Upload reports

sherlock-audit · Jan 6, 2025 · 96c7fae · 96c7fae
1 parent e203cb0
commit 96c7fae
Show file tree

Hide file tree

Showing 2 changed files with 94 additions and 0 deletions.
diff --git a/Audit_Report.pdf b/Audit_Report.pdf
diff --git a/README.md b/README.md
@@ -79,6 +79,16 @@ _No response_
 
 Rewrite the [`_afterTokenTransfer`](https://github.com/sherlock-audit/2024-11-teller-finance-update/blob/0c8535728f97d37a4052d2a25909d28db886a422/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroupShares.sol#L60) hook to be skipped in case of `amount = 0` 
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/76
+
+
 # Issue H-2: Malicious lender can prevent borrower from repayment due to try/catch block revert 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/39 
@@ -157,6 +167,16 @@ _No response_
 
 Use .call instead of the try/catch
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/79
+
+
 # Issue H-3: Using original principal amount as due amount inside `liquidateDefaultedLoanWithIncentive` breaks contract accounting leading to lost assets/broken functionalities 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/43 
@@ -266,6 +286,16 @@ _No response_
 
 Instead of the totalPrincipal consider the remaining principal ie. `totalPrincipal - repaidPrincipal`
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/85
+
+
 # Issue M-1: ERC20.approve Used Instead of Safe Approvals, Causing Pool Failures with Some ERC20s 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/29 
@@ -400,10 +430,22 @@ require(
 principalToken.safeApprove(address(TELLER_V2), _principalAmount);
 ```
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/78
+
+
 # Issue M-2: Users can lower the interest rate by dividing a loan into multiple smaller loans 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/34 
 
+The protocol has acknowledged this issue.
+
 ## Found by 
 KupiaSec
 ### Summary
@@ -559,6 +601,16 @@ _No response_
 
 Perform access control checks
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/77
+
+
 # Issue M-4: Not updating state before making custom external call can cause borrower's to loose assets due to re-entrancy 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/42 
@@ -645,6 +697,16 @@ _No response_
 
 Update the state before the `loanRepaymentListener` call is made
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/81
+
+
 # Issue M-5: Repayer can brick lending functionality of `LenderCommitmentGroup_Smart` by repaying excess 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/46 
@@ -727,6 +789,16 @@ _No response_
 
 In case repaid principal is more, return 0 instead
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/80
+
+
 # Issue M-6: Tokens that revert of zero value transfers can cause reverts on liquidation 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/51 
@@ -800,6 +872,16 @@ _No response_
 
 Check if amount is non-zero before transferring
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/82
+
+
 # Issue M-7: The `totalPrincipalTokensRepaid` and `totalInterestCollected` may not be updated even when funds are already transferred 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/54 
@@ -872,10 +954,22 @@ none
 ### Mitigation
 The `LenderCommitmentGroup_Smart.repayLoanCallback()` function should not revert when paused.
 
+
+
+## Discussion
+
+**sherlock-admin2**
+
+The protocol team fixed this issue in the following PRs/commits:
+https://github.com/teller-protocol/teller-protocol-v2-audit-2024/pull/83
+
+
 # Issue M-8: EMI calculation is flawed 
 
 Source: https://github.com/sherlock-audit/2024-11-teller-finance-update-judging/issues/71 
 
+The protocol has acknowledged this issue.
+
 ## Found by 
 hash
 ### Summary