Skip to content

Issues: code-423n4/2022-11-stakehouse-findings

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

QA Report bug Something isn't working grade-b Q-60 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#434 opened Nov 18, 2022 by code423n4
QA Report bug Something isn't working grade-a judge review requested Judge should review this issue Q-59 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#431 opened Nov 18, 2022 by code423n4
HIGH: SLOT owner claims are incorrect when there is only 1 slot owner. bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue grade-b primary issue Highest quality submission among a set of duplicates Q-58 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#426 opened Nov 18, 2022 by code423n4
Medium: Vaults can be griefed to not be able to be used for deposits 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-31 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#422 opened Nov 18, 2022 by code423n4
Medium: Giant pools are prone to user griefing, preventing their holdings from being staked. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-30 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#415 opened Nov 18, 2022 by code423n4
Medium: User receives less rewards than they are eligible for if first passed BLS key is inactive 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working judge review requested Judge should review this issue M-29 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#410 opened Nov 18, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization) G-18 grade-b judge review requested Judge should review this issue
#409 opened Nov 18, 2022 by code423n4
MED: Funds are not claimed from syndicate for valid BLS keys of first key is invalid (no longer part of syndicate). 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-28 primary issue Highest quality submission among a set of duplicates selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#408 opened Nov 18, 2022 by code423n4
QA Report bug Something isn't working grade-a judge review requested Judge should review this issue Q-57 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#405 opened Nov 18, 2022 by code423n4
QA Report bug Something isn't working grade-a judge review requested Judge should review this issue Q-56 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax selected for report This submission will be included/highlighted in the audit report
#403 opened Nov 18, 2022 by code423n4
QA Report bug Something isn't working grade-b Q-55 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#400 opened Nov 18, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization) G-17 grade-a judge review requested Judge should review this issue
#397 opened Nov 18, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization) G-16 grade-b
#391 opened Nov 18, 2022 by code423n4
QA Report bug Something isn't working grade-b Q-54 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#390 opened Nov 18, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization) G-15 grade-b
#389 opened Nov 18, 2022 by code423n4
QA Report bug Something isn't working grade-a Q-53 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#388 opened Nov 18, 2022 by code423n4
rotateNodeRunnerOfSmartWallet is vulnerable to a frontrun attack 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden M-27 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#386 opened Nov 18, 2022 by code423n4
QA Report bug Something isn't working grade-b judge review requested Judge should review this issue Q-52 QA (Quality Assurance) Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
#385 opened Nov 18, 2022 by code423n4
Gas Optimizations bug Something isn't working G (Gas Optimization) G-14 grade-a judge review requested Judge should review this issue
#384 opened Nov 18, 2022 by code423n4
Compromised or malicious DAO can restrict actions of node runners who are not malicious 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-26 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#383 opened Nov 18, 2022 by code423n4
Incorrect checking in _assertUserHasEnoughGiantLPToClaimVaultLP 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-25 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#382 opened Nov 18, 2022 by code423n4
Node runner who is already known to be malicious cannot be banned before corresponding smart wallet is created 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-24 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#381 opened Nov 18, 2022 by code423n4
Calling updateNodeRunnerWhitelistStatus function always reverts 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working M-23 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#378 opened Nov 18, 2022 by code423n4
ETH sent when calling executeAsSmartWallet function can be lost 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-22 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
#377 opened Nov 18, 2022 by code423n4
EIP1559 rewards received by syndicate during the period when it has no registered knots can be lost 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working downgraded by judge Judge downgraded the risk level of this issue M-21 primary issue Highest quality submission among a set of duplicates satisfactory satisfies C4 submission criteria; eligible for awards selected for report This submission will be included/highlighted in the audit report sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
#376 opened Nov 18, 2022 by code423n4
ProTip! Mix and match filters to narrow down what you’re looking for.