4 | "risk": "2", 5 | "title": "Reversed parameters when executing createEscrow() in executeWithdrawal()", 6 | "issueId": 189, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/189" 8 | } -------------------------------------------------------------------------------- /data/Silvermist-329.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Silvermist", 4 | "risk": "2", 5 | "title": "It is impossible to close a market", 6 | "issueId": 329, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/329" 8 | } -------------------------------------------------------------------------------- /data/Soltho-13.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Soltho", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 13, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/13" 8 | } -------------------------------------------------------------------------------- /data/Soltho-23.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Soltho", 4 | "risk": "3", 5 | "title": "Borrower can steel APR from lenders by paying interests to himself", 6 | "issueId": 23, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/23" 8 | } -------------------------------------------------------------------------------- /data/SooYa-306.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SooYa", 4 | "risk": "2", 5 | "title": "Asset would be transfered twice if the lender got sanctioned", 6 | "issueId": 306, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/306" 8 | } -------------------------------------------------------------------------------- /data/SooYa-473.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SooYa", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 473, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/473" 8 | } -------------------------------------------------------------------------------- /data/SovaSlava-372.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SovaSlava", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 372, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/372" 8 | } -------------------------------------------------------------------------------- /data/SovaSlava-374.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SovaSlava", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 374, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/374" 8 | } -------------------------------------------------------------------------------- /data/SovaSlava-377.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SovaSlava", 4 | "risk": "2", 5 | "title": "FeeRecipient address may be locked in the token contract", 6 | "issueId": 377, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/377" 8 | } -------------------------------------------------------------------------------- /data/SovaSlava-378.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SovaSlava", 4 | "risk": "2", 5 | "title": "Lender's address may be locked in the token contract(asset)", 6 | "issueId": 378, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/378" 8 | } -------------------------------------------------------------------------------- /data/SovaSlava-379.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SovaSlava", 4 | "risk": "2", 5 | "title": "Borrower could not stop market", 6 | "issueId": 379, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/379" 8 | } -------------------------------------------------------------------------------- /data/SovaSlava-384.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SovaSlava", 4 | "risk": "3", 5 | "title": "Lender's tokens (if he in chainalysis sanctions list) transfers to wrong address", 6 | "issueId": 384, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/384" 8 | } -------------------------------------------------------------------------------- /data/SovaSlava-391.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SovaSlava", 4 | "risk": "3", 5 | "title": "Lender's funs could be frozen on market contract", 6 | "issueId": 391, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/391" 8 | } -------------------------------------------------------------------------------- /data/SpicyMeatball-535.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SpicyMeatball", 4 | "risk": "3", 5 | "title": "Lack of closeMarket() function implementation in the market controller", 6 | "issueId": 535, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/535" 8 | } -------------------------------------------------------------------------------- /data/SpicyMeatball-568.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "SpicyMeatball", 4 | "risk": "3", 5 | "title": "Borrower can drain the market from all of it's liquidity", 6 | "issueId": 568, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/568" 8 | } -------------------------------------------------------------------------------- /data/T1MOH-34.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "T1MOH", 4 | "risk": "2", 5 | "title": "Borrower can't close market", 6 | "issueId": 34, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/34" 8 | } -------------------------------------------------------------------------------- /data/T1MOH-35.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "T1MOH", 4 | "risk": "2", 5 | "title": "Borrower can't update maxTotalSupply in Market", 6 | "issueId": 35, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/35" 8 | } -------------------------------------------------------------------------------- /data/T1MOH-40.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "T1MOH", 4 | "risk": "2", 5 | "title": "WildcatMarketToken can revert on transferring full balance ", 6 | "issueId": 40, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/40" 8 | } -------------------------------------------------------------------------------- /data/T1MOH-46.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "T1MOH", 4 | "risk": "2", 5 | "title": "Lender who was deauthorized still can deposit in markets", 6 | "issueId": 46, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/46" 8 | } -------------------------------------------------------------------------------- /data/T1MOH-62.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "T1MOH", 4 | "risk": "3", 5 | "title": "Borrower can still Asset from lenders", 6 | "issueId": 62, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/62" 8 | } -------------------------------------------------------------------------------- /data/T1MOH-66.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "T1MOH", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 66, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/66" 8 | } -------------------------------------------------------------------------------- /data/T1MOH-732.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "T1MOH", 4 | "risk": "2", 5 | "title": "Upgraded Q -> 2 from #66 [1699995497317]", 6 | "issueId": 732 7 | } -------------------------------------------------------------------------------- /data/Thembani-27.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Thembani", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 27, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/27" 8 | } -------------------------------------------------------------------------------- /data/Timenov-52.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Timenov", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 52, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/52" 8 | } -------------------------------------------------------------------------------- /data/Toshii-644.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Toshii", 4 | "risk": "2", 5 | "title": "When a batch of withdrawals expires, that batch is often underpaid their owed interest", 6 | "issueId": 644, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/644" 8 | } -------------------------------------------------------------------------------- /data/Tripathi-570.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Tripathi", 4 | "risk": "2", 5 | "title": "Any Borrower can prevent another borrower from deploying new market", 6 | "issueId": 570, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/570" 8 | } -------------------------------------------------------------------------------- /data/TrungOre-354.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "TrungOre", 4 | "risk": "3", 5 | "title": "Borrowers cannot close their markets", 6 | "issueId": 354, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/354" 8 | } -------------------------------------------------------------------------------- /data/TrungOre-355.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "TrungOre", 4 | "risk": "3", 5 | "title": "The delinquentFee continues to accrue even after the `market` has been closed", 6 | "issueId": 355, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/355" 8 | } -------------------------------------------------------------------------------- /data/TrungOre-411.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "TrungOre", 4 | "risk": "2", 5 | "title": "An address with the Null role can withdraw tokens from the market ", 6 | "issueId": 411, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/411" 8 | } -------------------------------------------------------------------------------- /data/TrungOre-412.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "TrungOre", 4 | "risk": "2", 5 | "title": "The interest rate can fall outside the bounds defined by the controller", 6 | "issueId": 412, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/412" 8 | } -------------------------------------------------------------------------------- /data/TuringConsulting-528.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "TuringConsulting", 4 | "risk": "3", 5 | "title": "Wildcat Market can never be closed", 6 | "issueId": 528, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/528" 8 | } -------------------------------------------------------------------------------- /data/Udsen-663.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Udsen", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 663, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/663" 8 | } -------------------------------------------------------------------------------- /data/VAD37-573.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "VAD37", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 573, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/573" 8 | } -------------------------------------------------------------------------------- /data/VAD37-575.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "VAD37", 4 | "risk": "3", 5 | "title": "Escrow release asset to wrong account address", 6 | "issueId": 575, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/575" 8 | } -------------------------------------------------------------------------------- /data/Vagner-304.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Vagner", 4 | "risk": "3", 5 | "title": "Markets can't be closed since `closeMarket` can't be called by anyone", 6 | "issueId": 304, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/304" 8 | } -------------------------------------------------------------------------------- /data/Walter-317.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Walter", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 317, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/317" 8 | } -------------------------------------------------------------------------------- /data/XDZIBECX-672.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "XDZIBECX", 4 | "risk": "2", 5 | "title": "Incorrect Order of Operations in nukeFromOrbit Function", 6 | "issueId": 672, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/672" 8 | } -------------------------------------------------------------------------------- /data/XDZIBECX-690.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "XDZIBECX", 4 | "risk": "2", 5 | "title": "Uninitialized State Variables", 6 | "issueId": 690, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/690" 8 | } -------------------------------------------------------------------------------- /data/Yanchuan-480.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Yanchuan", 4 | "risk": "2", 5 | "title": "lender's address on `sanctionOverrides` is wrong.", 6 | "issueId": 480, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/480" 8 | } -------------------------------------------------------------------------------- /data/Yanchuan-511.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Yanchuan", 4 | "risk": "2", 5 | "title": "Borrower can maliciously reduce the interest rate", 6 | "issueId": 511, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/511" 8 | } -------------------------------------------------------------------------------- /data/Yanchuan-525.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "Yanchuan", 4 | "risk": "3", 5 | "title": "Markets cannot be closed", 6 | "issueId": 525, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/525" 8 | } -------------------------------------------------------------------------------- /data/YusSecurity-178.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "YusSecurity", 4 | "risk": "2", 5 | "title": "Lender can achieve higher APR than configured via daily compounding", 6 | "issueId": 178, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/178" 8 | } -------------------------------------------------------------------------------- /data/YusSecurity-269.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "YusSecurity", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 269, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/269" 8 | } -------------------------------------------------------------------------------- /data/YusSecurity-540.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "YusSecurity", 4 | "risk": "2", 5 | "title": "Malicious actor can withdraw stolen market tokens", 6 | "issueId": 540, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/540" 8 | } -------------------------------------------------------------------------------- /data/YusSecurity-562.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "YusSecurity", 4 | "risk": "2", 5 | "title": "`WildcatMarketToken` does not comply with the ERC20 standard", 6 | "issueId": 562, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/562" 8 | } -------------------------------------------------------------------------------- /data/YusSecurity-68.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "YusSecurity", 4 | "risk": "3", 5 | "title": "Borrower can drain all funds of a sanctioned lender", 6 | "issueId": 68, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/68" 8 | } -------------------------------------------------------------------------------- /data/YusSecurity-98.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "YusSecurity", 4 | "risk": "3", 5 | "title": "Rebasing token can be stuck in Market in case of increased supply", 6 | "issueId": 98, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/98" 8 | } -------------------------------------------------------------------------------- /data/ZanyBonzy-324.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZanyBonzy", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 324, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/324" 8 | } -------------------------------------------------------------------------------- /data/ZanyBonzy-327.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZanyBonzy", 4 | "risk": "2", 5 | "title": "Blocked lenders can lose access to their escrow.", 6 | "issueId": 327, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/327" 8 | } -------------------------------------------------------------------------------- /data/ZanyBonzy-337.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZanyBonzy", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 337, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/337" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-114.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "3", 5 | "title": "Wrong argument ordering in createEscrow", 6 | "issueId": 114, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/114" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-149.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "3", 5 | "title": "Interest is not frozen for sanctioned users", 6 | "issueId": 149, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/149" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-236.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "2", 5 | "title": "Everyone can get the WithdrawOnly role", 6 | "issueId": 236, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/236" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-28.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "2", 5 | "title": "CREATE2 success is not checked", 6 | "issueId": 28, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/28" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-318.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "2", 5 | "title": "Borrower can set market interest outside of the minimimum and maximum range", 6 | "issueId": 318, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/318" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-322.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "2", 5 | "title": "Borrower may have to pay more fee for delinquency than needed", 6 | "issueId": 322, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/322" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-334.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "3", 5 | "title": "Markets can never be closed", 6 | "issueId": 334, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/334" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-361.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 361, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/361" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-362.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 362, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/362" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-563.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "2", 5 | "title": "Max total supply cannot be changed", 6 | "issueId": 563, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/563" 8 | } -------------------------------------------------------------------------------- /data/ZdravkoHr-685.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ZdravkoHr", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 685, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/685" 8 | } -------------------------------------------------------------------------------- /data/_nd_koo-485.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "_nd_koo", 4 | "risk": "3", 5 | "title": "Borrower cannot close market because of unimplemented function", 6 | "issueId": 485, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/485" 8 | } -------------------------------------------------------------------------------- /data/aariiif-246.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "aariiif", 4 | "risk": "3", 5 | "title": "Borrowers can manipulate withdrawals, letting lenders access unpaid funds unfairly.", 6 | "issueId": 246, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/246" 8 | } -------------------------------------------------------------------------------- /data/aariiif-250.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "aariiif", 4 | "risk": "3", 5 | "title": "Transfers in WildcatMarketToken can create negative balances, risking manipulation.", 6 | "issueId": 250, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/250" 8 | } -------------------------------------------------------------------------------- /data/aariiif-253.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "aariiif", 4 | "risk": "3", 5 | "title": "`closeMarket` assumes full assets availability, leading to potential underpayments.", 6 | "issueId": 253, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/253" 8 | } -------------------------------------------------------------------------------- /data/aariiif-254.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "aariiif", 4 | "risk": "3", 5 | "title": "Overflow in interest calculation could manipulate economic assumptions in the system.", 6 | "issueId": 254, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/254" 8 | } -------------------------------------------------------------------------------- /data/aariiif-331.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "aariiif", 4 | "risk": "3", 5 | "title": "Borrowers can manipulate the reserve ratio to avoid delinquency fees.", 6 | "issueId": 331, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/331" 8 | } -------------------------------------------------------------------------------- /data/aariiif-332.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "aariiif", 4 | "risk": "3", 5 | "title": "The borrower can manipulate reserves by collecting protocol fees improperly.", 6 | "issueId": 332, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/332" 8 | } -------------------------------------------------------------------------------- /data/albahaca-441.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "albahaca", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 441, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/441" 8 | } -------------------------------------------------------------------------------- /data/albahaca-474.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "albahaca", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 474, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/474" 8 | } -------------------------------------------------------------------------------- /data/almurhasan-284.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "almurhasan", 4 | "risk": "3", 5 | "title": "Borrower can’t close a market in wildcatmarket contract", 6 | "issueId": 284, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/284" 8 | } -------------------------------------------------------------------------------- /data/almurhasan-302.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "almurhasan", 4 | "risk": "3", 5 | "title": "Wrong calculation in feemath library", 6 | "issueId": 302, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/302" 8 | } -------------------------------------------------------------------------------- /data/almurhasan-312.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "almurhasan", 4 | "risk": "2", 5 | "title": "New authorize lenders can lose money in a worst case scenario.", 6 | "issueId": 312, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/312" 8 | } -------------------------------------------------------------------------------- /data/almurhasan-315.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "almurhasan", 4 | "risk": "2", 5 | "title": "Borrower can close a market but there is no mechanism to open that market", 6 | "issueId": 315, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/315" 8 | } -------------------------------------------------------------------------------- /data/arjun16-351.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "arjun16", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 351, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/351" 8 | } -------------------------------------------------------------------------------- /data/ast3ros-513.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ast3ros", 4 | "risk": "2", 5 | "title": "Potential for Front-Running During Lender Deauthorization", 6 | "issueId": 513, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/513" 8 | } -------------------------------------------------------------------------------- /data/ast3ros-514.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ast3ros", 4 | "risk": "2", 5 | "title": "Abuse of setAnnualInterestBips Allows Borrower to Bypass Reserve Ratio Checks", 6 | "issueId": 514, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/514" 8 | } -------------------------------------------------------------------------------- /data/ast3ros-515.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ast3ros", 4 | "risk": "2", 5 | "title": "Incorrect Argument Order in Escrow Creation", 6 | "issueId": 515, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/515" 8 | } -------------------------------------------------------------------------------- /data/ast3ros-516.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ast3ros", 4 | "risk": "2", 5 | "title": "Sanctioned Accounts Can Circumvent Restrictions and Move Assets", 6 | "issueId": 516, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/516" 8 | } -------------------------------------------------------------------------------- /data/ast3ros-517.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ast3ros", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 517, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/517" 8 | } -------------------------------------------------------------------------------- /data/atrixs6-145.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "atrixs6", 4 | "risk": "2", 5 | "title": "setProtocolFeeConfiguration function logic flaw", 6 | "issueId": 145, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/145" 8 | } -------------------------------------------------------------------------------- /data/atrixs6-156.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "atrixs6", 4 | "risk": "3", 5 | "title": "The Controller cannot be successfully deployed.", 6 | "issueId": 156, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/156" 8 | } -------------------------------------------------------------------------------- /data/audityourcontracts-256.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "audityourcontracts", 4 | "risk": "2", 5 | "title": "Markets cannot be closed ", 6 | "issueId": 256, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/256" 8 | } -------------------------------------------------------------------------------- /data/ayden-118.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ayden", 4 | "risk": "2", 5 | "title": "market cannot be closed due to an incorrect modifier", 6 | "issueId": 118, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/118" 8 | } -------------------------------------------------------------------------------- /data/ayden-121.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ayden", 4 | "risk": "3", 5 | "title": "market token name and symbol can used to inject js code", 6 | "issueId": 121, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/121" 8 | } -------------------------------------------------------------------------------- /data/ayden-122.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ayden", 4 | "risk": "3", 5 | "title": "Users can use front-run to avoid being blocked by `nukeFromOrbit`", 6 | "issueId": 122, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/122" 8 | } -------------------------------------------------------------------------------- /data/ayden-148.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ayden", 4 | "risk": "2", 5 | "title": "Deleted authorizeLenders can still deposit to market", 6 | "issueId": 148, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/148" 8 | } -------------------------------------------------------------------------------- /data/ayden-182.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ayden", 4 | "risk": "2", 5 | "title": "maximumDelinquencyGracePeriod should be checked less than 2 weeks ", 6 | "issueId": 182, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/182" 8 | } -------------------------------------------------------------------------------- /data/ayden-184.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ayden", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 184, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/184" 8 | } -------------------------------------------------------------------------------- /data/b0g0-229.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "b0g0", 4 | "risk": "2", 5 | "title": "Min/Max constraints not enforced when changing the Annual Interest on a deployed market ", 6 | "issueId": 229, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/229" 8 | } -------------------------------------------------------------------------------- /data/bareli-625.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "bareli", 4 | "risk": "3", 5 | "title": "check transfer success", 6 | "issueId": 625, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/625" 8 | } -------------------------------------------------------------------------------- /data/bareli-641.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "bareli", 4 | "risk": "2", 5 | "title": "wrong written code for \"error selector and argument\"", 6 | "issueId": 641, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/641" 8 | } -------------------------------------------------------------------------------- /data/bareli-678.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "bareli", 4 | "risk": "2", 5 | "title": "wrong implementation of bipDiv.", 6 | "issueId": 678, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/678" 8 | } -------------------------------------------------------------------------------- /data/bareli-684.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "bareli", 4 | "risk": "2", 5 | "title": "wrong implementation of rayDiv.", 6 | "issueId": 684, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/684" 8 | } -------------------------------------------------------------------------------- /data/bdmcbri-255.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "bdmcbri", 4 | "risk": "2", 5 | "title": "Missing access check leads to unauthorized withdrawal of market tokens", 6 | "issueId": 255, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/255" 8 | } -------------------------------------------------------------------------------- /data/cartlex_-311.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cartlex_", 4 | "risk": "3", 5 | "title": "Lender's funds can be unexpected transferred to the borrower.", 6 | "issueId": 311, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/311" 8 | } -------------------------------------------------------------------------------- /data/cartlex_-366.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cartlex_", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 366, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/366" 8 | } -------------------------------------------------------------------------------- /data/cartlex_-369.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cartlex_", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 369, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/369" 8 | } -------------------------------------------------------------------------------- /data/cartlex_-566.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cartlex_", 4 | "risk": "3", 5 | "title": "Setting the interest rate after market was closed affects the lender.", 6 | "issueId": 566, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/566" 8 | } -------------------------------------------------------------------------------- /data/cartlex_-730.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cartlex_", 4 | "risk": "3", 5 | "title": "Upgraded Q -> 3 from #369 [1699544960870]", 6 | "issueId": 730 7 | } -------------------------------------------------------------------------------- /data/catellatech-248.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "catellatech", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 248, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/248" 8 | } -------------------------------------------------------------------------------- /data/caventa-102.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "3", 5 | "title": "Tokens are getting stuck in an escrow account without a way to retrieve them", 6 | "issueId": 102, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/102" 8 | } -------------------------------------------------------------------------------- /data/caventa-105.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "WildcatMarketConfig#stunningReversal should not be called by anyone", 6 | "issueId": 105, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/105" 8 | } -------------------------------------------------------------------------------- /data/caventa-106.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "Missing borrower and lender check in WildcatSanctionsSentinel#createEscrow", 6 | "issueId": 106, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/106" 8 | } -------------------------------------------------------------------------------- /data/caventa-110.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "unpaidBatches may stay forever due to rounding issue", 6 | "issueId": 110, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/110" 8 | } -------------------------------------------------------------------------------- /data/caventa-113.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "Withdrawal request can create for past expiry which is wrong", 6 | "issueId": 113, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/113" 8 | } -------------------------------------------------------------------------------- /data/caventa-119.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "Borrower may not repay their loan forever", 6 | "issueId": 119, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/119" 8 | } -------------------------------------------------------------------------------- /data/caventa-261.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "No logic handle minimum deposit ratio", 6 | "issueId": 261, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/261" 8 | } -------------------------------------------------------------------------------- /data/caventa-272.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "The borrower can manipulate the setAnnualInterestBips function to reduce their debt", 6 | "issueId": 272, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/272" 8 | } -------------------------------------------------------------------------------- /data/caventa-89.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "3", 5 | "title": "The lender should receive the over-collateralization asset when market is closed", 6 | "issueId": 89, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/89" 8 | } -------------------------------------------------------------------------------- /data/caventa-92.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 92, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/92" 8 | } -------------------------------------------------------------------------------- /data/caventa-93.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "Blacklist borrowers would disrupt market settlement during closeMarket().", 6 | "issueId": 93, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/93" 8 | } -------------------------------------------------------------------------------- /data/caventa-96.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "caventa", 4 | "risk": "2", 5 | "title": "Not considering expiry could lead to inaccurate liquidity calculations", 6 | "issueId": 96, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/96" 8 | } -------------------------------------------------------------------------------- /data/cheatc0d3-475.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cheatc0d3", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 475, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/475" 8 | } -------------------------------------------------------------------------------- /data/clara-508.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "clara", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 508, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/508" 8 | } -------------------------------------------------------------------------------- /data/crunch-416.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "crunch", 4 | "risk": "3", 5 | "title": "When a lender is nuked from orbit, his/her supply should cease to accrue interest", 6 | "issueId": 416, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/416" 8 | } -------------------------------------------------------------------------------- /data/crunch-417.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "crunch", 4 | "risk": "3", 5 | "title": "There is no way to close a market", 6 | "issueId": 417, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/417" 8 | } -------------------------------------------------------------------------------- /data/cryptothemex-626.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cryptothemex", 4 | "risk": "2", 5 | "title": "Fee-On-Transfer Issue", 6 | "issueId": 626, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/626" 8 | } -------------------------------------------------------------------------------- /data/cryptothemex-99.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cryptothemex", 4 | "risk": "3", 5 | "title": "WildcatMarketToken vulnerable to race condition", 6 | "issueId": 99, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/99" 8 | } -------------------------------------------------------------------------------- /data/cu5t0mpeo-88.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cu5t0mpeo", 4 | "risk": "2", 5 | "title": "updateLenderAuthorization function permission setting error", 6 | "issueId": 88, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/88" 8 | } -------------------------------------------------------------------------------- /data/cu5t0mpeo-90.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cu5t0mpeo", 4 | "risk": "2", 5 | "title": "The setAnnualInterestBips function does not do range checking", 6 | "issueId": 90, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/90" 8 | } -------------------------------------------------------------------------------- /data/cu5t0mpeo-91.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cu5t0mpeo", 4 | "risk": "2", 5 | "title": "The setMaxTotalSupply function fails", 6 | "issueId": 91, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/91" 8 | } -------------------------------------------------------------------------------- /data/cu5t0mpeo-94.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "cu5t0mpeo", 4 | "risk": "3", 5 | "title": "_transfer is missing necessary checks", 6 | "issueId": 94, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/94" 8 | } -------------------------------------------------------------------------------- /data/d3e4-689.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "d3e4", 4 | "risk": "2", 5 | "title": "Swapped parameters when calling `createEscrow()`", 6 | "issueId": 689, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/689" 8 | } -------------------------------------------------------------------------------- /data/d3e4-691.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "d3e4", 4 | "risk": "2", 5 | "title": "Missing check to avoid zero transfer revert", 6 | "issueId": 691, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/691" 8 | } -------------------------------------------------------------------------------- /data/d3e4-693.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "d3e4", 4 | "risk": "3", 5 | "title": "Usury from simple mistake", 6 | "issueId": 693, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/693" 8 | } -------------------------------------------------------------------------------- /data/debo-111.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 111, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/111" 8 | } -------------------------------------------------------------------------------- /data/debo-152.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "2", 5 | "title": "[M-05] Reentrancy in the WildcatSanctionsSentinel contract", 6 | "issueId": 152, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/152" 8 | } -------------------------------------------------------------------------------- /data/debo-153.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "2", 5 | "title": "[M-06] Modifier Side Effects on the ReentrancyGuard contract", 6 | "issueId": 153, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/153" 8 | } -------------------------------------------------------------------------------- /data/debo-24.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "2", 5 | "title": "[M-01] Approve front running attack within the WildcatMarketToken contract", 6 | "issueId": 24, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/24" 8 | } -------------------------------------------------------------------------------- /data/debo-25.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "2", 5 | "title": "[M-02] Strict equality check in block timestamp within the WildcatMarketBase contract", 6 | "issueId": 25, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/25" 8 | } -------------------------------------------------------------------------------- /data/debo-29.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "2", 5 | "title": "[M-03] Unchecked array length for WildcatMarketController contract", 6 | "issueId": 29, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/29" 8 | } -------------------------------------------------------------------------------- /data/debo-360.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "2", 5 | "title": "[M-07] Reentrancy in the WildcatMarketController contract", 6 | "issueId": 360, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/360" 8 | } -------------------------------------------------------------------------------- /data/debo-41.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "debo", 4 | "risk": "2", 5 | "title": "[M-04] Reentrancy in the WildcatSanctionsEscrow contract", 6 | "issueId": 41, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/41" 8 | } -------------------------------------------------------------------------------- /data/deepkin-115.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "deepkin", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 115, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/115" 8 | } -------------------------------------------------------------------------------- /data/deth-326.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "deth", 4 | "risk": "2", 5 | "title": "WildcatMarket.sol - A sanctioned lender can still deposit funds into the protocol", 6 | "issueId": 326, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/326" 8 | } -------------------------------------------------------------------------------- /data/deth-444.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "deth", 4 | "risk": "2", 5 | "title": "WildcatSanctionsSentinel.sol - createEscrow is called with incorrect ordering of params", 6 | "issueId": 444, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/444" 8 | } -------------------------------------------------------------------------------- /data/dethera-368.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "dethera", 4 | "risk": "2", 5 | "title": "Underflow error in the function `bytes32ToString` from the file `StringQuery.sol`", 6 | "issueId": 368, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/368" 8 | } -------------------------------------------------------------------------------- /data/dethera-698.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "dethera", 4 | "risk": "3", 5 | "title": "ERC20 tokens can be incorrectly burnt because of insufficient validation", 6 | "issueId": 698, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/698" 8 | } -------------------------------------------------------------------------------- /data/dethera-726.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "dethera", 4 | "risk": "3", 5 | "title": "The `approve` function can be frontrun", 6 | "issueId": 726, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/726" 8 | } -------------------------------------------------------------------------------- /data/devival-445.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "devival", 4 | "risk": "2", 5 | "title": "No Validation of `create2` Return Value", 6 | "issueId": 445, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/445" 8 | } -------------------------------------------------------------------------------- /data/devival-597.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "devival", 4 | "risk": "2", 5 | "title": "Protocol fees can be bypassed through penalty rates", 6 | "issueId": 597, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/597" 8 | } -------------------------------------------------------------------------------- /data/devival-612.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "devival", 4 | "risk": "2", 5 | "title": "Invalid validation of `releaseEscrow()` success", 6 | "issueId": 612, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/612" 8 | } -------------------------------------------------------------------------------- /data/devival-631.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "devival", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 631, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/631" 8 | } -------------------------------------------------------------------------------- /data/digitizeworx-221.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "digitizeworx", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 221, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/221" 8 | } -------------------------------------------------------------------------------- /data/eeshenggoh-72.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "eeshenggoh", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 72, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/72" 8 | } -------------------------------------------------------------------------------- /data/elprofesor-668.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "elprofesor", 4 | "risk": "3", 5 | "title": "Single lender can game markets into unexpected states of delinquency", 6 | "issueId": 668, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/668" 8 | } -------------------------------------------------------------------------------- /data/elprofesor-669.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "elprofesor", 4 | "risk": "3", 5 | "title": "Sanction Bypass Through Depositing to Authorized Borrower's Market", 6 | "issueId": 669, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/669" 8 | } -------------------------------------------------------------------------------- /data/elprofesor-670.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "elprofesor", 4 | "risk": "2", 5 | "title": "Sanction Bypass Through Transferring to another account", 6 | "issueId": 670, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/670" 8 | } -------------------------------------------------------------------------------- /data/elprofesor-674.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "elprofesor", 4 | "risk": "2", 5 | "title": "Malicious initial reserve ratio can be used to rug lenders collateral", 6 | "issueId": 674, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/674" 8 | } -------------------------------------------------------------------------------- /data/elprofesor-679.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "elprofesor", 4 | "risk": "2", 5 | "title": "Early market adopters can force delinquency to game borrowers", 6 | "issueId": 679, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/679" 8 | } -------------------------------------------------------------------------------- /data/elprofesor-681.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "elprofesor", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 681, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/681" 8 | } -------------------------------------------------------------------------------- /data/elprofesor-Q.md: -------------------------------------------------------------------------------- 1 | 1. Controller has no active way to closeMarket even though it is the only role able to call the function closeMarket 2 | 3 | 2. Controller has no active way to set MarketConfig.setMaxTotalSupply() -------------------------------------------------------------------------------- /data/erictee-509.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "erictee", 4 | "risk": "3", 5 | "title": "closeMarket function in WildcatMarket.sol is unusable, resulting in funds lost", 6 | "issueId": 509, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/509" 8 | } -------------------------------------------------------------------------------- /data/fatherOfBlocks-43.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fatherOfBlocks", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 43, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/43" 8 | } -------------------------------------------------------------------------------- /data/fatherOfBlocks-44.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fatherOfBlocks", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 44, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/44" 8 | } -------------------------------------------------------------------------------- /data/fatherOfBlocks-45.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fatherOfBlocks", 4 | "risk": "2", 5 | "title": "DoS due to lack of validation in the constructor", 6 | "issueId": 45, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/45" 8 | } -------------------------------------------------------------------------------- /data/flutter_developer-303.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "flutter_developer", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 303, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/303" 8 | } -------------------------------------------------------------------------------- /data/fr33rh-126.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fr33rh", 4 | "risk": "3", 5 | "title": "Incorrect parameter order in the function \"createEscrow\"", 6 | "issueId": 126, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/126" 8 | } -------------------------------------------------------------------------------- /data/fr33rh-175.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fr33rh", 4 | "risk": "2", 5 | "title": "Borrower can help lenders escape sanctions by `verrideSanction`", 6 | "issueId": 175, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/175" 8 | } -------------------------------------------------------------------------------- /data/fr33rh-39.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fr33rh", 4 | "risk": "2", 5 | "title": "the reserve ratio of a market can be manipulated by borrower", 6 | "issueId": 39, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/39" 8 | } -------------------------------------------------------------------------------- /data/fr33rh-415.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fr33rh", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 415, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/415" 8 | } -------------------------------------------------------------------------------- /data/fr33rh-452.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "fr33rh", 4 | "risk": "3", 5 | "title": "Arithmetic overflow at `uint104 scaledTotalSupply`", 6 | "issueId": 452, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/452" 8 | } -------------------------------------------------------------------------------- /data/ggg_ttt_hhh-197.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ggg_ttt_hhh", 4 | "risk": "2", 5 | "title": "The parameter order in the createEscrow function is incorrect.", 6 | "issueId": 197, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/197" 8 | } -------------------------------------------------------------------------------- /data/ggg_ttt_hhh-217.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ggg_ttt_hhh", 4 | "risk": "2", 5 | "title": "The closeMarket function cannot be called by anyone.", 6 | "issueId": 217, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/217" 8 | } -------------------------------------------------------------------------------- /data/ggg_ttt_hhh-321.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ggg_ttt_hhh", 4 | "risk": "2", 5 | "title": "The data type of scaledTotalSupply can lead to an overflow.", 6 | "issueId": 321, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/321" 8 | } -------------------------------------------------------------------------------- /data/gizzy-389.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "gizzy", 4 | "risk": "3", 5 | "title": "wrong placement of address when creating escrow which will return funds to borrower", 6 | "issueId": 389, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/389" 8 | } -------------------------------------------------------------------------------- /data/gizzy-450.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "gizzy", 4 | "risk": "3", 5 | "title": "when a market is removed from archcontroller sectioned lenders will lose their funds", 6 | "issueId": 450, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/450" 8 | } -------------------------------------------------------------------------------- /data/golu-461.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "golu", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 461, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/461" 8 | } -------------------------------------------------------------------------------- /data/grearlake-352.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "grearlake", 4 | "risk": "2", 5 | "title": "User's max withdraw queue is lower than avaiable liquidity to withdraw", 6 | "issueId": 352, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/352" 8 | } -------------------------------------------------------------------------------- /data/grearlake-358.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "grearlake", 4 | "risk": "3", 5 | "title": "WildcatMarketConfig.nukeFromORbit() does not work as intended", 6 | "issueId": 358, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/358" 8 | } -------------------------------------------------------------------------------- /data/grearlake-359.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "grearlake", 4 | "risk": "3", 5 | "title": "WildcatMarketConfig.nukeFromORbit() does not work as intended", 6 | "issueId": 359, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/359" 8 | } -------------------------------------------------------------------------------- /data/gumgumzum-370.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "gumgumzum", 4 | "risk": "3", 5 | "title": "Borrowers cannot close markets", 6 | "issueId": 370, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/370" 8 | } -------------------------------------------------------------------------------- /data/gumgumzum-694.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "gumgumzum", 4 | "risk": "3", 5 | "title": "Borrower cannot change the maximum supply", 6 | "issueId": 694, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/694" 8 | } -------------------------------------------------------------------------------- /data/gumgumzum-697.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "gumgumzum", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 697, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/697" 8 | } -------------------------------------------------------------------------------- /data/gumgumzum-Q.md: -------------------------------------------------------------------------------- 1 | ### Function `calculateLinearInterestFromBips` is duplicated in `FeeMath` and `MathUtils` and used from both in `FeeMath`. -------------------------------------------------------------------------------- /data/hash-365.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hash", 4 | "risk": "2", 5 | "title": "Pending withdrawal batch debt cannot be payed by the borrower until the cycle end ", 6 | "issueId": 365, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/365" 8 | } -------------------------------------------------------------------------------- /data/hash-401.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hash", 4 | "risk": "3", 5 | "title": "Markets cannot be closed due to the `onlyController` modifier ", 6 | "issueId": 401, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/401" 8 | } -------------------------------------------------------------------------------- /data/hash-428.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hash", 4 | "risk": "2", 5 | "title": "closeMarket() doesn't reset timeDelinquent ", 6 | "issueId": 428, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/428" 8 | } -------------------------------------------------------------------------------- /data/hash-522.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hash", 4 | "risk": "2", 5 | "title": "`_maxTotalSupply` cannot be updated due to lack of implementation in MarketController", 6 | "issueId": 522, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/522" 8 | } -------------------------------------------------------------------------------- /data/hash-642.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hash", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 642, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/642" 8 | } -------------------------------------------------------------------------------- /data/hash-700.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hash", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 700, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/700" 8 | } -------------------------------------------------------------------------------- /data/hunter_w3b-482.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hunter_w3b", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 482, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/482" 8 | } -------------------------------------------------------------------------------- /data/hunter_w3b-723.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "hunter_w3b", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 723, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/723" 8 | } -------------------------------------------------------------------------------- /data/imare-425.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "imare", 4 | "risk": "2", 5 | "title": "`nukeFromOrbit` moves only market tokens balance to the escrow contract", 6 | "issueId": 425, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/425" 8 | } -------------------------------------------------------------------------------- /data/imare-426.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "imare", 4 | "risk": "2", 5 | "title": "repayments by the borrower are not routed to the unclaimed withdrawals pool", 6 | "issueId": 426, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/426" 8 | } -------------------------------------------------------------------------------- /data/imare-427.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "imare", 4 | "risk": "2", 5 | "title": "a sanctioned account is only half blocked", 6 | "issueId": 427, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/427" 8 | } -------------------------------------------------------------------------------- /data/invitedtea-395.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "invitedtea", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 395, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/395" 8 | } -------------------------------------------------------------------------------- /data/inzinko-675.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "inzinko", 4 | "risk": "2", 5 | "title": "Borrowers can be forced to pay more interest than they planned for ", 6 | "issueId": 675, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/675" 8 | } -------------------------------------------------------------------------------- /data/inzinko-692.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "inzinko", 4 | "risk": "3", 5 | "title": "New approved lender can receive other peoples accrued interest fees ", 6 | "issueId": 692, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/692" 8 | } -------------------------------------------------------------------------------- /data/inzinko-702.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "inzinko", 4 | "risk": "2", 5 | "title": "Lender can cause unintended behavior for the borrower's transaction", 6 | "issueId": 702, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/702" 8 | } -------------------------------------------------------------------------------- /data/inzinko-725.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "inzinko", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 725, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/725" 8 | } -------------------------------------------------------------------------------- /data/jasonxiale-483.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "jasonxiale", 4 | "risk": "2", 5 | "title": "`FeeMath.updateScaleFactorAndFees` is not linearly increased", 6 | "issueId": 483, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/483" 8 | } -------------------------------------------------------------------------------- /data/jasonxiale-488.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "jasonxiale", 4 | "risk": "2", 5 | "title": "`WildcatMarket.closeMarket` can never be called", 6 | "issueId": 488, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/488" 8 | } -------------------------------------------------------------------------------- /data/jasonxiale-519.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "jasonxiale", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 519, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/519" 8 | } -------------------------------------------------------------------------------- /data/jauvany-549.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "jauvany", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 549, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/549" 8 | } -------------------------------------------------------------------------------- /data/joaovwfreire-376.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "joaovwfreire", 4 | "risk": "3", 5 | "title": "## Borrower can lend the borrowed collateral to itself", 6 | "issueId": 376, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/376" 8 | } -------------------------------------------------------------------------------- /data/josephdara-576.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "josephdara", 4 | "risk": "2", 5 | "title": "Escrow addresses can be deployed to steal tokens", 6 | "issueId": 576, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/576" 8 | } -------------------------------------------------------------------------------- /data/josephdara-617.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "josephdara", 4 | "risk": "3", 5 | "title": "Borrower can never close the market", 6 | "issueId": 617, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/617" 8 | } -------------------------------------------------------------------------------- /data/josieg_74497-486.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "josieg_74497", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 486, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/486" 8 | } -------------------------------------------------------------------------------- /data/josieg_74497-487.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "josieg_74497", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 487, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/487" 8 | } -------------------------------------------------------------------------------- /data/kali_defi-512.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "kali_defi", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 512, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/512" 8 | } -------------------------------------------------------------------------------- /data/karanctf-585.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "karanctf", 4 | "risk": "2", 5 | "title": "Wrong implementation causes unexpected revert on WildcatMarket::deposit() function", 6 | "issueId": 585, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/585" 8 | } -------------------------------------------------------------------------------- /data/ke1caM-292.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ke1caM", 4 | "risk": "3", 5 | "title": "Borrower can't close market.", 6 | "issueId": 292, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/292" 8 | } -------------------------------------------------------------------------------- /data/ke1caM-294.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ke1caM", 4 | "risk": "3", 5 | "title": "Borrower can't change maxTotalSupply which leads to loss of funds.", 6 | "issueId": 294, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/294" 8 | } -------------------------------------------------------------------------------- /data/ke1caM-295.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ke1caM", 4 | "risk": "2", 5 | "title": "Reserve ratio can't be changed by the borrower.", 6 | "issueId": 295, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/295" 8 | } -------------------------------------------------------------------------------- /data/ke1caM-296.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ke1caM", 4 | "risk": "2", 5 | "title": "Borrower lacks flexibilty when authorizing lenders to markets.", 6 | "issueId": 296, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/296" 8 | } -------------------------------------------------------------------------------- /data/kodyvim-307.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "kodyvim", 4 | "risk": "3", 5 | "title": "`createEscrow` mismatch the borrower and lender address", 6 | "issueId": 307, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/307" 8 | } -------------------------------------------------------------------------------- /data/kodyvim-310.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "kodyvim", 4 | "risk": "2", 5 | "title": "Markets cannot be closed due to wrong access control", 6 | "issueId": 310, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/310" 8 | } -------------------------------------------------------------------------------- /data/kodyvim-313.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "kodyvim", 4 | "risk": "2", 5 | "title": "sanctioned lenders could use transfer to escape sanction before queuewithdrawal", 6 | "issueId": 313, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/313" 8 | } -------------------------------------------------------------------------------- /data/kodyvim-316.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "kodyvim", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 316, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/316" 8 | } -------------------------------------------------------------------------------- /data/lanrebayode77-393.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "lanrebayode77", 4 | "risk": "2", 5 | "title": "Revert due to underflow", 6 | "issueId": 393, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/393" 8 | } -------------------------------------------------------------------------------- /data/lanrebayode77-394.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "lanrebayode77", 4 | "risk": "2", 5 | "title": "closeMarket is uncallable", 6 | "issueId": 394, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/394" 8 | } -------------------------------------------------------------------------------- /data/leegh-593.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "leegh", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 593, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/593" 8 | } -------------------------------------------------------------------------------- /data/lfzkoala-406.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "lfzkoala", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 406, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/406" 8 | } -------------------------------------------------------------------------------- /data/lfzkoala-409.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "lfzkoala", 4 | "risk": "2", 5 | "title": "Lender's Authorization Manipulation because of lacking access control. ", 6 | "issueId": 409, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/409" 8 | } -------------------------------------------------------------------------------- /data/lfzkoala-421.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "lfzkoala", 4 | "risk": "2", 5 | "title": "WildcatSanctionsEscrow not assigned", 6 | "issueId": 421, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/421" 8 | } -------------------------------------------------------------------------------- /data/lsaudit-536.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "lsaudit", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 536, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/536" 8 | } -------------------------------------------------------------------------------- /data/m4ttm-720.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "m4ttm", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 720, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/720" 8 | } -------------------------------------------------------------------------------- /data/m_Rassska-142.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "m_Rassska", 4 | "risk": "3", 5 | "title": "Poisoning all the lenders within the market", 6 | "issueId": 142, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/142" 8 | } -------------------------------------------------------------------------------- /data/mahdikarimi-622.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "mahdikarimi", 4 | "risk": "3", 5 | "title": "Borrower can set interest rate in close market state ", 6 | "issueId": 622, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/622" 8 | } -------------------------------------------------------------------------------- /data/mahdikarimi-634.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "mahdikarimi", 4 | "risk": "3", 5 | "title": "Borrower can't close a market ", 6 | "issueId": 634, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/634" 8 | } -------------------------------------------------------------------------------- /data/marchev-97.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "marchev", 4 | "risk": "2", 5 | "title": "Deflationary tokens enable lenders to steal other lender's deposits", 6 | "issueId": 97, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/97" 8 | } -------------------------------------------------------------------------------- /data/marqymarq10-157.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "marqymarq10", 4 | "risk": "3", 5 | "title": "Unapproved Lenders are still able to lend to the market through OTC deals.", 6 | "issueId": 157, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/157" 8 | } -------------------------------------------------------------------------------- /data/marqymarq10-158.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "marqymarq10", 4 | "risk": "3", 5 | "title": "Sanctioned Lenders can exit positions through OTC trade.", 6 | "issueId": 158, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/158" 8 | } -------------------------------------------------------------------------------- /data/marqymarq10-159.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "marqymarq10", 4 | "risk": "3", 5 | "title": "It is impossible to close a market.", 6 | "issueId": 159, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/159" 8 | } -------------------------------------------------------------------------------- /data/marqymarq10-228.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "marqymarq10", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 228, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/228" 8 | } -------------------------------------------------------------------------------- /data/matrix_0wl-469.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "matrix_0wl", 4 | "risk": "2", 5 | "title": "Result of `transfer` not checked", 6 | "issueId": 469, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/469" 8 | } -------------------------------------------------------------------------------- /data/matrix_0wl-591.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "matrix_0wl", 4 | "risk": "2", 5 | "title": "OpenZeppelin's EnumerableSet data structure", 6 | "issueId": 591, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/591" 8 | } -------------------------------------------------------------------------------- /data/matrix_0wl-599.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "matrix_0wl", 4 | "risk": "2", 5 | "title": "Reversed order of parameters in allowance function call", 6 | "issueId": 599, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/599" 8 | } -------------------------------------------------------------------------------- /data/matrix_0wl-608.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "matrix_0wl", 4 | "risk": "2", 5 | "title": "Insecure Access Control: Unauthorized Removal of Entities", 6 | "issueId": 608, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/608" 8 | } -------------------------------------------------------------------------------- /data/matrix_0wl-615.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "matrix_0wl", 4 | "risk": "2", 5 | "title": "Use of `transfer()` Might Render asset Impossible to Withdraw", 6 | "issueId": 615, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/615" 8 | } -------------------------------------------------------------------------------- /data/matrix_0wl-682.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "matrix_0wl", 4 | "risk": "3", 5 | "title": "TRANSFERING FUNDS TO YOURSELF INCREASES YOUR BALANCE", 6 | "issueId": 682, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/682" 8 | } -------------------------------------------------------------------------------- /data/max10afternoon-146.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "max10afternoon", 4 | "risk": "2", 5 | "title": "Broken invariant: anyone can withdraw from the market", 6 | "issueId": 146, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/146" 8 | } -------------------------------------------------------------------------------- /data/max10afternoon-166.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "max10afternoon", 4 | "risk": "2", 5 | "title": "Due to improper access control it is not possible to close markets", 6 | "issueId": 166, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/166" 8 | } -------------------------------------------------------------------------------- /data/nailkhalimov-176.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nailkhalimov", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 176, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/176" 8 | } -------------------------------------------------------------------------------- /data/naman1778-667.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "naman1778", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 667, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/667" 8 | } -------------------------------------------------------------------------------- /data/nirlin-628.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nirlin", 4 | "risk": "2", 5 | "title": "Deployment of the escrow contract with wrong inputs against the actual signature.", 6 | "issueId": 628, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/628" 8 | } -------------------------------------------------------------------------------- /data/nirlin-714.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nirlin", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 714, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/714" 8 | } -------------------------------------------------------------------------------- /data/nisedo-168.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nisedo", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 168, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/168" 8 | } -------------------------------------------------------------------------------- /data/nisedo-169.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nisedo", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 169, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/169" 8 | } -------------------------------------------------------------------------------- /data/nisedo-241.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nisedo", 4 | "risk": "3", 5 | "title": "Incompatibility with Rebasing Tokens", 6 | "issueId": 241, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/241" 8 | } -------------------------------------------------------------------------------- /data/nisedo-245.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nisedo", 4 | "risk": "2", 5 | "title": "Missing Reentrancy Guard and Access Control in `WildcatSanctionsEscrow.releaseEscrow()`", 6 | "issueId": 245, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/245" 8 | } -------------------------------------------------------------------------------- /data/nisedo-257.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nisedo", 4 | "risk": "3", 5 | "title": "Missing Access Control on `WildcatMarketController.updateLenderAuthorization`", 6 | "issueId": 257, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/257" 8 | } -------------------------------------------------------------------------------- /data/nobody2018-54.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nobody2018", 4 | "risk": "3", 5 | "title": "Sanctioned account can bypass sanction restrictions", 6 | "issueId": 54, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/54" 8 | } -------------------------------------------------------------------------------- /data/nobody2018-55.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nobody2018", 4 | "risk": "3", 5 | "title": "The account cannot get back the asset in WildcatSanctionsEscrow", 6 | "issueId": 55, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/55" 8 | } -------------------------------------------------------------------------------- /data/nobody2018-56.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nobody2018", 4 | "risk": "2", 5 | "title": "WildcatMarket should not define feeRecipient immutable variable", 6 | "issueId": 56, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/56" 8 | } -------------------------------------------------------------------------------- /data/nobody2018-57.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nobody2018", 4 | "risk": "2", 5 | "title": "WildcatMarket.deposit maybe revert in some cases", 6 | "issueId": 57, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/57" 8 | } -------------------------------------------------------------------------------- /data/nonseodion-527.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nonseodion", 4 | "risk": "3", 5 | "title": "Missing `closeMarket` function in WildcatMarketController", 6 | "issueId": 527, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/527" 8 | } -------------------------------------------------------------------------------- /data/nonseodion-721.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "nonseodion", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 721, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/721" 8 | } -------------------------------------------------------------------------------- /data/osmanozdemir1-373.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "osmanozdemir1", 4 | "risk": "2", 5 | "title": "`WildcatMarket::closeMarket()` can never be called", 6 | "issueId": 373, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/373" 8 | } -------------------------------------------------------------------------------- /data/osmanozdemir1-534.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "osmanozdemir1", 4 | "risk": "2", 5 | "title": "Escrow contracts can still be blocked", 6 | "issueId": 534, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/534" 8 | } -------------------------------------------------------------------------------- /data/osmanozdemir1-550.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "osmanozdemir1", 4 | "risk": "2", 5 | "title": "Blocked accounts keep earning interest contrary to the WhitePaper", 6 | "issueId": 550, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/550" 8 | } -------------------------------------------------------------------------------- /data/oualidpro-214.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "oualidpro", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 214, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/214" 8 | } -------------------------------------------------------------------------------- /data/oualidpro-225.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "oualidpro", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 225, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/225" 8 | } -------------------------------------------------------------------------------- /data/oualidpro-48.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "oualidpro", 4 | "risk": "2", 5 | "title": "Not checking the return value of `create2`", 6 | "issueId": 48, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/48" 8 | } -------------------------------------------------------------------------------- /data/peter-281.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "peter", 4 | "risk": "2", 5 | "title": "Close market never invoked", 6 | "issueId": 281, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/281" 8 | } -------------------------------------------------------------------------------- /data/petrichor-715.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "petrichor", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 715, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/715" 8 | } -------------------------------------------------------------------------------- /data/phenom80-231.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "phenom80", 4 | "risk": "2", 5 | "title": "Using block.timestamp as the deadline/expiry invites MEV", 6 | "issueId": 231, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/231" 8 | } -------------------------------------------------------------------------------- /data/phenom80-232.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "phenom80", 4 | "risk": "2", 5 | "title": "Return values of transfer()/transferFrom() not checked", 6 | "issueId": 232, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/232" 8 | } -------------------------------------------------------------------------------- /data/phenom80-233.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "phenom80", 4 | "risk": "2", 5 | "title": "Missing Reentrancy Guard in Functions with Transfer Hooks", 6 | "issueId": 233, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/233" 8 | } -------------------------------------------------------------------------------- /data/phenom80-235.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "phenom80", 4 | "risk": "2", 5 | "title": "Governance functions should be controlled by time locks", 6 | "issueId": 235, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/235" 8 | } -------------------------------------------------------------------------------- /data/phenom80-239.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "phenom80", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 239, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/239" 8 | } -------------------------------------------------------------------------------- /data/phenom80-240.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "phenom80", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 240, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/240" 8 | } -------------------------------------------------------------------------------- /data/psb01-555.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "psb01", 4 | "risk": "3", 5 | "title": "Passing arguments in wrong order while calling createEscrow", 6 | "issueId": 555, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/555" 8 | } -------------------------------------------------------------------------------- /data/radev_sw-206.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "radev_sw", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 206, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/206" 8 | } -------------------------------------------------------------------------------- /data/radev_sw-532.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "radev_sw", 4 | "risk": "2", 5 | "title": "Lender can bypass his sanctionated and withdraw his normalize and scaled amount", 6 | "issueId": 532, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/532" 8 | } -------------------------------------------------------------------------------- /data/radev_sw-542.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "radev_sw", 4 | "risk": "3", 5 | "title": "The market cannot actually be closed", 6 | "issueId": 542, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/542" 8 | } -------------------------------------------------------------------------------- /data/radev_sw-583.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "radev_sw", 4 | "risk": "2", 5 | "title": "After lender is unsanctioned, he will not be able to withdraw and deposit again", 6 | "issueId": 583, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/583" 8 | } -------------------------------------------------------------------------------- /data/radev_sw-659.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "radev_sw", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 659, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/659" 8 | } -------------------------------------------------------------------------------- /data/rahul-704.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rahul", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 704, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/704" 8 | } -------------------------------------------------------------------------------- /data/rbitbytes-216.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rbitbytes", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 216, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/216" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-123.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "Borrower pays interest for sanctioned funds and have no ability to return them", 6 | "issueId": 123, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/123" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-128.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "Borrower can close market when not all penalty is paid", 6 | "issueId": 128, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/128" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-129.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "WildcatMarket.closeMarket currently can't be called", 6 | "issueId": 129, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/129" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-133.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "WildcatMarket.depositUpTo checks max deposit incorrectly", 6 | "issueId": 133, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/133" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-134.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "WildcatMarketConfig.setMaxTotalSupply can't be called ", 6 | "issueId": 134, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/134" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-63.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "3", 5 | "title": "Blocked lender can simply frontrun nukeFromOrbit function and save funds", 6 | "issueId": 63, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/63" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-64.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "Lack of access control in WildcatMarketController.updateLenderAuthorization", 6 | "issueId": 64, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/64" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-73.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "Unauthorized lender can withdraw from Market", 6 | "issueId": 73, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/73" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-78.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "WildcatMarketWithdrawals.executeWithdrawal will pay incorrect amounts", 6 | "issueId": 78, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/78" 8 | } -------------------------------------------------------------------------------- /data/rvierdiiev-95.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "rvierdiiev", 4 | "risk": "2", 5 | "title": "Unpaid batches do not receive payment first", 6 | "issueId": 95, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/95" 8 | } -------------------------------------------------------------------------------- /data/sath26-336.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "sath26", 4 | "risk": "2", 5 | "title": "borrower immediately liquidated after released from escrow", 6 | "issueId": 336, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/336" 8 | } -------------------------------------------------------------------------------- /data/seerether-367.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "seerether", 4 | "risk": "3", 5 | "title": "The calculation for effectiveLenderAPR looks incorrect", 6 | "issueId": 367, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/367" 8 | } -------------------------------------------------------------------------------- /data/serial-coder-630.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "serial-coder", 4 | "risk": "3", 5 | "title": "Borrower can steal all blocked lender's underlying assets", 6 | "issueId": 630, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/630" 8 | } -------------------------------------------------------------------------------- /data/serial-coder-639.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "serial-coder", 4 | "risk": "3", 5 | "title": "Borrower cannot close their market", 6 | "issueId": 639, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/639" 8 | } -------------------------------------------------------------------------------- /data/serial-coder-646.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "serial-coder", 4 | "risk": "3", 5 | "title": "Borrower can borrow assets with zero interest", 6 | "issueId": 646, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/646" 8 | } -------------------------------------------------------------------------------- /data/shamsulhaq123-687.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "shamsulhaq123", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 687, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/687" 8 | } -------------------------------------------------------------------------------- /data/skodi-479.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "skodi", 4 | "risk": "3", 5 | "title": "server test", 6 | "issueId": 479, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/479" 8 | } -------------------------------------------------------------------------------- /data/sl1-440.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "sl1", 4 | "risk": "3", 5 | "title": "Borrower will steal lender's funds if lender gets sanctioned.", 6 | "issueId": 440, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/440" 8 | } -------------------------------------------------------------------------------- /data/sl1-442.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "sl1", 4 | "risk": "2", 5 | "title": "Missing function to close a market.", 6 | "issueId": 442, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/442" 8 | } -------------------------------------------------------------------------------- /data/smiling_heretic-419.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "smiling_heretic", 4 | "risk": "2", 5 | "title": "Wrong access control on closeMarket", 6 | "issueId": 419, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/419" 8 | } -------------------------------------------------------------------------------- /data/smiling_heretic-443.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "smiling_heretic", 4 | "risk": "2", 5 | "title": "Constraints not enforced in `setAnnualInterestBips`", 6 | "issueId": 443, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/443" 8 | } -------------------------------------------------------------------------------- /data/spark-538.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "spark", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 538, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/538" 8 | } -------------------------------------------------------------------------------- /data/squeaky_cactus-103.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "squeaky_cactus", 4 | "risk": "2", 5 | "title": "WildcatMarket can never be closed", 6 | "issueId": 103, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/103" 8 | } -------------------------------------------------------------------------------- /data/squeaky_cactus-179.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "squeaky_cactus", 4 | "risk": "2", 5 | "title": "Leap time affects interest rate", 6 | "issueId": 179, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/179" 8 | } -------------------------------------------------------------------------------- /data/squeaky_cactus-183.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "squeaky_cactus", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 183, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/183" 8 | } -------------------------------------------------------------------------------- /data/stackachu-601.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "stackachu", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 601, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/601" 8 | } -------------------------------------------------------------------------------- /data/stackachu-627.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "stackachu", 4 | "risk": "2", 5 | "title": "Markets cannot be closed", 6 | "issueId": 627, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/627" 8 | } -------------------------------------------------------------------------------- /data/stackachu-728.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "stackachu", 4 | "risk": "2", 5 | "title": "Upgraded Q -> 2 from #601 [1699543231321]", 6 | "issueId": 728 7 | } -------------------------------------------------------------------------------- /data/sumitchauhan-476.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "sumitchauhan", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 476, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/476" 8 | } -------------------------------------------------------------------------------- /data/t0x1c-141.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "t0x1c", 4 | "risk": "3", 5 | "title": "Lender is paid additional interest due to incorrect calculation of `scaleFactor`", 6 | "issueId": 141, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/141" 8 | } -------------------------------------------------------------------------------- /data/t0x1c-279.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "t0x1c", 4 | "risk": "3", 5 | "title": "Incorrect `market.borrowableAssets()` calculation", 6 | "issueId": 279, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/279" 8 | } -------------------------------------------------------------------------------- /data/t0x1c-357.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "t0x1c", 4 | "risk": "3", 5 | "title": "Borrower pays higher than expected penalty in case of overlapping delinquency events", 6 | "issueId": 357, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/357" 8 | } -------------------------------------------------------------------------------- /data/t0x1c-463.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "t0x1c", 4 | "risk": "3", 5 | "title": "Parameter change as well as interest accrual is possible in a closed market", 6 | "issueId": 463, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/463" 8 | } -------------------------------------------------------------------------------- /data/t0x1c-706.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "t0x1c", 4 | "risk": "3", 5 | "title": "Borrower escapes delinquency penalty if no intermittent action happens", 6 | "issueId": 706, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/706" 8 | } -------------------------------------------------------------------------------- /data/tabriz-559.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "tabriz", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 559, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/559" 8 | } -------------------------------------------------------------------------------- /data/tabriz-713.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "tabriz", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 713, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/713" 8 | } -------------------------------------------------------------------------------- /data/tallo-147.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "tallo", 4 | "risk": "2", 5 | "title": "```WildcatMarket#closeMarket``` is not callable by the controller", 6 | "issueId": 147, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/147" 8 | } -------------------------------------------------------------------------------- /data/tezeoffor-677.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "tezeoffor", 4 | "risk": "2", 5 | "title": "Invalid asset address can result to malicious Market Address and loss of fund", 6 | "issueId": 677, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/677" 8 | } -------------------------------------------------------------------------------- /data/tezeoffor-710.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "tezeoffor", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 710, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/710" 8 | } -------------------------------------------------------------------------------- /data/theunicorndog-177.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "theunicorndog", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 177, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/177" 8 | } -------------------------------------------------------------------------------- /data/theunicorndog-325.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "theunicorndog", 4 | "risk": "3", 5 | "title": "Incorrect Implementation of Linear Interest Rate for scale factor", 6 | "issueId": 325, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/325" 8 | } -------------------------------------------------------------------------------- /data/theunicorndog-339.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "theunicorndog", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 339, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/339" 8 | } -------------------------------------------------------------------------------- /data/theunicorndog-347.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "theunicorndog", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 347, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/347" 8 | } -------------------------------------------------------------------------------- /data/trachev-420.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "trachev", 4 | "risk": "3", 5 | "title": "A borrower cannot close their markets", 6 | "issueId": 420, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/420" 8 | } -------------------------------------------------------------------------------- /data/trachev-552.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "trachev", 4 | "risk": "2", 5 | "title": "Possibility of a market being deployed before fees are set", 6 | "issueId": 552, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/552" 8 | } -------------------------------------------------------------------------------- /data/trachev-666.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "trachev", 4 | "risk": "2", 5 | "title": "A borrower cannot redeploy a controller if their previous controller was removed ", 6 | "issueId": 666, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/666" 8 | } -------------------------------------------------------------------------------- /data/unique-453.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "unique", 4 | "risk": "Analysis", 5 | "title": "Analysis", 6 | "issueId": 453, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/453" 8 | } -------------------------------------------------------------------------------- /data/unique-470.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "unique", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 470, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/470" 8 | } -------------------------------------------------------------------------------- /data/unique-471.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "unique", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 471, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/471" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-14.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "Reentrancy in market controller", 6 | "issueId": 14, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/14" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-15.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "Unchecked Array Length", 6 | "issueId": 15, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/15" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-16.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "STRICT EQUALITY CHECK IN BLOCK.TIMESTAMP", 6 | "issueId": 16, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/16" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-17.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "Reentancy in Sanctions Sentinel", 6 | "issueId": 17, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/17" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-18.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "INCORRECT SHIFT ASSEMBLY", 6 | "issueId": 18, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/18" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-19.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "APPROVE FRONT-RUNNING ATTACK", 6 | "issueId": 19, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/19" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-20.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "MODIFIER SIDE EFFECTS", 6 | "issueId": 20, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/20" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-21.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "2", 5 | "title": "Reentrancy in Sanctions Escrow", 6 | "issueId": 21, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/21" 8 | } -------------------------------------------------------------------------------- /data/versiyonbir-22.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "versiyonbir", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 22, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/22" 8 | } -------------------------------------------------------------------------------- /data/wisdomn_-386.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "wisdomn_", 4 | "risk": "2", 5 | "title": "Unpaid withdrawals will not be deleted due to high gas costs.", 6 | "issueId": 386, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/386" 8 | } -------------------------------------------------------------------------------- /data/wisdomn_-424.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "wisdomn_", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 424, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/424" 8 | } -------------------------------------------------------------------------------- /data/wisdomn_-438.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "wisdomn_", 4 | "risk": "3", 5 | "title": "Function values can run out of gas, leading to a DOS", 6 | "issueId": 438, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/438" 8 | } -------------------------------------------------------------------------------- /data/xAlismx-656.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "xAlismx", 4 | "risk": "3", 5 | "title": "Denial of service to closeMarket.", 6 | "issueId": 656, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/656" 8 | } -------------------------------------------------------------------------------- /data/xAlismx-658.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "xAlismx", 4 | "risk": "3", 5 | "title": "InterestRate can be changed during close market.", 6 | "issueId": 658, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/658" 8 | } -------------------------------------------------------------------------------- /data/xeros-610.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "xeros", 4 | "risk": "2", 5 | "title": "Wrong argument order when calling createEscrow", 6 | "issueId": 610, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/610" 8 | } -------------------------------------------------------------------------------- /data/xeros-621.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "xeros", 4 | "risk": "2", 5 | "title": "Sanction can be bypassed by transferring market token", 6 | "issueId": 621, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/621" 8 | } -------------------------------------------------------------------------------- /data/xeros-657.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "xeros", 4 | "risk": "2", 5 | "title": "_blockAccount doesn’t transfer asset correctly", 6 | "issueId": 657, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/657" 8 | } -------------------------------------------------------------------------------- /data/ybansal2403-226.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ybansal2403", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 226, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/226" 8 | } -------------------------------------------------------------------------------- /data/yumsec-132.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "yumsec", 4 | "risk": "Q", 5 | "title": "QA Report", 6 | "issueId": 132, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/132" 8 | } -------------------------------------------------------------------------------- /data/zaevlad-67.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "zaevlad", 4 | "risk": "3", 5 | "title": "Users can lost assets if their account was blocked before and renewed after ", 6 | "issueId": 67, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/67" 8 | } -------------------------------------------------------------------------------- /data/zaevlad-69.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "zaevlad", 4 | "risk": "2", 5 | "title": "Market cannot be closed as there is no function for it", 6 | "issueId": 69, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/69" 8 | } -------------------------------------------------------------------------------- /data/zaevlad-70.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "zaevlad", 4 | "risk": "2", 5 | "title": "Borrowers can DoS Market closing in case it is not fully collateralized", 6 | "issueId": 70, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/70" 8 | } -------------------------------------------------------------------------------- /data/zhanmingjing-11.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "zhanmingjing", 4 | "risk": "2", 5 | "title": "math underflow will give out unexpected output, and cause more gas ", 6 | "issueId": 11, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/11" 8 | } -------------------------------------------------------------------------------- /data/zhanmingjing-12.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "zhanmingjing", 4 | "risk": "2", 5 | "title": "math underflow will give out unexpected output, and cause more gas", 6 | "issueId": 12, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/12" 8 | } -------------------------------------------------------------------------------- /data/ziyou--33.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ziyou-", 4 | "risk": "2", 5 | "title": "One year may not be 365 days.", 6 | "issueId": 33, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/33" 8 | } -------------------------------------------------------------------------------- /data/ziyou--434.json: -------------------------------------------------------------------------------- 1 | { 2 | "contest": 296, 3 | "handle": "ziyou-", 4 | "risk": "G", 5 | "title": "Gas Optimizations", 6 | "issueId": 434, 7 | "issueUrl": "https://github.com/code-423n4/2023-10-wildcat-findings/issues/434" 8 | } --------------------------------------------------------------------------------