bug-bounty's People
bug-bounty's Issues
Tabs overlay with each other
Description: The "available environment" and "wallet details" tabs overlay with each other when opened together.
Components that are affected: Not able select / see the wallet address and other details available in the wallet tab.
Any other details / possible fix :1) Both tabs should be kept wider apart from each other solving the issue.
- Auto closing of the "available ecosystem" tab when we move the cursor away from it would also fix the issue.
Cosmetic: incorrect or misleading UI
SPL WALLET ADDRESS : annauneRTfWLawrWW89PuYGwcRtjpnrp6yR2D9pEDfW
Transactions getting rejected
Discord ID: abra#2539
Description: Not able to repay 100% of the remaining borrowed amount . The transaction is getting rejected all the time .
The transaction gets approved if the amount is lesser than maximum .
Recreation : Borrow 0.01 to the USDC asset . The borrowed amount should be around 0.01 now .
Go to repay option and move the slider to maximum . After approving the transaction it would show the transaction has been rejected error.
TID for reference : 4Axiz5i3kSiJ87TNanEz4MTVT5837aby6x7WoGj118Y7ewENZeRMQBE9R3mhdpXXpWVp7nzyquSLnsweYAYYFp6A
SPL : annauneRTfWLawrWW89PuYGwcRtjpnrp6yR2D9pEDfW
Cosmetic - Negative Fxed Rate APY
Description: Fixed Rate APY displaying negative value on https://mainnet.port.finance/#/fixedRate
Vulnerability: None
Components that are affected: [Cosmetic] Fixed Rate APY
Any other details:
UI requests
Discord : DASH#9837
1.When we supply a token , the color of the deposit tab is the same . . might create confusion for some.
2. When we add the token as collateral it shows the toggle bt i would suggest there should be color change in toggles for collateral n non collateral something like nyan blue would look appealing
3. The deposit option arrow (green) should be interactive when clicked upon . For example if i change deposit sol option to deposit usdc option it will change bt i wont be able to make out that diffrence just by the arrows . I would suggest that whatever i chose should either highlight or change color .
Attaching some ss so it would be helpful. I hope some of my suggestions did add value to the feedback
https://postimg.cc/gallery/R3Y5gJd
SPL wallet used : 4kRvjctHeJkWZYExvgVNQ5UT56WaFQ6ARH6bwoVof6Tu
UI issue for Liquidate page
Wallet Address:
- Figqnjr1Y8SLv8JBcuJPeSSZUszoDKNP4bxMR1JeiJD9
Description:
- In the
Liquidate
page of PortFinance V2, when clicking on the user address , it will jump to theAries Markets - DashBoard
of the Aptos network - The expected behavior here is jump to the
Default Explorer
selected inSettings
, should be SOLANA FM / SOLSCAN / EXPLORER - For example: https://app.ariesmarkets.xyz/dashboard/FG1igWX6mseVcApaXqwZDwe7kWGpPU1eBy1v5a3imQHT
Input was blocked after trying to type decimal in the field of $PORT token amount
Discord ID: Willake#8873
Description: I think this issue was related to #2. Input was worked fine while typing integers. After trying to type decimal in the field of port amount then all inputs were blocked.
Vulnerability: UI Display Issue
Components that are affected: token amount field
Any other details:
- This issue only appears when typing the amount of PORT token. SOL and BTC were fine
- Video
Not able to move slider
Discord ID: abra#2539
Description: Whenever the transaction fails under borrow section. The slider gets a stop sign over it. Making the user unable to move the slider.
How to recreate: Try to repay 100% of the funds . This would make the transaction to fail . And there would be a freeze set on the slider bar. User have to refresh the page and reconnect the wallet every time this happens to be able to move the slider again.
Components that are affected: User experience , Borrow and repay tab.
SPL Wallet Address: annauneRTfWLawrWW89PuYGwcRtjpnrp6yR2D9pEDfW
Error: Failed to get recent blockhash
DASH#9837
When i try to release mu USDC from collateral . .1. I have to manually visit the wallet to approve . . should there be a pop up to my screen it would be easy
Reason : If any new user tries the app he might get confused because other options for eg repaying borrowed asset show pop up for transaction on the screen. This might be sollet issue but it can create confusion
And when you cancel the request , if you try again to release usdc Errors: Failed to get recent blockhash /Failed to fetch shows up . The same when tried repay asset option even if we cancel it multiple times we dont get that error
Have to reconnect wallet
User experience affected
Sol 4kRvjctHeJkWZYExvgVNQ5UT56WaFQ6ARH6bwoVof6Tu
Double percentage at the slider
Urgent: impacts core function usability with no workaround
First one
That's a big one for me, it is up to you guys if you going to understand how important it is, how much it has impact on proper media share, and actual consumption of your product.
Stop using hash # in your URLs, at least avoid doing it as much as possible.
- It impacts how people can share links with their friends.
- It impacts how other crawling engines can browse and take a screenshot for your pages.
a) Try linking on twitter https://mainnet.port.finance/#/markets and https://mainnet.port.finance/#/dashboard, it is a different page that should be displayed, but the systems will pick up only the default one before the hash tag. Maybe not the best example with twitter, but I hope you get what I mean.
Please understand I don't want to discredit the developers practices, but It is just a bad practice.
Second one
It is a production site, that has debug information in the console being printed out, this is consuming resources on every clients browser. While it doesnt affect you directly, it does run computer code on every clients browser, which is not very eco friendly.
SPL: 2TooLbSn4wySZPwyprTXuJUp7vByhVqB1yArrwndXpSo
Borrow UI Stuck After Transaction Failed
Discord ID: Willake#8873
Description: Borrow UI could not be used after transaction was failed. I am not sure is it a bug or not, I suggested it would be better to reupdate the page state rather than block user input.
Vulnerability: UI Display Issue
Components that are affected: Borrow UI
Any other details:
Video
Market composition
DASH#9837
USDC : 3957.07 (44.57%)
SOL : 4920.43 (55.43%)
In the below section its mentioned 176.296 SOL ( 4920.43 USDC)
If we visit the market tab and market composition , the first thought comes 4920 SOL . If we can either change it to 176 SOL along with percentage or simply the distribution in %
This would not impact anything but everything should be near to perfect .
Problem in typing decimal numbers in "Amount" field
Borrow tab didn't updated when changing wallet.
Discord ID: froggo#5434
Description: Borrow tab didn't update whenever user change their wallet, only the supply tab that updated. I'm using sollet and phantom wallet.
Video: YouTube
Make full section clickable
Description: We must click the change/disconnect text to make it work (not full section, only the text that clickable). The copy wallet function is worked fine (full section clickable).
Urgency: Low / cosmetic
Browser and network status: Brave, stable
Steps to reproduce the bug:
- Click your account on the top right corner.
- Click the change/disconnect button.
Theories and Suggestions:
I suggest making the full section clickable like this for example:
Cannot input deposit number 0.1,it will change to be 1 automatically
UI issue for withdraw an asset.
I have deposited whETH and use it as collateral but could't withdraw it due to UI said that "need to paid loan first" but I already return borrow asset already. The UI still shown I have 2 position left and I dont know which position is it. If I misunderstand something please collect me if I doing something wrong.
UI said that need to pay loan first.
There is no loan to pay in this pic.
The position that shown on interface is what if i don't have any borrow asset left.
Best regard
Aquil2a
Spelling mistake in Risk Slider
Discord ID: skyler#7400
Description: Borrowing interface shows the risk factor in words. Where it's written as "Risker" but it should be "Riskier". By the way, i prefer numbers when it comes to risk calculation.
Vulnerability: People might raise questions about it's professionalism and other stuffs.
Components that are affected: None
Any other details: I've attached a screenshot for better understanding.
When borrowed something and click withdraw max,the number is still the all Balance In Port
Discord ID: silent666#8303
Description:
When borrowed something and click withdraw max,the number is still the all Balance In Port and no warning.Though after click withdraw,the transaction failed, in other lend product it won't be this.Port should show the user how much is the maximum withdraw number. And remind user the liduidate risk when withdraw Collateral.
SPL Wallet Address: 7FZaTArvPtTRJ7GjBGMaJarxUxa5SK1T3MeuxaR7pVKc
Spelling mistake in details section
UI interfering with functionality
DASH#9837
When i try to borrow sol , I get directed to a page where i can select the range to borrow between safe and risky. After selecting that , the first impulse is i click on the Borrow tab above ,completely missing the actual tab to be clicked which is in bottom.
If we can accomodate that in one screen it would be easier for better navigation.
And when i click on borrow option it takes me to the page with Borrow / Repay option in which the arrow can be only on the one in use. so if we go to borrow page there should be only Borrow Title . . If we allow arrow to that it confuses us it with clickable option ( which on the contrary is on bottom ) . i will share ss for it .
icon for UI
Performance improvement
Base on google lighthouse i think we can improve the perfomance on the website.
Things to update :
-
Does not use passive listeners to improve scrolling performance
Browsers can't know if an event listener will prevent scrolling, so they always wait for the listener to finish executing before scrolling the page. -
Serve static assets with an efficient cache policy
HTTP caching can speed up your page load time on repeat visits.
sol address : 7xCxNe86R4UG7e2DroBrJj3MMZ6FNebaEAxUpoREGZCn
Missing Comma in prices
Cosmetic: incorrect or misleading UI
First one:
Here bottom right FAQ leads to "#", e.g. nothing. Pretty misleading, if you dont have functionality you may as well remove it.
Second one:
Also if you go to: https://www.bramah.systems/ then to the bottom "Prior Audits", Port Finance is not there, but Saber.so is. I know this one is not so much on you, you may have an audit from them, but please ask them to include it in their portfolio. Otherwise it is very misleading to display on your main site that you are audited by them but it is missing on their side/site.
Third one:
https://mainnet.port.finance/#/dashboard
and
https://mainnet.port.finance/#/supply
Bottom part of 2021 Port Finance All Rights Reserved is 50% cut, because of the headers that push it, and it doesnt have a proper bottom margin spacing from the bottom of the page.
1920x1080, Mozilla Firefox, and no the inner scroller is to the bottom and it is not related, its not just coded perfectly to have a bottom margin.
Take a note, on https://mainnet.port.finance/#/markets it looks almost okay.
Forth one:
subdomain mainnet, but we are on the devnet according to the wallet setting, extremely misleading, I know it is a huge inconvinience to set this one properly, but please do, people will often look at the top of their browser and think they are on mainnet or the reserve.
SPL: 2TooLbSn4wySZPwyprTXuJUp7vByhVqB1yArrwndXpSo
Messy App Display
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.