-
Damiclone
medium
# Numerous Unchecked Inputs can lead to malfunctioning of protocol
## Summary
Some inputs are unchecked which can lead to adverse effect in the protocol
## Vulnerability Detail
Th…
-
nobody2018
medium
# setValidatorCommissionRate should be called by staking manager
## Summary
In readme.md, it is mentioned that the responsibilities of the staking manager are as follows:
> - Se…
-
Anubis
high
# Potential Loss of Funds due to Unchecked Return Value
## Summary
The **OperationalStaking** contract interacts with the ERC20 token but does not check the return value of the **safeTr…
-
ydlee
high
# An operators can submit another's specimen proofs, without actual proof of work.
## Summary
An operator can use the values that another operator used for submitting specimen proof, wit…
-
ydlee
medium
# `getDelegatorTotalLocked` return wrong value.
## Summary
Function `getDelegatorTotalLocked` miscalculated the total locked value of a delegator.
## Vulnerability Detail
The `totalVa…
-
qmdddd
medium
# The function `setValidatorAddress` will cause the total amount of the validator's stake to exceed `validatorMaxStake`, thereby violating the protocol.
## Summary
The function `setV…
-
petro1912
high
# A delegator can receive the rewards immediately by calling `stake` or `redelegateUnstake` to corresponding delegator when `RewardFailedDueLowPool` event emitted.
## Summary
If `rew…
-
krkba
high
# Lack of `newAddress` Validation in `setValidatorAddress`
krkba
## Summary
There is no validation if `newAddress` in `setValidatorAddress` is a contract address.
## Vulnerability Detai…
-
krkba
high
# Potential DOS attack in `finalizeSpecimenSession`
krkba
## Summary
## Vulnerability Detail
In the `finalizeSpecimenSession` function, there is a loop that could potentially run for a…
-
krkba
medium
# Possible Integer Over Flow in `_secondsPerBlock`
krkba
## Summary
## Vulnerability Detail
There is possibility to Integer over flow attack, as example in `_secondsPerBlock` if it se…