# Table of Contents - [README | Immunefi Audit Competitions](#readme-immunefi-audit-competitions) - [BadgerDAO (eBTC) | Immunefi Audit Competitions](#badgerdao-ebtc-immunefi-audit-competitions) - [Immunefi Arbitration | Immunefi Audit Competitions](#immunefi-arbitration-immunefi-audit-competitions) - [DeGate | Immunefi Audit Competitions](#degate-immunefi-audit-competitions) - [IDEX | Immunefi Audit Competitions](#idex-immunefi-audit-competitions) - [Mitigation Audit | Folks Finance | Immunefi Audit Competitions](#mitigation-audit-folks-finance-immunefi-audit-competitions) - [Email Protection | Cloudflare](#email-protection-cloudflare) --- # README | Immunefi Audit Competitions Welcome to the Immunefi Audit Competitions Results page! Here you'll find all the results of past audit competitions run on Immunefi. We regularly update this page to include the latest information and outcomes of our audit competitions. If you are interested in participating in the next audit competition, you can find more information [herearrow-up-right](https://immunefi.com/boost/) . [NextAlchemixchevron-right](https://reports.immunefi.com/alchemix) Last updated 1 month ago Was this helpful? This site uses cookies to deliver its service and to analyze traffic. By browsing this site, you accept the [privacy policy](https://policies.gitbook.com/privacy/cookies) . close AcceptReject --- # BadgerDAO (eBTC) | Immunefi Audit Competitions [hashtag](https://reports.immunefi.com/badgerdao-ebtc#reports-by-severity) Reports by Severity --------------------------------------------------------------------------------------------------- [Low](https://reports.immunefi.com/badgerdao-ebtc#low) | [Insight](https://reports.immunefi.com/badgerdao-ebtc#insight) chevron-rightLow[hashtag](https://reports.immunefi.com/badgerdao-ebtc#low) * [28791 - \[SC - Low\] The system protects from any rounding issues wh...](https://reports.immunefi.com/badgerdao-ebtc/28791-sc-low-the-system-protects-from-any-rounding-issues-wh...) * [28828 - \[SC - Low\] Use of deprecated Chainlink API can lead contra...](https://reports.immunefi.com/badgerdao-ebtc/28828-sc-low-use-of-deprecated-chainlink-api-can-lead-contra...) * [28843 - \[SC - Low\] Canceled partial redeeming syncs the accounting...](https://reports.immunefi.com/badgerdao-ebtc/28843-sc-low-canceled-partial-redeeming-syncs-the-accounting...) * [28849 - \[SC - Low\] Using batchRedemption even if the TCR becomes s...](https://reports.immunefi.com/badgerdao-ebtc/28849-sc-low-using-batchredemption-even-if-the-tcr-becomes-s...) chevron-rightInsight[hashtag](https://reports.immunefi.com/badgerdao-ebtc#insight) * [28546 - \[SC - Insight\] FlashLoan can be taken with no fee to be paid](https://reports.immunefi.com/badgerdao-ebtc/28546-sc-insight-flashloan-can-be-taken-with-no-fee-to-be-paid) * [28605 - \[SC - Insight\] Reentrancy on ActivePool allows users to borrow...](https://reports.immunefi.com/badgerdao-ebtc/28605-sc-insight-reentrancy-on-activepool-allows-users-to-borrow...) * [28659 - \[SC - Insight\] Reentrancy in BorrowerOperationsflashLoan enabl...](https://reports.immunefi.com/badgerdao-ebtc/28659-sc-insight-reentrancy-in-borroweroperationsflashloan-enabl...) * [28713 - \[SC - Insight\] Reentrancy on BorrowerOperations allows users t...](https://reports.immunefi.com/badgerdao-ebtc/28713-sc-insight-reentrancy-on-borroweroperations-allows-users-t...) * [28823 - \[SC - Insight\] Lido slashing can negatively affect the whole l...](https://reports.immunefi.com/badgerdao-ebtc/28823-sc-insight-lido-slashing-can-negatively-affect-the-whole-l...) * [28853 - \[SC - Insight\] Trycatch will not function with internal type](https://reports.immunefi.com/badgerdao-ebtc/28853-sc-insight-trycatch-will-not-function-with-internal-type) * [28858 - \[SC - Insight\] Execution of SortedCpds while command may cause...](https://reports.immunefi.com/badgerdao-ebtc/28858-sc-insight-execution-of-sortedcpds-while-command-may-cause...) * [28862 - \[SC - Insight\] Static MIN\_CHANGE threshold and lack of relativ...](https://reports.immunefi.com/badgerdao-ebtc/28862-sc-insight-static-min_change-threshold-and-lack-of-relativ...) * [28864 - \[SC - Insight\] Unfair Liquidation when ICR equals TCR in redee...](https://reports.immunefi.com/badgerdao-ebtc/28864-sc-insight-unfair-liquidation-when-icr-equals-tcr-in-redee...) * [28890 - \[SC - Insight\] EBTCTokensol mint function lack of checks allow...](https://reports.immunefi.com/badgerdao-ebtc/28890-sc-insight-ebtctokensol-mint-function-lack-of-checks-allow...) * [28916 - \[SC - Insight\] Liquidation Abuse More than half of all assets ...](https://reports.immunefi.com/badgerdao-ebtc/28916-sc-insight-liquidation-abuse-more-than-half-of-all-assets-...) * [28967 - \[SC - Insight\] When fallback oracle is frozen fetchPrice can r...](https://reports.immunefi.com/badgerdao-ebtc/28967-sc-insight-when-fallback-oracle-is-frozen-fetchprice-can-r...) * [28973 - \[SC - Insight\] Users CDPs can be removed unintentionally by CD...](https://reports.immunefi.com/badgerdao-ebtc/28973-sc-insight-users-cdps-can-be-removed-unintentionally-by-cd...) * [28980 - \[SC - Insight\] Ther is an invariant Check Failure in flashLoan...](https://reports.immunefi.com/badgerdao-ebtc/28980-sc-insight-ther-is-an-invariant-check-failure-in-flashloan...) * [29000 - \[SC - Insight\] Potential for Denial-of-Service in the redeemCo...](https://reports.immunefi.com/badgerdao-ebtc/29000-sc-insight-potential-for-denial-of-service-in-the-redeemco...) * [29002 - \[SC - Insight\] Incorrect implementation of EIP- domain separat...](https://reports.immunefi.com/badgerdao-ebtc/29002-sc-insight-incorrect-implementation-of-eip-domain-separat...) [hashtag](https://reports.immunefi.com/badgerdao-ebtc#reports-by-type) Reports by Type ------------------------------------------------------------------------------------------- [Smart Contract](https://reports.immunefi.com/badgerdao-ebtc#smart-contract) chevron-rightSmart Contract[hashtag](https://reports.immunefi.com/badgerdao-ebtc#smart-contract) * [28546 - \[SC - Insight\] FlashLoan can be taken with no fee to be paid](https://reports.immunefi.com/badgerdao-ebtc/28546-sc-insight-flashloan-can-be-taken-with-no-fee-to-be-paid) * [28605 - \[SC - Insight\] Reentrancy on ActivePool allows users to borrow...](https://reports.immunefi.com/badgerdao-ebtc/28605-sc-insight-reentrancy-on-activepool-allows-users-to-borrow...) * [28659 - \[SC - Insight\] Reentrancy in BorrowerOperationsflashLoan enabl...](https://reports.immunefi.com/badgerdao-ebtc/28659-sc-insight-reentrancy-in-borroweroperationsflashloan-enabl...) * [28713 - \[SC - Insight\] Reentrancy on BorrowerOperations allows users t...](https://reports.immunefi.com/badgerdao-ebtc/28713-sc-insight-reentrancy-on-borroweroperations-allows-users-t...) * [28791 - \[SC - Low\] The system protects from any rounding issues wh...](https://reports.immunefi.com/badgerdao-ebtc/28791-sc-low-the-system-protects-from-any-rounding-issues-wh...) * [28823 - \[SC - Insight\] Lido slashing can negatively affect the whole l...](https://reports.immunefi.com/badgerdao-ebtc/28823-sc-insight-lido-slashing-can-negatively-affect-the-whole-l...) * [28828 - \[SC - Low\] Use of deprecated Chainlink API can lead contra...](https://reports.immunefi.com/badgerdao-ebtc/28828-sc-low-use-of-deprecated-chainlink-api-can-lead-contra...) * [28843 - \[SC - Low\] Canceled partial redeeming syncs the accounting...](https://reports.immunefi.com/badgerdao-ebtc/28843-sc-low-canceled-partial-redeeming-syncs-the-accounting...) * [28849 - \[SC - Low\] Using batchRedemption even if the TCR becomes s...](https://reports.immunefi.com/badgerdao-ebtc/28849-sc-low-using-batchredemption-even-if-the-tcr-becomes-s...) * [28853 - \[SC - Insight\] Trycatch will not function with internal type](https://reports.immunefi.com/badgerdao-ebtc/28853-sc-insight-trycatch-will-not-function-with-internal-type) * [28858 - \[SC - Insight\] Execution of SortedCpds while command may cause...](https://reports.immunefi.com/badgerdao-ebtc/28858-sc-insight-execution-of-sortedcpds-while-command-may-cause...) * [28862 - \[SC - Insight\] Static MIN\_CHANGE threshold and lack of relativ...](https://reports.immunefi.com/badgerdao-ebtc/28862-sc-insight-static-min_change-threshold-and-lack-of-relativ...) * [28864 - \[SC - Insight\] Unfair Liquidation when ICR equals TCR in redee...](https://reports.immunefi.com/badgerdao-ebtc/28864-sc-insight-unfair-liquidation-when-icr-equals-tcr-in-redee...) * [28890 - \[SC - Insight\] EBTCTokensol mint function lack of checks allow...](https://reports.immunefi.com/badgerdao-ebtc/28890-sc-insight-ebtctokensol-mint-function-lack-of-checks-allow...) * [28916 - \[SC - Insight\] Liquidation Abuse More than half of all assets ...](https://reports.immunefi.com/badgerdao-ebtc/28916-sc-insight-liquidation-abuse-more-than-half-of-all-assets-...) * [28967 - \[SC - Insight\] When fallback oracle is frozen fetchPrice can r...](https://reports.immunefi.com/badgerdao-ebtc/28967-sc-insight-when-fallback-oracle-is-frozen-fetchprice-can-r...) * [28973 - \[SC - Insight\] Users CDPs can be removed unintentionally by CD...](https://reports.immunefi.com/badgerdao-ebtc/28973-sc-insight-users-cdps-can-be-removed-unintentionally-by-cd...) * [28980 - \[SC - Insight\] Ther is an invariant Check Failure in flashLoan...](https://reports.immunefi.com/badgerdao-ebtc/28980-sc-insight-ther-is-an-invariant-check-failure-in-flashloan...) * [29000 - \[SC - Insight\] Potential for Denial-of-Service in the redeemCo...](https://reports.immunefi.com/badgerdao-ebtc/29000-sc-insight-potential-for-denial-of-service-in-the-redeemco...) * [29002 - \[SC - Insight\] Incorrect implementation of EIP- domain separat...](https://reports.immunefi.com/badgerdao-ebtc/29002-sc-insight-incorrect-implementation-of-eip-domain-separat...) [Previous31597 - \[SC - High\] Loss of precision while calculating claimable f...chevron-left](https://reports.immunefi.com/alchemix/31597-sc-high-loss-of-precision-while-calculating-claimable-f...) [Next28546 - \[SC - Insight\] FlashLoan can be taken with no fee to be paidchevron-right](https://reports.immunefi.com/badgerdao-ebtc/28546-sc-insight-flashloan-can-be-taken-with-no-fee-to-be-paid) Last updated 1 year ago Was this helpful? * [Reports by Severity](https://reports.immunefi.com/badgerdao-ebtc#reports-by-severity) * [Reports by Type](https://reports.immunefi.com/badgerdao-ebtc#reports-by-type) Was this helpful? sun-brightdesktopmoon sun-brightdesktopmoon --- # Immunefi Arbitration | Immunefi Audit Competitions [hashtag](https://reports.immunefi.com/immunefi-arbitration#reports-by-severity) Reports by Severity --------------------------------------------------------------------------------------------------------- [Low](https://reports.immunefi.com/immunefi-arbitration#low) | [Insight](https://reports.immunefi.com/immunefi-arbitration#insight) chevron-rightLow[hashtag](https://reports.immunefi.com/immunefi-arbitration#low) * [29432 - \[SC - Low\] Malicious project can grief reward payouts from...](https://reports.immunefi.com/immunefi-arbitration/29432-sc-low-malicious-project-can-grief-reward-payouts-from...) * [29467 - \[SC - Low\] RewardTimelockexecuteRewardTransaction - L Inco...](https://reports.immunefi.com/immunefi-arbitration/29467-sc-low-rewardtimelockexecuterewardtransaction-l-inco...) * [29738 - \[SC - Low\] Missing Chainlink circuit breaker check allows ...](https://reports.immunefi.com/immunefi-arbitration/29738-sc-low-missing-chainlink-circuit-breaker-check-allows-...) chevron-rightInsight[hashtag](https://reports.immunefi.com/immunefi-arbitration#insight) * [29318 - \[SC - Insight\] Timelock contract should use canExecuteTransact...](https://reports.immunefi.com/immunefi-arbitration/29318-sc-insight-timelock-contract-should-use-canexecutetransact...) * [29341 - \[SC - Insight\] Unsafe Downcast vulnerability this can lead to ...](https://reports.immunefi.com/immunefi-arbitration/29341-sc-insight-unsafe-downcast-vulnerability-this-can-lead-to-...) * [29347 - \[SC - Insight\] Chainlinks latestRoundData might return stale o...](https://reports.immunefi.com/immunefi-arbitration/29347-sc-insight-chainlinks-latestrounddata-might-return-stale-o...) * [29348 - \[SC - Insight\] Token price returned by PriceConsumer may be in...](https://reports.immunefi.com/immunefi-arbitration/29348-sc-insight-token-price-returned-by-priceconsumer-may-be-in...) * [29384 - \[SC - Insight\] Malicious project can remove the ImmunefiGuard ...](https://reports.immunefi.com/immunefi-arbitration/29384-sc-insight-malicious-project-can-remove-the-immunefiguard-...) * [29445 - \[SC - Insight\] latestRoundData Call May Result Stale](https://reports.immunefi.com/immunefi-arbitration/29445-sc-insight-latestrounddata-call-may-result-stale) * [29483 - \[SC - Insight\] RewardTimelockcanExecuteTransaction - Reward tr...](https://reports.immunefi.com/immunefi-arbitration/29483-sc-insight-rewardtimelockcanexecutetransaction-reward-tr...) * [29484 - \[SC - Insight\] Potential Loss of Precision in Conversion from ...](https://reports.immunefi.com/immunefi-arbitration/29484-sc-insight-potential-loss-of-precision-in-conversion-from-...) * [29513 - \[SC - Insight\] Critical reentrancy vulnerability in executeRew...](https://reports.immunefi.com/immunefi-arbitration/29513-sc-insight-critical-reentrancy-vulnerability-in-executerew...) * [29604 - \[SC - Insight\] VaultDelegatesendReward - Token fees not subtra...](https://reports.immunefi.com/immunefi-arbitration/29604-sc-insight-vaultdelegatesendreward-token-fees-not-subtra...) * [29744 - \[SC - Insight\] Projects can pay rewards at up to below market...](https://reports.immunefi.com/immunefi-arbitration/29744-sc-insight-projects-can-pay-rewards-at-up-to-below-market...) * [29760 - \[SC - Insight\] Enforcing Multiple Rewards During Arbitration B...](https://reports.immunefi.com/immunefi-arbitration/29760-sc-insight-enforcing-multiple-rewards-during-arbitration-b...) [hashtag](https://reports.immunefi.com/immunefi-arbitration#reports-by-type) Reports by Type ------------------------------------------------------------------------------------------------- [Smart Contract](https://reports.immunefi.com/immunefi-arbitration#smart-contract) chevron-rightSmart Contract[hashtag](https://reports.immunefi.com/immunefi-arbitration#smart-contract) * [29318 - \[SC - Insight\] Timelock contract should use canExecuteTransact...](https://reports.immunefi.com/immunefi-arbitration/29318-sc-insight-timelock-contract-should-use-canexecutetransact...) * [29341 - \[SC - Insight\] Unsafe Downcast vulnerability this can lead to ...](https://reports.immunefi.com/immunefi-arbitration/29341-sc-insight-unsafe-downcast-vulnerability-this-can-lead-to-...) * [29347 - \[SC - Insight\] Chainlinks latestRoundData might return stale o...](https://reports.immunefi.com/immunefi-arbitration/29347-sc-insight-chainlinks-latestrounddata-might-return-stale-o...) * [29348 - \[SC - Insight\] Token price returned by PriceConsumer may be in...](https://reports.immunefi.com/immunefi-arbitration/29348-sc-insight-token-price-returned-by-priceconsumer-may-be-in...) * [29384 - \[SC - Insight\] Malicious project can remove the ImmunefiGuard ...](https://reports.immunefi.com/immunefi-arbitration/29384-sc-insight-malicious-project-can-remove-the-immunefiguard-...) * [29432 - \[SC - Low\] Malicious project can grief reward payouts from...](https://reports.immunefi.com/immunefi-arbitration/29432-sc-low-malicious-project-can-grief-reward-payouts-from...) * [29445 - \[SC - Insight\] latestRoundData Call May Result Stale](https://reports.immunefi.com/immunefi-arbitration/29445-sc-insight-latestrounddata-call-may-result-stale) * [29467 - \[SC - Low\] RewardTimelockexecuteRewardTransaction - L Inco...](https://reports.immunefi.com/immunefi-arbitration/29467-sc-low-rewardtimelockexecuterewardtransaction-l-inco...) * [29483 - \[SC - Insight\] RewardTimelockcanExecuteTransaction - Reward tr...](https://reports.immunefi.com/immunefi-arbitration/29483-sc-insight-rewardtimelockcanexecutetransaction-reward-tr...) * [29484 - \[SC - Insight\] Potential Loss of Precision in Conversion from ...](https://reports.immunefi.com/immunefi-arbitration/29484-sc-insight-potential-loss-of-precision-in-conversion-from-...) * [29513 - \[SC - Insight\] Critical reentrancy vulnerability in executeRew...](https://reports.immunefi.com/immunefi-arbitration/29513-sc-insight-critical-reentrancy-vulnerability-in-executerew...) * [29604 - \[SC - Insight\] VaultDelegatesendReward - Token fees not subtra...](https://reports.immunefi.com/immunefi-arbitration/29604-sc-insight-vaultdelegatesendreward-token-fees-not-subtra...) * [29738 - \[SC - Low\] Missing Chainlink circuit breaker check allows ...](https://reports.immunefi.com/immunefi-arbitration/29738-sc-low-missing-chainlink-circuit-breaker-check-allows-...) * [29744 - \[SC - Insight\] Projects can pay rewards at up to below market...](https://reports.immunefi.com/immunefi-arbitration/29744-sc-insight-projects-can-pay-rewards-at-up-to-below-market...) * [29760 - \[SC - Insight\] Enforcing Multiple Rewards During Arbitration B...](https://reports.immunefi.com/immunefi-arbitration/29760-sc-insight-enforcing-multiple-rewards-during-arbitration-b...) [PreviousBoost \_ IDEX 34566 - \[Smart Contract - Insight\] Withdrawingsolwithdraw\_delegatecall - Its possible fchevron-left](https://reports.immunefi.com/idex/boost-_-idex-34566-smart-contract-insight-withdrawingsolwithdraw_delegatecall-its-possible-for-users) [Next29318 - \[SC - Insight\] Timelock contract should use canExecuteTransact...chevron-right](https://reports.immunefi.com/immunefi-arbitration/29318-sc-insight-timelock-contract-should-use-canexecutetransact...) Last updated 1 year ago Was this helpful? * [Reports by Severity](https://reports.immunefi.com/immunefi-arbitration#reports-by-severity) * [Reports by Type](https://reports.immunefi.com/immunefi-arbitration#reports-by-type) Was this helpful? sun-brightdesktopmoon sun-brightdesktopmoon --- # DeGate | Immunefi Audit Competitions [hashtag](https://reports.immunefi.com/degate#reports-by-severity) Reports by Severity ------------------------------------------------------------------------------------------- [Insight](https://reports.immunefi.com/degate#insight) chevron-rightInsight[hashtag](https://reports.immunefi.com/degate#insight) * [25882 - \[SC - Insight\] Freezing of funds from the Default Deposit Cont...](https://reports.immunefi.com/degate/25882-sc-insight-freezing-of-funds-from-the-default-deposit-cont...) * [25885 - \[SC - Insight\] Prevent the operator from submitting blocks to L](https://reports.immunefi.com/degate/25885-sc-insight-prevent-the-operator-from-submitting-blocks-to-l) * [25886 - \[SC - Insight\] registerToken can be front-run causing token ca...](https://reports.immunefi.com/degate/25886-sc-insight-registertoken-can-be-front-run-causing-token-ca...) * [25892 - \[SC - Insight\] A malicious user can DoS force withdraw request...](https://reports.immunefi.com/degate/25892-sc-insight-a-malicious-user-can-dos-force-withdraw-request...) * [25903 - \[SC - Insight\] Possible loss of user funds by front-runing the...](https://reports.immunefi.com/degate/25903-sc-insight-possible-loss-of-user-funds-by-front-runing-the...) * [25906 - \[SC - Insight\] setDelay function doesnt revert even when the d...](https://reports.immunefi.com/degate/25906-sc-insight-setdelay-function-doesnt-revert-even-when-the-d...) * [25917 - \[SC - Insight\] Timelock can call transferProxyOwnership of Dep...](https://reports.immunefi.com/degate/25917-sc-insight-timelock-can-call-transferproxyownership-of-dep...) * [25921 - \[SC - Insight\] Flaw in upgradeToAndCall leads to the proxy cal...](https://reports.immunefi.com/degate/25921-sc-insight-flaw-in-upgradetoandcall-leads-to-the-proxy-cal...) * [25927 - \[SC - Insight\] MultiSig Owners can set malicious implementatio...](https://reports.immunefi.com/degate/25927-sc-insight-multisig-owners-can-set-malicious-implementatio...) * [25930 - \[SC - Insight\] Malicious owner can update the DepositParams st...](https://reports.immunefi.com/degate/25930-sc-insight-malicious-owner-can-update-the-depositparams-st...) * [25933 - \[SC - Insight\] The last person to confirm can control the exec...](https://reports.immunefi.com/degate/25933-sc-insight-the-last-person-to-confirm-can-control-the-exec...) * [25935 - \[SC - Insight\] Permissive Fallback Function](https://reports.immunefi.com/degate/25935-sc-insight-permissive-fallback-function) * [25952 - \[SC - Insight\] The smart contract could be inoperable due to w...](https://reports.immunefi.com/degate/25952-sc-insight-the-smart-contract-could-be-inoperable-due-to-w...) * [26012 - \[SC - Insight\] getTransactionIds will break at some point runn...](https://reports.immunefi.com/degate/26012-sc-insight-gettransactionids-will-break-at-some-point-runn...) * [26017 - \[SC - Insight\] getTransactionCount will break at some point ru...](https://reports.immunefi.com/degate/26017-sc-insight-gettransactioncount-will-break-at-some-point-ru...) * [26039 - \[SC - Insight\] Proxy contract deployments can be front-run to ...](https://reports.immunefi.com/degate/26039-sc-insight-proxy-contract-deployments-can-be-front-run-to-...) * [26066 - \[SC - Insight\] Timelock eta variable can be set further than i...](https://reports.immunefi.com/degate/26066-sc-insight-timelock-eta-variable-can-be-set-further-than-i...) * [26073 - \[SC - Insight\] The implementation upgrade must be done by call...](https://reports.immunefi.com/degate/26073-sc-insight-the-implementation-upgrade-must-be-done-by-call...) * [26095 - \[SC - Insight\] ID Uniqueness Violations](https://reports.immunefi.com/degate/26095-sc-insight-id-uniqueness-violations) * [26104 - \[SC - Insight\] Governance mechanism could be exploited to free...](https://reports.immunefi.com/degate/26104-sc-insight-governance-mechanism-could-be-exploited-to-free...) * [26110 - \[SC - Insight\] All the funds from the DepositProxy contracts c...](https://reports.immunefi.com/degate/26110-sc-insight-all-the-funds-from-the-depositproxy-contracts-c...) * [26116 - \[SC - Insight\] The MultiSigWalletgetTransactionIds function co...](https://reports.immunefi.com/degate/26116-sc-insight-the-multisigwalletgettransactionids-function-co...) * [26124 - \[SC - Insight\] Some owners of the MultiSigWallet can bring the...](https://reports.immunefi.com/degate/26124-sc-insight-some-owners-of-the-multisigwallet-can-bring-the...) * [26189 - \[SC - Insight\] Malicious Exchange Owner can sandwich-attack Et...](https://reports.immunefi.com/degate/26189-sc-insight-malicious-exchange-owner-can-sandwich-attack-et...) * [26204 - \[SC - Insight\] DeGate Operator has capability to disable balan...](https://reports.immunefi.com/degate/26204-sc-insight-degate-operator-has-capability-to-disable-balan...) * [26236 - \[SC - Insight\] Malicious DeGate Operator EOA can irreversibly ...](https://reports.immunefi.com/degate/26236-sc-insight-malicious-degate-operator-eoa-can-irreversibly-...) * [26259 - \[SC - Insight\] txHash collision is possible](https://reports.immunefi.com/degate/26259-sc-insight-txhash-collision-is-possible) * [26275 - \[SC - Insight\] Bad implementation of executeTransaction functi...](https://reports.immunefi.com/degate/26275-sc-insight-bad-implementation-of-executetransaction-functi...) * [26286 - \[SC - Insight\] Potential Signature Validation Bypass](https://reports.immunefi.com/degate/26286-sc-insight-potential-signature-validation-bypass) * [26422 - \[SC - Insight\] there is no explicit gas limit in external call...](https://reports.immunefi.com/degate/26422-sc-insight-there-is-no-explicit-gas-limit-in-external-call...) * [26423 - \[SC - Insight\] Timelock executeTransaction function will succe...](https://reports.immunefi.com/degate/26423-sc-insight-timelock-executetransaction-function-will-succe...) * [26431 - \[SC - Insight\] High Risk in transfer of proxyOwnership](https://reports.immunefi.com/degate/26431-sc-insight-high-risk-in-transfer-of-proxyownership) * [26446 - \[SC - Insight\] Consider implementing a two step process in tra...](https://reports.immunefi.com/degate/26446-sc-insight-consider-implementing-a-two-step-process-in-tra...) * [26468 - \[SC - Insight\] Fee-on-transfer tokens can be used to steal oth...](https://reports.immunefi.com/degate/26468-sc-insight-fee-on-transfer-tokens-can-be-used-to-steal-oth...) * [26479 - \[SC - Insight\] ExchangeV cannot be reinitialized after an upgrade](https://reports.immunefi.com/degate/26479-sc-insight-exchangev-cannot-be-reinitialized-after-an-upgrade) * [26501 - \[SC - Insight\] Timelock should handle queuing transactions and...](https://reports.immunefi.com/degate/26501-sc-insight-timelock-should-handle-queuing-transactions-and...) * [26502 - \[SC - Insight\] DeGate Exodus mode forcing study](https://reports.immunefi.com/degate/26502-sc-insight-degate-exodus-mode-forcing-study) * [26509 - \[SC - Insight\] Exodus Mode Force](https://reports.immunefi.com/degate/26509-sc-insight-exodus-mode-force) * [26516 - \[SC - Insight\] Gnosis Multisig Contract can become unusable](https://reports.immunefi.com/degate/26516-sc-insight-gnosis-multisig-contract-can-become-unusable) * [26519 - \[SC - Insight\] Consider introducing the ability to change requ...](https://reports.immunefi.com/degate/26519-sc-insight-consider-introducing-the-ability-to-change-requ...) * [26520 - \[SC - Insight\] Multisig Contract onChain can be bricked](https://reports.immunefi.com/degate/26520-sc-insight-multisig-contract-onchain-can-be-bricked) * [26521 - \[SC - Insight\] ChainId is missing](https://reports.immunefi.com/degate/26521-sc-insight-chainid-is-missing) * [26527 - \[SC - Insight\] Possible emission of wrong data in cancelTransa...](https://reports.immunefi.com/degate/26527-sc-insight-possible-emission-of-wrong-data-in-canceltransa...) * [26529 - \[SC - Insight\] Mitigate Griefing Attacks Theft of Gas by Impl...](https://reports.immunefi.com/degate/26529-sc-insight-mitigate-griefing-attacks-theft-of-gas-by-impl...) * [26530 - \[SC - Insight\] Inefficiency in upgradeToAndCall](https://reports.immunefi.com/degate/26530-sc-insight-inefficiency-in-upgradetoandcall) [hashtag](https://reports.immunefi.com/degate#reports-by-type) Reports by Type ----------------------------------------------------------------------------------- [Smart Contract](https://reports.immunefi.com/degate#smart-contract) chevron-rightSmart Contract[hashtag](https://reports.immunefi.com/degate#smart-contract) * [25882 - \[SC - Insight\] Freezing of funds from the Default Deposit Cont...](https://reports.immunefi.com/degate/25882-sc-insight-freezing-of-funds-from-the-default-deposit-cont...) * [25885 - \[SC - Insight\] Prevent the operator from submitting blocks to L](https://reports.immunefi.com/degate/25885-sc-insight-prevent-the-operator-from-submitting-blocks-to-l) * [25886 - \[SC - Insight\] registerToken can be front-run causing token ca...](https://reports.immunefi.com/degate/25886-sc-insight-registertoken-can-be-front-run-causing-token-ca...) * [25892 - \[SC - Insight\] A malicious user can DoS force withdraw request...](https://reports.immunefi.com/degate/25892-sc-insight-a-malicious-user-can-dos-force-withdraw-request...) * [25903 - \[SC - Insight\] Possible loss of user funds by front-runing the...](https://reports.immunefi.com/degate/25903-sc-insight-possible-loss-of-user-funds-by-front-runing-the...) * [25906 - \[SC - Insight\] setDelay function doesnt revert even when the d...](https://reports.immunefi.com/degate/25906-sc-insight-setdelay-function-doesnt-revert-even-when-the-d...) * [25917 - \[SC - Insight\] Timelock can call transferProxyOwnership of Dep...](https://reports.immunefi.com/degate/25917-sc-insight-timelock-can-call-transferproxyownership-of-dep...) * [25921 - \[SC - Insight\] Flaw in upgradeToAndCall leads to the proxy cal...](https://reports.immunefi.com/degate/25921-sc-insight-flaw-in-upgradetoandcall-leads-to-the-proxy-cal...) * [25927 - \[SC - Insight\] MultiSig Owners can set malicious implementatio...](https://reports.immunefi.com/degate/25927-sc-insight-multisig-owners-can-set-malicious-implementatio...) * [25930 - \[SC - Insight\] Malicious owner can update the DepositParams st...](https://reports.immunefi.com/degate/25930-sc-insight-malicious-owner-can-update-the-depositparams-st...) * [25933 - \[SC - Insight\] The last person to confirm can control the exec...](https://reports.immunefi.com/degate/25933-sc-insight-the-last-person-to-confirm-can-control-the-exec...) * [25935 - \[SC - Insight\] Permissive Fallback Function](https://reports.immunefi.com/degate/25935-sc-insight-permissive-fallback-function) * [25952 - \[SC - Insight\] The smart contract could be inoperable due to w...](https://reports.immunefi.com/degate/25952-sc-insight-the-smart-contract-could-be-inoperable-due-to-w...) * [26012 - \[SC - Insight\] getTransactionIds will break at some point runn...](https://reports.immunefi.com/degate/26012-sc-insight-gettransactionids-will-break-at-some-point-runn...) * [26017 - \[SC - Insight\] getTransactionCount will break at some point ru...](https://reports.immunefi.com/degate/26017-sc-insight-gettransactioncount-will-break-at-some-point-ru...) * [26039 - \[SC - Insight\] Proxy contract deployments can be front-run to ...](https://reports.immunefi.com/degate/26039-sc-insight-proxy-contract-deployments-can-be-front-run-to-...) * [26066 - \[SC - Insight\] Timelock eta variable can be set further than i...](https://reports.immunefi.com/degate/26066-sc-insight-timelock-eta-variable-can-be-set-further-than-i...) * [26073 - \[SC - Insight\] The implementation upgrade must be done by call...](https://reports.immunefi.com/degate/26073-sc-insight-the-implementation-upgrade-must-be-done-by-call...) * [26095 - \[SC - Insight\] ID Uniqueness Violations](https://reports.immunefi.com/degate/26095-sc-insight-id-uniqueness-violations) * [26104 - \[SC - Insight\] Governance mechanism could be exploited to free...](https://reports.immunefi.com/degate/26104-sc-insight-governance-mechanism-could-be-exploited-to-free...) * [26110 - \[SC - Insight\] All the funds from the DepositProxy contracts c...](https://reports.immunefi.com/degate/26110-sc-insight-all-the-funds-from-the-depositproxy-contracts-c...) * [26116 - \[SC - Insight\] The MultiSigWalletgetTransactionIds function co...](https://reports.immunefi.com/degate/26116-sc-insight-the-multisigwalletgettransactionids-function-co...) * [26124 - \[SC - Insight\] Some owners of the MultiSigWallet can bring the...](https://reports.immunefi.com/degate/26124-sc-insight-some-owners-of-the-multisigwallet-can-bring-the...) * [26189 - \[SC - Insight\] Malicious Exchange Owner can sandwich-attack Et...](https://reports.immunefi.com/degate/26189-sc-insight-malicious-exchange-owner-can-sandwich-attack-et...) * [26204 - \[SC - Insight\] DeGate Operator has capability to disable balan...](https://reports.immunefi.com/degate/26204-sc-insight-degate-operator-has-capability-to-disable-balan...) * [26236 - \[SC - Insight\] Malicious DeGate Operator EOA can irreversibly ...](https://reports.immunefi.com/degate/26236-sc-insight-malicious-degate-operator-eoa-can-irreversibly-...) * [26259 - \[SC - Insight\] txHash collision is possible](https://reports.immunefi.com/degate/26259-sc-insight-txhash-collision-is-possible) * [26275 - \[SC - Insight\] Bad implementation of executeTransaction functi...](https://reports.immunefi.com/degate/26275-sc-insight-bad-implementation-of-executetransaction-functi...) * [26286 - \[SC - Insight\] Potential Signature Validation Bypass](https://reports.immunefi.com/degate/26286-sc-insight-potential-signature-validation-bypass) * [26422 - \[SC - Insight\] there is no explicit gas limit in external call...](https://reports.immunefi.com/degate/26422-sc-insight-there-is-no-explicit-gas-limit-in-external-call...) * [26423 - \[SC - Insight\] Timelock executeTransaction function will succe...](https://reports.immunefi.com/degate/26423-sc-insight-timelock-executetransaction-function-will-succe...) * [26431 - \[SC - Insight\] High Risk in transfer of proxyOwnership](https://reports.immunefi.com/degate/26431-sc-insight-high-risk-in-transfer-of-proxyownership) * [26446 - \[SC - Insight\] Consider implementing a two step process in tra...](https://reports.immunefi.com/degate/26446-sc-insight-consider-implementing-a-two-step-process-in-tra...) * [26468 - \[SC - Insight\] Fee-on-transfer tokens can be used to steal oth...](https://reports.immunefi.com/degate/26468-sc-insight-fee-on-transfer-tokens-can-be-used-to-steal-oth...) * [26479 - \[SC - Insight\] ExchangeV cannot be reinitialized after an upgrade](https://reports.immunefi.com/degate/26479-sc-insight-exchangev-cannot-be-reinitialized-after-an-upgrade) * [26501 - \[SC - Insight\] Timelock should handle queuing transactions and...](https://reports.immunefi.com/degate/26501-sc-insight-timelock-should-handle-queuing-transactions-and...) * [26502 - \[SC - Insight\] DeGate Exodus mode forcing study](https://reports.immunefi.com/degate/26502-sc-insight-degate-exodus-mode-forcing-study) * [26509 - \[SC - Insight\] Exodus Mode Force](https://reports.immunefi.com/degate/26509-sc-insight-exodus-mode-force) * [26516 - \[SC - Insight\] Gnosis Multisig Contract can become unusable](https://reports.immunefi.com/degate/26516-sc-insight-gnosis-multisig-contract-can-become-unusable) * [26519 - \[SC - Insight\] Consider introducing the ability to change requ...](https://reports.immunefi.com/degate/26519-sc-insight-consider-introducing-the-ability-to-change-requ...) * [26520 - \[SC - Insight\] Multisig Contract onChain can be bricked](https://reports.immunefi.com/degate/26520-sc-insight-multisig-contract-onchain-can-be-bricked) * [26521 - \[SC - Insight\] ChainId is missing](https://reports.immunefi.com/degate/26521-sc-insight-chainid-is-missing) * [26527 - \[SC - Insight\] Possible emission of wrong data in cancelTransa...](https://reports.immunefi.com/degate/26527-sc-insight-possible-emission-of-wrong-data-in-canceltransa...) * [26529 - \[SC - Insight\] Mitigate Griefing Attacks Theft of Gas by Impl...](https://reports.immunefi.com/degate/26529-sc-insight-mitigate-griefing-attacks-theft-of-gas-by-impl...) * [26530 - \[SC - Insight\] Inefficiency in upgradeToAndCall](https://reports.immunefi.com/degate/26530-sc-insight-inefficiency-in-upgradetoandcall) [Previous29002 - \[SC - Insight\] Incorrect implementation of EIP- domain separat...chevron-left](https://reports.immunefi.com/badgerdao-ebtc/29002-sc-insight-incorrect-implementation-of-eip-domain-separat...) [Next25882 - \[SC - Insight\] Freezing of funds from the Default Deposit Cont...chevron-right](https://reports.immunefi.com/degate/25882-sc-insight-freezing-of-funds-from-the-default-deposit-cont...) Last updated 1 year ago Was this helpful? * [Reports by Severity](https://reports.immunefi.com/degate#reports-by-severity) * [Reports by Type](https://reports.immunefi.com/degate#reports-by-type) Was this helpful? sun-brightdesktopmoon sun-brightdesktopmoon --- # IDEX | Immunefi Audit Competitions [hashtag](https://reports.immunefi.com/idex#reports-by-severity) Reports by Severity ----------------------------------------------------------------------------------------- [High](https://reports.immunefi.com/idex#high) | [Insight](https://reports.immunefi.com/idex#insight) chevron-rightHigh[hashtag](https://reports.immunefi.com/idex#high) * [Boost \_ IDEX 34494 - \[Smart Contract - High\] Tokens deposit in ExchangeStargateVAdapterlzCompose is not protected by a trycatch block](https://reports.immunefi.com/idex/boost-_-idex-34494-smart-contract-high-tokens-deposit-in-exchangestargatevadapterlzcompose-is-not-pr) chevron-rightInsight[hashtag](https://reports.immunefi.com/idex#insight) * [Boost \_ IDEX 34239 - \[Smart Contract - Insight\] Dont validate stale price in Pyth Network](https://reports.immunefi.com/idex/boost-_-idex-34239-smart-contract-insight-dont-validate-stale-price-in-pyth-network) * [Boost \_ IDEX 34428 - \[Smart Contract - Insight\] Incorrect Condition in validateExitQuoteQuantityAndCoerceIfNeeded Function Leads to Skipped Quote Quantity Validation](https://reports.immunefi.com/idex/boost-_-idex-34428-smart-contract-insight-incorrect-condition-in-validateexitquotequantityandcoercei) * [Boost \_ IDEX 34437 - \[Smart Contract - Insight\] User positions could be unfairly liquidated due to stale index prices](https://reports.immunefi.com/idex/boost-_-idex-34437-smart-contract-insight-user-positions-could-be-unfairly-liquidated-due-to-stale-i) * [Boost \_ IDEX 34566 - \[Smart Contract - Insight\] Withdrawingsolwithdraw\_delegatecall - Its possible for users to unintentionally withdraw zero amounts while still paying fees which is rarely expected or accepted functionality](https://reports.immunefi.com/idex/boost-_-idex-34566-smart-contract-insight-withdrawingsolwithdraw_delegatecall-its-possible-for-users) [hashtag](https://reports.immunefi.com/idex#reports-by-type) Reports by Type --------------------------------------------------------------------------------- [Smart Contract](https://reports.immunefi.com/idex#smart-contract) chevron-rightSmart Contract[hashtag](https://reports.immunefi.com/idex#smart-contract) * [Boost \_ IDEX 34239 - \[Smart Contract - Insight\] Dont validate stale price in Pyth Network](https://reports.immunefi.com/idex/boost-_-idex-34239-smart-contract-insight-dont-validate-stale-price-in-pyth-network) * [Boost \_ IDEX 34428 - \[Smart Contract - Insight\] Incorrect Condition in validateExitQuoteQuantityAndCoerceIfNeeded Function Leads to Skipped Quote Quantity Validation](https://reports.immunefi.com/idex/boost-_-idex-34428-smart-contract-insight-incorrect-condition-in-validateexitquotequantityandcoercei) * [Boost \_ IDEX 34437 - \[Smart Contract - Insight\] User positions could be unfairly liquidated due to stale index prices](https://reports.immunefi.com/idex/boost-_-idex-34437-smart-contract-insight-user-positions-could-be-unfairly-liquidated-due-to-stale-i) * [Boost \_ IDEX 34494 - \[Smart Contract - High\] Tokens deposit in ExchangeStargateVAdapterlzCompose is not protected by a trycatch block](https://reports.immunefi.com/idex/boost-_-idex-34494-smart-contract-high-tokens-deposit-in-exchangestargatevadapterlzcompose-is-not-pr) * [Boost \_ IDEX 34566 - \[Smart Contract - Insight\] Withdrawingsolwithdraw\_delegatecall - Its possible for users to unintentionally withdraw zero amounts while still paying fees which is rarely expected or accepted functionality](https://reports.immunefi.com/idex/boost-_-idex-34566-smart-contract-insight-withdrawingsolwithdraw_delegatecall-its-possible-for-users) [PreviousAttackathon \_ Fuel Network 33519 - \[Smart Contract - Critical\] Silent Stack overflow on variables bechevron-left](https://reports.immunefi.com/fuel-network-or-attackathon/attackathon-_-fuel-network-33519-smart-contract-critical-silent-stack-overflow-on-variables-between) [NextBoost \_ IDEX 34239 - \[Smart Contract - Insight\] Dont validate stale price in Pyth Networkchevron-right](https://reports.immunefi.com/idex/boost-_-idex-34239-smart-contract-insight-dont-validate-stale-price-in-pyth-network) Last updated 1 year ago Was this helpful? * [Reports by Severity](https://reports.immunefi.com/idex#reports-by-severity) * [Reports by Type](https://reports.immunefi.com/idex#reports-by-type) Was this helpful? sun-brightdesktopmoon sun-brightdesktopmoon --- # Mitigation Audit | Folks Finance | Immunefi Audit Competitions [hashtag](https://reports.immunefi.com/mitigation-audit-or-folks-finance#reports-by-severity) Reports by Severity ---------------------------------------------------------------------------------------------------------------------- [Critical](https://reports.immunefi.com/mitigation-audit-or-folks-finance#critical) | [Insight](https://reports.immunefi.com/mitigation-audit-or-folks-finance#insight) chevron-rightCritical[hashtag](https://reports.immunefi.com/mitigation-audit-or-folks-finance#critical) * [Mitigation Audit \_ Folks Finance 34929 - \[Smart Contract - Critical\] Accounting Discrepancy in Fee Retention Leads to Protocol Insolvency and Fund Freezing](https://reports.immunefi.com/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-34929-smart-contract-critical-accounting-discrepancy-in-fee-retenti) chevron-rightInsight[hashtag](https://reports.immunefi.com/mitigation-audit-or-folks-finance#insight) * [Mitigation Audit \_ Folks Finance 34942 - \[Smart Contract - Insight\] In function function getTwapPrice if latestRoundId check inside catch is useless](https://reports.immunefi.com/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-34942-smart-contract-insight-in-function-function-gettwapprice-if-l) * [Mitigation Audit \_ Folks Finance 35089 - \[Smart Contract - Insight\] Malicious actor can control interest rates by DoSing borrowings and manipulate utilization ratio at his will](https://reports.immunefi.com/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-35089-smart-contract-insight-malicious-actor-can-control-interest-r) [hashtag](https://reports.immunefi.com/mitigation-audit-or-folks-finance#reports-by-type) Reports by Type -------------------------------------------------------------------------------------------------------------- [Smart Contract](https://reports.immunefi.com/mitigation-audit-or-folks-finance#smart-contract) chevron-rightSmart Contract[hashtag](https://reports.immunefi.com/mitigation-audit-or-folks-finance#smart-contract) * [Mitigation Audit \_ Folks Finance 34929 - \[Smart Contract - Critical\] Accounting Discrepancy in Fee Retention Leads to Protocol Insolvency and Fund Freezing](https://reports.immunefi.com/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-34929-smart-contract-critical-accounting-discrepancy-in-fee-retenti) * [Mitigation Audit \_ Folks Finance 34942 - \[Smart Contract - Insight\] In function function getTwapPrice if latestRoundId check inside catch is useless](https://reports.immunefi.com/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-34942-smart-contract-insight-in-function-function-gettwapprice-if-l) * [Mitigation Audit \_ Folks Finance 35089 - \[Smart Contract - Insight\] Malicious actor can control interest rates by DoSing borrowings and manipulate utilization ratio at his will](https://reports.immunefi.com/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-35089-smart-contract-insight-malicious-actor-can-control-interest-r) [PreviousBoost \_ Lido\_ Mellow Vault 34756 - \[Smart Contract - Insight\] Missing calldata forwarding in Vaultdechevron-left](https://reports.immunefi.com/lido-mellow-vault/boost-_-lido_-mellow-vault-34756-smart-contract-insight-missing-calldata-forwarding-in-vaultdeposit) [NextMitigation Audit \_ Folks Finance 34929 - \[Smart Contract - Critical\] Accounting Discrepancy in Fee Rchevron-right](https://reports.immunefi.com/mitigation-audit-or-folks-finance/mitigation-audit-_-folks-finance-34929-smart-contract-critical-accounting-discrepancy-in-fee-retenti) Last updated 1 year ago Was this helpful? * [Reports by Severity](https://reports.immunefi.com/mitigation-audit-or-folks-finance#reports-by-severity) * [Reports by Type](https://reports.immunefi.com/mitigation-audit-or-folks-finance#reports-by-type) Was this helpful? sun-brightdesktopmoon sun-brightdesktopmoon --- # Email Protection | Cloudflare Please enable cookies. Email Protection ================ You are unable to access this email address reports.immunefi.com ---------------------------------------------------------------- The website from which you got to this page is protected by Cloudflare. Email addresses on that page have been hidden in order to keep them from being accessed by malicious bots. **You must enable Javascript in your browser in order to decode the e-mail address**. If you have a website and are interested in protecting it in a similar way, you can [sign up for Cloudflare](https://www.cloudflare.com/sign-up?utm_source=email_protection) . * [How does Cloudflare protect email addresses on website from spammers?](https://developers.cloudflare.com/waf/tools/scrape-shield/email-address-obfuscation/) * [Can I sign up for Cloudflare?](https://developers.cloudflare.com/fundamentals/setup/account/create-account/) Cloudflare Ray ID: **9bfc2754bc68e617** • Your IP: Click to reveal 54.237.218.47 • Performance & security by [Cloudflare](https://www.cloudflare.com/5xx-error-landing) ---