Competitive Audits
First Flights
Leaderboard
Docs
Toggle theme
Sign up
Log in
All Contests
Storage Proofs
Submissions
Public
Storage Proofs
Curve
DeFi
Layer 1
Layer 2
14,723
OP
Public
14,723
OP
Mar 10th, 2025 → Mar 17th, 2025
View repo
429 / 429
Submissions
Severity
Tags
#1
Inadequate Parameter Validation in Oracle Price Update
High
#2
Insufficient State Proof Verification in Verifier V1
High
#3
Manipulable Profit Unlock Duration in Verifier V2
Medium
#4
Centralization Risk via Adjustable Oracle Parameters
High
#5
Potential Replay Attack on Oracle Updates
Medium
#6
Division by Zero in Price Calculation When Vault Is Empty
Low
#7
Improper Initialization and Access Control Misconfiguration
High
#8
Potential Out-of-Bounds Array Access in Oracle Update Function
Medium
#9
State Proof Validation Bypass in ScrvusdVerifierV1 at _extractParametersFromProof
Medium
#10
MPT-Based Attack Vector on Cross-Chain Oracle Systems
High
#11
Timestamp Manipulation Risk in ScrvusdVerifierV1
Medium
#12
Timestamp Manipulation Risk in ScrvusdVerifierV1
Medium
#13
Lack of Proper Validation in _extractParametersFromProof()
High
#14
Lack of Timestamp Validation
Medium
#15
Lack of Replay Protection in Verification Process
Medium
#16
The update_price and functions do not validate the input parameters
High
#17
Gaz optimization: Replacing `require` statements
Low
#18
Integer overflow in `_unlocked_shares` leads to price manipulation
Medium
#19
Incorrect Storage Slot Calculation for `balanceOf(self)` in `ScrvusdVerifierV1.sol`
Medium
#20
High Severity Findings
High
#21
## Medium Severity Findings ###
Medium
#22
## Low Severity Findings ###
Low
#23
Incorrect Double Hashing in` _extractParametersFromProof` in `ScrvusdVerifierV1.sol`
High
#24
Cross-Chain Oracle Latency Arbitrage Vulnerability
High
#25
Governance Parameter Feedback Amplification Vulnerability
Medium
#26
Potential Merkle Proof TOCTOU Vulnerability in Curve Storage Proofs Protocol
High
#27
Temporal State Inconsistency in Cross-Chain Bridging
Low
#28
Centralization Risk in Oracle Parameter Updates
Medium
#29
Inconsistent Price Precision Standards
Low
#30
Storage Collision in Upgradeable Contract Pattern
High
Previous
1
2
3
...
More pages
15
Next
Support
FAQs
Can’t find an answer? Join our Discord or follow us on Twitter.
What is Cyfrin CodeHawks?
What is a competitive audit?
How can I host a competition on CodeHawks?
How is a contest prize pool determined?
How do I get rewarded?
What is a First Flight?
Give us feedback!
