code-423n4 2024-07-karak-findings issues

code-423n4 / 2024-07-karak-findings

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

nodeOwners that deposited assets after slashing will account for the slashed assets

#105 howlbot-integration[bot] closed 1 month ago
1
Error in Slashing calculation causes users to lose double the intended amount

#104 howlbot-integration[bot] closed 1 month ago
1
The DSS can slash an operator even after they change their vault to be staked to another DSS

#103 howlbot-integration[bot] closed 1 month ago
2
Slashing NativeVault will lead to locked ETH for the users

#102 howlbot-integration[bot] opened 1 month ago
3
Upgraded Q -> 2 from #22 [1723479041527]

#100 c4-judge closed 2 months ago
3
NodeOwners lose partial/full remaining stake after NativeVault suffers a slash request

#99 howlbot-integration[bot] closed 2 months ago
1
Incorrect order of operations during a snapshot validation can result in stuck ETH due to an underflow.

#98 howlbot-integration[bot] closed 2 months ago
1
QA Report

#97 howlbot-integration[bot] opened 2 months ago
2
QA Report

#96 howlbot-integration[bot] opened 2 months ago
2
Insufficient Funds for Slashing Due to Time Delay Could Render Slashing Mechanism Ineffective

#95 howlbot-integration[bot] closed 2 months ago
1
Operators can stake a vault more than once to a single DSS

#94 howlbot-integration[bot] opened 2 months ago
6
Protocol could be tricked by some tokens stemming from the fact that rebasing/FOT tokens are not handled correctly

#93 howlbot-integration[bot] closed 1 month ago
13
WETH compatibility issue on Blast chain

#92 howlbot-integration[bot] closed 2 months ago
3
Operators can finalize vault stake updates even when unregistered from DSS, disrupting DSS slashing ruquests

#91 howlbot-integration[bot] closed 2 months ago
3
Missing access control in `Core::finalizeUpdateVaultStakeInDSS` allows unauthorized stake updates

#90 howlbot-integration[bot] closed 2 months ago
1
Operator can bypass MIN_STAKE_UPDATE_DELAY by spamming requestUpdateVaultStakeInDSS()

#89 howlbot-integration[bot] opened 2 months ago
7
Users that deposits after a DSS slash requested can lose funds unjustly

#88 howlbot-integration[bot] closed 2 months ago
2
An Operator can deploy a vault with a controlled slash store to receive slashed Eth from NativeVault

#87 howlbot-integration[bot] closed 2 months ago
1
DOSing of NativeVault deployment.

#86 howlbot-integration[bot] closed 2 months ago
3
Operator can become one of the trusted roles

#85 howlbot-integration[bot] closed 2 months ago
1
Operator can evade slashing by using unregistered slashHandler address

#84 howlbot-integration[bot] closed 2 months ago
3
NodeOwners can evade DSS slash in NativeVault.

#83 howlbot-integration[bot] closed 2 months ago
2
operator customizes the slashStore address, it results in slashAssets always reverting

#82 howlbot-integration[bot] closed 2 months ago
3
The operator can use any arbitrary nodeImplementation and grant themselves the manager role

#81 howlbot-integration[bot] closed 2 months ago
2
User can request update of the vault stake and then unregister before finalization

#80 howlbot-integration[bot] closed 2 months ago
3
MIN_STAKE_UPDATE_DELAY for staking a vault may disincentivize users to stake

#79 howlbot-integration[bot] closed 2 months ago
5
NativeVault's `MANAGER_ROLE` is untrusted and allows malicious operators to steal all funds from the native nodes

#78 howlbot-integration[bot] closed 2 months ago
1
Operators can steal slashed funds

#77 howlbot-integration[bot] closed 2 months ago
1
DSS can deposit assets into the vault by oneself, which can lead to vault users losing more slashed assets

#76 howlbot-integration[bot] closed 2 months ago
7
Invalid slash store validation makes it possible for operator to dodge slashing

#75 howlbot-integration[bot] closed 2 months ago
1
Attacker can DOS a new user in Native Restaking

#74 howlbot-integration[bot] opened 2 months ago
2
During NativeVault deployment, insufficient validation of the `extraData` parameter allows for the theft of staker funds and prevention of the vault slashing.

#73 howlbot-integration[bot] closed 2 months ago
1
The manager of a `NativeVault` can prevent a user to withdraw their funds during a certain time.

#72 howlbot-integration[bot] closed 2 months ago
5
finalizeUpdateVaultStakeInDSS() can be called after an operator has unregistered from the DSS

#71 howlbot-integration[bot] closed 2 months ago
1
A DSS cannot stop staking of a vault that doesn't meet its conditions

#70 howlbot-integration[bot] opened 2 months ago
6
Operators can stake vaults without being registered in the DSS

#69 howlbot-integration[bot] closed 2 months ago
1
If slashingHandler for ETH is changed in the Core.sol it will be impossible to slash any of the already deployed NativeVaults.

#68 howlbot-integration[bot] closed 2 months ago
6
a malicious user can submit a invalid snapshot

#67 howlbot-integration[bot] closed 2 months ago
3
MAX_SLASHING_PERCENT_WAD can be exceeded if a NativeVault's balance is unstable

#66 howlbot-integration[bot] closed 2 months ago
11
The operator can still access `Core::finalizeUpdateVaultStakeInDSS()` even after unregistering from the DSS.

#65 howlbot-integration[bot] closed 2 months ago
1
Front-running Vulnerability in NativeVault Snapshot Process

#64 howlbot-integration[bot] closed 2 months ago
5
Race Condition between Withdrawals and Slashing

#63 howlbot-integration[bot] closed 2 months ago
1
Operators can finalize their vault staking to DSS even after unregistering from them due to missing registered check for operator on DSS

#62 howlbot-integration[bot] closed 2 months ago
1
Request update stake can be repeated for a vault to a DSS even when the vault is staked already

#61 howlbot-integration[bot] opened 2 months ago
10
no checks to find whether any vault is pending for finailsed staking in a DAA while unregistering the DSS

#60 howlbot-integration[bot] closed 2 months ago
5
New NodeOwners can be griefed by forcing them to provide proof for an empty snapshot without any shares increase/decrease on their node

#59 howlbot-integration[bot] opened 2 months ago
5
It is possible to bypass validateWithdrawalCredentials

#58 howlbot-integration[bot] closed 2 months ago
4
NativeVault.sol :: validateExpiredSnapshot() will always revert, making it impossible for users from initiating a new snapshot.

#57 howlbot-integration[bot] closed 2 months ago
4
Slashing may sometimes fail for stETH vaults due to its 1-2 wei corner problem

#56 howlbot-integration[bot] closed 2 months ago
5
The operator can create a `NativeVault` that can be silently unslashable.

#55 howlbot-integration[bot] opened 2 months ago
6