issues
search
code-423n4
/
2024-05-arbitrum-foundation-validation
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Add issue 119 to findings repo at judge's request
#392
CloudEllie
opened
3 months ago
0
reference correct finding in json files
#391
aks-
closed
4 months ago
0
QA validation
#390
CloudEllie
closed
4 months ago
0
QA validation
#389
CloudEllie
closed
4 months ago
0
gas report validation
#388
CloudEllie
closed
4 months ago
0
validate HM submissions
#387
CloudEllie
closed
4 months ago
0
Re-org attack in some functions
#386
c4-bot-9
opened
4 months ago
0
QA Report
#385
c4-bot-9
closed
4 months ago
0
Anyone can call admin functions in RollupAdminLogic.sol
#384
c4-bot-9
opened
4 months ago
0
EdgeChallengeManager.sol:: Unprotected Staking Operations
#383
c4-bot-6
opened
4 months ago
0
AssertionStakingPoolCreator.getPool() is vulnerable to address collission
#382
c4-bot-3
opened
4 months ago
0
Arbitrary Third-party Contract Calls
#381
c4-bot-3
opened
4 months ago
0
Non-Unique Salt Value in createPool Function
#380
c4-bot-4
opened
4 months ago
0
Excessive Privilege in Function removeDelayAfterFork()
#379
c4-bot-8
opened
4 months ago
0
DelayBuffer.sol:: Unhandled Overflow in Buffer Calculation
#378
c4-bot-8
opened
4 months ago
0
EdgeStakingPool.sol:: Token Contract Manipulation Vulnerability in the function createEdge()
#377
c4-bot-8
opened
4 months ago
0
there is an i ncorrect Handling of Validator AFK Check in _validatorIsAfk
#376
c4-bot-9
opened
4 months ago
0
QA Report
#375
c4-bot-9
opened
4 months ago
0
`firstChildBlock` value not set when first child assertion is created.
#374
c4-bot-10
opened
4 months ago
0
Dubious typecast in the following functions getTimeBounds & setValidKeyset & _setBufferConfig & submiteBatchSpendingReport & _setMaxTimeVariation & formCallDataHash & packHeader functions
#373
c4-bot-4
opened
4 months ago
0
QA Report
#372
c4-bot-1
closed
4 months ago
0
Potential Theft of Funds Due to Static Salt in Contract Creation During Reorgs
#371
c4-bot-1
opened
4 months ago
0
Theft of funds under in the Sequencer in the form of gas
#370
c4-bot-4
opened
4 months ago
0
Griefing Attack Possible Where Validator Will Lose Their Stake
#369
c4-bot-8
opened
4 months ago
0
QA Report
#368
c4-bot-6
closed
4 months ago
0
Insufficient Challenge Period Validation
#367
c4-bot-8
opened
4 months ago
0
Dubious typecast in the following functions update function and calcPendingBuffer function
#366
c4-bot-6
opened
4 months ago
0
Insufficient Validation of `stakeAmounts` Non-Zero Values
#365
c4-bot-8
opened
4 months ago
0
RollupAdminLogic : lack of access control for some of the critical functionality
#364
c4-bot-7
opened
4 months ago
0
QA Report
#363
c4-bot-3
opened
4 months ago
0
Incorrect equality in the functions called getKeysetCreationBlock and packHeader function
#362
c4-bot-3
opened
4 months ago
0
Withdrawals can be delayed in some conditions
#361
c4-bot-3
opened
4 months ago
0
RollupAdminLogic : anyone can call the `pause()` and `resume()`
#360
c4-bot-7
opened
4 months ago
0
Lack of Event Emission for Critical State Changes
#359
c4-bot-9
opened
4 months ago
0
Adversary can submit two different complimentary wrong assertions, preventing an honest assertion from getting confirmed.
#358
c4-bot-9
opened
4 months ago
19
RollupAdminLogic : incorrect `minimumAssertionPeriod` when the contract is created.
#357
c4-bot-4
opened
4 months ago
0
Using block.number as a time reference may be subjected to change if Ethereum upgrades
#356
c4-bot-4
opened
4 months ago
0
Insufficient Access Control , Potential Unauthorized Access
#355
c4-bot-4
opened
4 months ago
0
A pool collision attack can be used to steal funds meant for assertions
#354
c4-bot-3
opened
4 months ago
0
Protocol hardcodes block minting time even if contracts are to deploy on other chains
#353
c4-bot-1
opened
4 months ago
0
The timer cache in `EdgeChallengeManagerLib` at a time would become unsettable
#352
c4-bot-1
opened
4 months ago
0
Protocol's deployment of new contracts is unsafe
#351
c4-bot-6
opened
4 months ago
0
`RollupUserLogic#newStakeOnNewAssertion()` does not function as expected
#350
c4-bot-5
opened
4 months ago
0
RollupAdminLogic does not have any access control
#349
c4-bot-10
opened
4 months ago
0
Lack of Reentrancy Guard, Funds Drain
#348
c4-bot-1
opened
4 months ago
0
If both validator's and challenger's assertion is not honest, the wrong assertion can be confirmed with a winner getting back the bond
#347
c4-bot-6
opened
4 months ago
2
AssertionStakingPool : createAssertion - user unable to withdraw their funds due to incorrect withdrawal address while creating the assertion.
#346
c4-bot-6
opened
4 months ago
0
The requiredStake on stakeOnNewAssertion is directed by the previous assertion and not a base value
#345
c4-bot-2
opened
4 months ago
0
QA Report
#344
c4-bot-10
closed
4 months ago
0
`removeWhitelistAfterFork` and `removeWhitelistAfterValidatorAfk` can be called when contract is paused, disabling whitelist mechanism
#343
c4-bot-9
opened
4 months ago
0
Next