Adding bugs for 2022-12-tigris

[ZhangZhuoSJTU]

Adding newly disclosed code4rena contest bugs.

Contest

Contest: Tigris Trade

Contract Code: https://github.com/code-423n4/2022-12-tigris

Number of High Risk Findings: 11

Number of Wardens: 89

Bugs

• [x] [H-01] Lock.sol: assets deposited with Lock.extendLock function are lost - S3-1
• [x] [H-02] Riskless trades due to delay check - SC
• [x] [H-03] Certain fee configuration enables vaults to be drained - L7
• [x] [H-04] Bypass the maximum PnL check to take extra profit - SC
• [x] [H-05] Malicious user can steal all assets in BondNFT - S5-1
• [x] [H-06] Incorrect calculation of new price while adding position - S6-4
• [x] [H-07] reentrancy attack during mint() function in Position contract which can lead to removing of the other user’s limit orders or stealing contract funds because initId is set low value - L1
• [x] [H-08] Incorrect Assumption of Stablecoin Market Stability - SE-2
• [x] [H-09] Users can bypass the maxWinPercent limit using a partially closing - S6-4
• [x] [H-10] User can abuse tight stop losses and high leverage to make risk free trades - SC
• [x] [H-11] Not enough margin pulled or burned from user when adding to a position - S6-4

[ZhangZhuoSJTU]

Leave this issue open as a reference.