Skip to content

Issues: code-423n4/2024-07-karak-validation

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

9 Open 353 Closed
9 Open 353 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or ⇧ + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
πŸ‘ πŸ‘Ž πŸ˜„ πŸŽ‰ πŸ˜• ❀️ πŸš€ πŸ‘€

Issues list

Vulnerability in Vault Redemption Process Allows Malicious Operators to Reduce Slashing Penalties 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working πŸ€–_12_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#349 opened Jul 30, 2024 by c4-bot-8
Enabled by default rebasing rewards from USDB/WETH will be lost upon deployment to blast 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working πŸ€–_primary AI based primary recommendation sufficient quality report This report is of sufficient quality
#322 opened Jul 30, 2024 by c4-bot-2
Operator can skew the state of the Core contract and be considered as staked for a DSS, even though the operator is not registered with that DSS on the Core. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working πŸ€–_20_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#277 opened Jul 30, 2024 by c4-bot-4
The operator can create a NativeVault that can be silently unslashable. 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working πŸ€–_74_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#267 opened Jul 30, 2024 by c4-bot-2
Slashing may sometimes fail for stETH vaults due to its 1-2 wei corner problem 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working πŸ€–_primary AI based primary recommendation sufficient quality report This report is of sufficient quality
#155 opened Jul 26, 2024 by c4-bot-1
NativeVault.sol :: validateExpiredSnapshot() will always revert, making it impossible for users from initiating a new snapshot. 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working πŸ€–_primary AI based primary recommendation πŸ€–_45_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#131 opened Jul 25, 2024 by c4-bot-10
It is possible to bypass validateWithdrawalCredentials 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working πŸ€–_primary AI based primary recommendation πŸ€–_00_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#130 opened Jul 25, 2024 by c4-bot-7
New NodeOwners can be griefed by forcing them to provide proof for an empty snapshot without any shares increase/decrease on their node 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working edited-by-warden πŸ€–_primary AI based primary recommendation πŸ€–_23_group AI based duplicate group recommendation sufficient quality report This report is of sufficient quality
#119 opened Jul 25, 2024 by c4-bot-3
Agreements & Disclosures
#1 opened Jul 11, 2024 by code4rena-id bot
ProTip! Follow long discussions with comments:>50.