Back to sorrynotsorry's contests

Paladin contest - sorrynotsorry's results

A governance lending protocol transforming users voting power into a new money lego.

General Information

Platform: Code4rena

Start Date: 29/03/2022

Pot Size: $50,000 USDC

Total HM: 16

Participants: 42

Period: 5 days

Judge: 0xean

Total Solo HM: 9

Id: 105

League: ETH

Findings Distribution

Researcher Performance

Rank: 34/42

Findings: 1

Award: $121.24

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Paladin

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0v3rf10w, 0xDjango, 0xkatana, 0xmint, Czar102, Dravee, Funen, Ruhum, TerrierLover, defsec, gzeon, hake, hyh, jah, kenta, minhquanym, okkothejawa, pmerkleplant, rayn, reassor, robee, sorrynotsorry, sseefried, teryanarmen

Awards

121.2428 USDC - $121.24

Labels

bug

QA (Quality Assurance)

External Links

Link to GitHub issue

Usage of deprecated safeApprove. Link
There is no zero address/value check for the immutable variables (_rewardsVault, _startDropPerSecond,_dropDecreaseDuration,_baseLockBonusRatio, _minLockBonusRatio, _maxLockBonusRatio ) inside the constructor function at HolyPaladinToken.sol
Contract is not pausable. Instead of Emergency condition which downgrades users' positions, OpenZeppelin's pausable.sol can be utilized.

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Contests

Get in touch

Contact Twitter