Skip to content

Issues: code-423n4/2024-08-superposition-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

41 Open 133 Closed
41 Open 133 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

QA Report 1st place bug Something isn't working edited-by-warden grade-a Q-01 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax selected for report This submission will be included/highlighted in the audit report sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#169 opened Sep 18, 2024 by howlbot-integration bot
6
QA Report 3rd place bug Something isn't working grade-a Q-02 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#168 opened Sep 18, 2024 by howlbot-integration bot
5
QA Report bug Something isn't working grade-b Q-03 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#167 opened Sep 18, 2024 by howlbot-integration bot
5
QA Report bug Something isn't working grade-b Q-04 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality
#166 opened Sep 18, 2024 by howlbot-integration bot
3
tokenURI IS EIP721 Non-compliant bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-49 grade-b Q-05 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_05_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#164 opened Sep 16, 2024 by howlbot-integration bot
5
update_emergency_council_7_D_0_C_1_C_58() updates nft manager instead of emergency council 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-01 primary issue Highest quality submission among a set of duplicates 🤖_41_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#162 opened Sep 16, 2024 by howlbot-integration bot
3
OwnershipNFTs.sol is not ERC721 compliant, doesnt implement the ERC165 interface. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-49 edited-by-warden grade-b Q-06 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_56_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#161 opened Sep 16, 2024 by howlbot-integration bot
5
Unrevoked approvals allow NFT recovery by previous owner 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-02 primary issue Highest quality submission among a set of duplicates 🤖_22_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#160 opened Sep 16, 2024 by howlbot-integration bot
3
Missing lower<upper check in mint_position 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-03 primary issue Highest quality submission among a set of duplicates 🤖_primary AI based primary recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#149 opened Sep 16, 2024 by howlbot-integration bot
3
_onTransferReceived() does not work as intended 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue edited-by-warden M-01 primary issue Highest quality submission among a set of duplicates 🤖_09_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#148 opened Sep 16, 2024 by howlbot-integration bot
4
bytes data param is not passed to ERC721 recipient as expected by EIP-721 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden M-02 🤖_primary AI based primary recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#146 opened Sep 16, 2024 by howlbot-integration bot
8
Position's owed fees should allow underflow but it reverts instead, resulting in locked funds 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-04 primary issue Highest quality submission among a set of duplicates 🤖_54_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#143 opened Sep 16, 2024 by howlbot-integration bot
5
A pool with high liquidity and low price may have a price overflow after swapping bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_primary AI based primary recommendation sufficient quality report This report is of sufficient quality
#139 opened Sep 16, 2024 by howlbot-integration bot
5
OwnershipNFTs.sol does not declare supportsInterface bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-49 grade-a QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_primary AI based primary recommendation 🤖_56_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#138 opened Sep 16, 2024 by howlbot-integration bot
6
_requireAuthorised() check is incorrect as it deviates from the ERC-721 spec bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-49 edited-by-warden grade-b Q-07 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_primary AI based primary recommendation 🤖_10_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#129 opened Sep 16, 2024 by howlbot-integration bot
5
burn_position does not check whether the pool is enabled bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-13 grade-b Q-08 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_primary AI based primary recommendation 🤖_32_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#98 opened Sep 16, 2024 by howlbot-integration bot
3
Incorrect Implementation of ERC721 Standard bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-49 grade-b Q-09 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_56_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#97 opened Sep 16, 2024 by howlbot-integration bot
5
Parameter Misordering in Fee Collection Function Causes Denial of Service and Fee Loss 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working H-05 primary issue Highest quality submission among a set of duplicates 🤖_38_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sufficient quality report This report is of sufficient quality
#84 opened Sep 16, 2024 by howlbot-integration bot
3
The authorised_enablers can disable pools bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue duplicate-47 grade-b Q-10 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_04_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#82 opened Sep 16, 2024 by howlbot-integration bot
3
Wrong liquidity formula used 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-03 🤖_primary AI based primary recommendation 🤖_60_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#77 opened Sep 16, 2024 by howlbot-integration bot
10
Missing update current tick when we call set_sqrt_price_F_F_4_D_B_98_C() bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-11 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor acknowledged Technically the issue is correct, but we're not going to resolve it for XYZ reasons sufficient quality report This report is of sufficient quality
#63 opened Sep 16, 2024 by howlbot-integration bot
6
Lp's liquidity may be lost if re-org happens 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-04 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#62 opened Sep 16, 2024 by howlbot-integration bot
8
Min tick has wrong rounding making part of the liquidity range unaccessible bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-a primary issue Highest quality submission among a set of duplicates QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax 🤖_08_group AI based duplicate group recommendation sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#61 opened Sep 16, 2024 by howlbot-integration bot
9
When performing 'swap' and the swap position does not cover 'swap amount', the base price of 'sqrt_price' is set incorrectly. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-05 primary issue Highest quality submission among a set of duplicates 🤖_25_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#58 opened Sep 16, 2024 by howlbot-integration bot
3
decrPosition09293696 will not work due to incorrect function signature 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-06 primary issue Highest quality submission among a set of duplicates 🤖_20_group AI based duplicate group recommendation satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") sufficient quality report This report is of sufficient quality
#57 opened Sep 16, 2024 by howlbot-integration bot
3
ProTip! Adding no:label will show everything without a label.