draft date: Apr 9 Low [L02] fund admin can use depositFromWithPermit to deposit to arbitrary address In depositFromWithPermit, the fund admin address can trigger a "deposit" if a user signs a permit signature. However, the recipient is chosen by the admin (msg.sender), not decided or signed by the user. Given that the admin role already has a lot of power controlling the token balances, this doesn't pose additional risk to the users. However, it adds an unnecessary trust assumption in the deposit step and might make this function less useful. Suggestion: consider removing the recipient input and just deposit to from to minimize trust assumptions. Or add another signature validation similar to "signed withdrawal".

draft date: Mar 26 Medium [M01] TellerV2 can be drained if nextPrice is incorrectly set. When the Teller V2 contract quotes a price for buy, it checks nextPrice if it's after trading hours. However, when a user is selling, it always looks at latestRoundData. There is a free arbitrage opportunity after trading hours if nextPrice is lower than the current price. This is possible because there are no checks on nextPrice when setting them through reportBalance in YieldTokenAggregator. POC The following script shows how arbitrage can be done when nextPrice is lower than lastAnswer.

Possibly False Positive High level idea: You liquidate yourself to farm free reward. Details Do cook with 3 actions:deposit lots of ETH (lets say worth 1M, collatAmount eth) borrow lots of MIM (worth 0.95M, debtAmount MIM) liquidate yourself (user = msg.sender)

Status fixed ✅: fix is implemented no fix 🟨: we are aware of the issue, but leave it as an intended behaviour of the system no issue 🟥: we don't think this is an issue All the fixes we have made to the repos after the audited commit, can also be found in the following PRs: core matching

Verify Contract https://etherscan.io/address/0x789cd7ab3742e23ce0952f6bc3eb3a73a0e08833#readContract Mainnet BTC 0x2260FAC5E5542a773Aa44fBCfeDf7C193bc2C599 Final expires '1619769600' => '5435235945556' '1620374400' => '5583347628308' '1620979200' => '5012502477668'

個人簡介 大學開始接觸crypto 第一份工作在 CoolBitX 如何找到這份工作 ETH DEVNER remote position becasue of covid

主要活動： 進料後勤（Inbound Logistics） 上游是母公司 客製化程度高 生產作業（Operations）： 高品質，高安全等級的產品 (晶片?) 出貨物流（Outbound Logistics）：

# 行前說明會 https://hackmd.io/ygtDXOIJQSmRqlp8mIW3mg?both ## 前言 * 與Wizard Amigo 合作的正式文章 * https://github.com/CoolBitX-Technology/coolwallet-js-sdk ## 計畫 ### Engineering (主要) * MetaMask 整合方案 * 開源sdk（第一批developer給的feedback） * (建立discord developer社群) ### Marketing 我們會帶： * 我們會贊助 1個wallet * Stickers * pdf 的手冊 活動： * 尋找聯合行銷活動 co-branding) * 拍照片跟秀出Logo * 收集其他大公司的manager或developer名片可以拿 ### Sale * Developer discount (10個卡片65折) * cash or crypto(問問如果一定要信用卡付款？) ## 回報 * session 時間 *