issues
search
code-423n4
/
2023-04-eigenlayer-findings
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Upgraded Q -> 2 from #308 [1685704892606]
#460
c4-judge
closed
1 year ago
2
Upgraded Q -> 2 from #454 [1685704791672]
#459
c4-judge
closed
1 year ago
2
QA Report
#458
code423n4
opened
1 year ago
2
The length of proofs.slotProof is not checked in the verifyWithdrawalProofs function, allowing a malicious EigenPod Owner to be issued only shares via StrategyManager and withdraw all their money
#457
code423n4
closed
1 year ago
8
Gas Optimizations
#456
code423n4
closed
1 year ago
1
Loss of funds on deposit when `totalShares > 0 && priorTokenBalance == 0`
#455
code423n4
closed
1 year ago
10
QA Report
#454
code423n4
closed
1 year ago
2
`StrategyBase.explanation()` cannot be overridden to intended mutability
#453
code423n4
opened
1 year ago
10
`StrategyBase.underlyingToShares()` cannot be overridden to intended mutability
#452
code423n4
closed
1 year ago
5
Gas Optimizations
#451
code423n4
closed
1 year ago
1
`StrategyBase.sharesToUnderlying()` cannot be overridden to intended mutability
#450
code423n4
closed
1 year ago
5
Skipping indices of malicious strategies does not work
#449
code423n4
closed
1 year ago
3
`deposit` will cause erros if totalShares is 1e9-1 or less
#448
code423n4
closed
1 year ago
4
QA Report
#447
code423n4
closed
1 year ago
3
QA Report
#446
code423n4
closed
1 year ago
1
Rounding loss inflation
#445
code423n4
opened
1 year ago
4
QA Report
#444
code423n4
closed
1 year ago
1
QA Report
#443
code423n4
closed
1 year ago
1
QA Report
#442
code423n4
closed
1 year ago
1
freezeOperator will not be able to freeze an operator
#441
code423n4
closed
1 year ago
5
QA Report
#440
code423n4
closed
1 year ago
1
Gas Optimizations
#439
code423n4
closed
1 year ago
1
Assuming a 1-1 peg of Liquid Staked Tokens like stETH and rETH to ETH is dangerous
#438
code423n4
closed
1 year ago
4
Staker can bypass the debt accrued via `beaconChainETHSharesToDecrementOnWithdrawal` by transferring shares to another address
#437
code423n4
closed
1 year ago
5
Gas Optimizations
#436
code423n4
opened
1 year ago
2
Temporary blocking withdrawals because of `slashQueuedWithdrawal` function incorrectness
#435
code423n4
closed
1 year ago
3
Measuring the withdrawal delay in block production time won't work properly on chains where the production time is not 12 seconds
#434
code423n4
closed
1 year ago
5
The values for `strategyIndexes` are not enforced
#433
code423n4
closed
1 year ago
5
STRATEGYMANAGER.SOL CONTRACT OWNER COULD BE DEPRIVED OF A SLASH
#432
code423n4
opened
1 year ago
11
The value of `MAX_WITHDRAWAL_DELAY_BLOCKS` is constant which shouldn't be
#431
code423n4
closed
1 year ago
5
`expiry` should be > `block.timestamp()` rather then >=
#430
code423n4
closed
1 year ago
7
QA Report
#429
code423n4
closed
1 year ago
1
Gas Optimizations
#428
code423n4
opened
1 year ago
2
`deposit()` function is calculation wrong value of `newShares'
#427
code423n4
closed
1 year ago
8
QA Report
#426
code423n4
closed
1 year ago
1
State variables are initialized in an upgradeable contract + there is constructor
#425
code423n4
closed
1 year ago
3
QA Report
#424
code423n4
opened
1 year ago
6
Gas Optimizations
#423
code423n4
opened
1 year ago
2
`_deployPod()` is using hardcoded salt value which can cause issues
#422
code423n4
closed
1 year ago
4
QA Report
#421
code423n4
closed
1 year ago
2
[H-02] Owner cannot freeze and thus cannot slash a queued withdraw that has the `delegatedAddress` being the `0` address.
#420
code423n4
closed
1 year ago
5
Gas Optimizations
#419
code423n4
closed
1 year ago
3
[H-01] Donation attacks can severely impact users shares.
#418
code423n4
closed
1 year ago
5
Gas Optimizations
#417
code423n4
closed
1 year ago
1
MAX_WITHDRAWAL_DELAY_BLOCKS assumes that block time is always 12 seconds
#416
code423n4
closed
1 year ago
2
`isContract()` is not a reliable way of checking if the input is an EOA
#415
code423n4
closed
1 year ago
5
BEACON CHAIN VALIDATOR COULD SELF RESCUE WHEN OPERATOR IS FROZEN
#414
code423n4
closed
1 year ago
5
QA Report
#413
code423n4
opened
1 year ago
2
Gas Optimizations
#412
code423n4
opened
1 year ago
3
Slashing can be frontrunned
#411
code423n4
closed
1 year ago
2
Next