-
Notifications
You must be signed in to change notification settings - Fork 1
Issues: code-423n4/2022-11-stakehouse-findings
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
QA Report
bug
Something isn't working
grade-a
judge review requested
Judge should review this issue
Q-59
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#431
opened Nov 18, 2022 by
code423n4
HIGH: SLOT owner claims are incorrect when there is only 1 slot owner.
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
grade-b
primary issue
Highest quality submission among a set of duplicates
Q-58
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#426
opened Nov 18, 2022 by
code423n4
Medium: Vaults can be griefed to not be able to be used for deposits
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-31
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#422
opened Nov 18, 2022 by
code423n4
Medium: Giant pools are prone to user griefing, preventing their holdings from being staked.
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-30
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#415
opened Nov 18, 2022 by
code423n4
Medium: User receives less rewards than they are eligible for if first passed BLS key is inactive
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
judge review requested
Judge should review this issue
M-29
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#410
opened Nov 18, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-18
grade-b
judge review requested
Judge should review this issue
#409
opened Nov 18, 2022 by
code423n4
MED: Funds are not claimed from syndicate for valid BLS keys of first key is invalid (no longer part of syndicate).
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-28
primary issue
Highest quality submission among a set of duplicates
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#408
opened Nov 18, 2022 by
code423n4
QA Report
bug
Something isn't working
grade-a
judge review requested
Judge should review this issue
Q-57
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#405
opened Nov 18, 2022 by
code423n4
QA Report
bug
Something isn't working
grade-a
judge review requested
Judge should review this issue
Q-56
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
selected for report
This submission will be included/highlighted in the audit report
#403
opened Nov 18, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-17
grade-a
judge review requested
Judge should review this issue
#397
opened Nov 18, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-16
grade-b
#391
opened Nov 18, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-15
grade-b
#389
opened Nov 18, 2022 by
code423n4
rotateNodeRunnerOfSmartWallet is vulnerable to a frontrun attack
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
edited-by-warden
M-27
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#386
opened Nov 18, 2022 by
code423n4
QA Report
bug
Something isn't working
grade-b
judge review requested
Judge should review this issue
Q-52
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#385
opened Nov 18, 2022 by
code423n4
Gas Optimizations
bug
Something isn't working
G (Gas Optimization)
G-14
grade-a
judge review requested
Judge should review this issue
#384
opened Nov 18, 2022 by
code423n4
Compromised or malicious DAO can restrict actions of node runners who are not malicious
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-26
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#383
opened Nov 18, 2022 by
code423n4
Incorrect checking in _assertUserHasEnoughGiantLPToClaimVaultLP
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-25
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#382
opened Nov 18, 2022 by
code423n4
Node runner who is already known to be malicious cannot be banned before corresponding smart wallet is created
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-24
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#381
opened Nov 18, 2022 by
code423n4
Calling Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-23
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
updateNodeRunnerWhitelistStatus
function always reverts
2 (Med Risk)
#378
opened Nov 18, 2022 by
code423n4
ETH sent when calling Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
M-22
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
executeAsSmartWallet
function can be lost
2 (Med Risk)
#377
opened Nov 18, 2022 by
code423n4
EIP1559 rewards received by syndicate during the period when it has no registered knots can be lost
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
M-21
primary issue
Highest quality submission among a set of duplicates
satisfactory
satisfies C4 submission criteria; eligible for awards
selected for report
This submission will be included/highlighted in the audit report
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#376
opened Nov 18, 2022 by
code423n4
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.