code-423n4 2024-07-karak-validation issues

code-423n4 / 2024-07-karak-validation

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

adding judge transfers

#369 thebrittfactor opened 1 month ago
0
Judge transfers pjqa2

#368 thebrittfactor closed 1 month ago
0
judge pj qa transfers

#367 thebrittfactor closed 1 month ago
0
judge hm updates

#366 thebrittfactor opened 2 months ago
0
validated QAs added

#365 thebrittfactor opened 2 months ago
0
HM Validation

#364 liveactionllama closed 2 months ago
0
Validate HMs

#363 liveactionllama closed 2 months ago
0
QA Report

#362 c4-bot-10 closed 2 months ago
0
QA Report

#361 c4-bot-5 closed 2 months ago
0
handleSlashing not considering fees on transfer when the amount is burned.

#360 c4-bot-10 closed 2 months ago
0
Incorrect Use of LibClone.predictDeterministicAddressERC1967BeaconProxy in Smart Contract

#359 c4-bot-10 closed 2 months ago
0
Manager EOA may steal assets meant for slashing

#358 c4-bot-10 closed 2 months ago
0
Gas Optimizations

#357 c4-bot-10 closed 2 months ago
0
not zero implementation will revert in "validateVaultConfigs"

#356 c4-bot-10 closed 2 months ago
0
DSS is still allowed to slash after MIN_WITHDRAWAL_DELAY is passed

#355 c4-bot-4 closed 2 months ago
0
finishUpdateStakeHook() is expecting the operators address as a parameter but instead a msg.sender is passed

#354 c4-bot-6 closed 2 months ago
0
no checks to find whether any vault is pending for finailsed staking in a DAA while unregistering the DSS

#353 c4-bot-9 closed 2 months ago
0
DSS is still registered to the operator even though the interfaces are not implemented in the DSS or the low level call failed.

#352 c4-bot-10 closed 2 months ago
0
`isContract` is not a reliable way to determine if a address is a EOA or contract

#351 c4-bot-3 closed 2 months ago
1
The `cancelSlashing` function should reset all the variables modified by the `requestSlashing` function

#350 c4-bot-8 closed 2 months ago
0
Vulnerability in Vault Redemption Process Allows Malicious Operators to Reduce Slashing Penalties

#349 c4-bot-8 opened 2 months ago
0
Request update stake can be repeated for a vault to a DSS even when the vault is staked already

#348 c4-bot-7 closed 2 months ago
0
Operators can finalize their vault staking to DSS even after unregistering from them due to missing registered check for operator on DSS

#347 c4-bot-4 closed 2 months ago
0
Loss of funds due to unchecked slippage in balance updates

#346 c4-bot-7 closed 2 months ago
0
Race Condition between Withdrawals and Slashing

#345 c4-bot-3 closed 2 months ago
0
ERC4626 Vault does not work with fee-on-transfer tokens

#344 c4-bot-5 closed 2 months ago
1
Calling `validateSnapshotProofs(...)` Will Always Revert if Any Validator is Inactive

#343 c4-bot-5 closed 2 months ago
0
Users may lose assets through withdrawals if the withdrawable Assets are less than the assets the user wishes to withdraw

#342 c4-bot-5 closed 2 months ago
0
Little-Endian Conversion Error on Validator Balance Calculation

#341 c4-bot-5 closed 2 months ago
0
Precision Loss in Effective Balance Conversion

#340 c4-bot-1 closed 2 months ago
0
Insufficient validation leads to overwriting Existing Slash Handlers

#339 c4-bot-10 closed 2 months ago
0
Lack of Slippage Protection in `finishRedeem` Function

#338 c4-bot-9 closed 2 months ago
0
First Depositor Inflation Attack possible in Vaults

#337 c4-bot-5 closed 2 months ago
0
slashing can prevent users from withdrawing

#336 c4-bot-9 closed 2 months ago
0
Front-running Vulnerability in NativeVault Snapshot Process

#335 c4-bot-4 closed 2 months ago
0
QA Report

#334 c4-bot-3 closed 2 months ago
0
Incorrect Bit Shift Direction in Balance Extraction

#333 c4-bot-9 closed 2 months ago
0
Potential Overflow in Bit Shift Amount Calculation

#332 c4-bot-3 closed 2 months ago
0
Incompatibility with ERC20 tokens which revert on transfer to address(0)

#331 c4-bot-2 closed 2 months ago
0
Fee on transfer tokens can lead to incorrect amount handleSlashing

#330 c4-bot-2 closed 2 months ago
0
QA Report

#329 c4-bot-10 closed 2 months ago
0
ignoring the fail condition of request slashing and finalize slashing methods might prevent time sensitive requests to fail being dealt with

#328 c4-bot-10 closed 2 months ago
0
can not slash token that revert on transfer to zero address

#327 c4-bot-10 closed 2 months ago
0
Inflation Attack is possible on vault

#326 c4-bot-10 closed 2 months ago
0
`finalizeSlashing` will face a Denial of Service due to a revert situation arising in `SlashingHandler::handleSlashing`

#325 c4-bot-3 closed 2 months ago
0
The operator can still access `Core::finalizeUpdateVaultStakeInDSS()` even after unregistering from the DSS.

#324 c4-bot-2 closed 2 months ago
0
Native Node Owner Lacks Control Over Validators Added to Their Vault

#323 c4-bot-2 closed 2 months ago
0
Enabled by default rebasing rewards from USDB/WETH will be lost upon deployment to blast

#322 c4-bot-2 opened 2 months ago
0
When a vault is slashed while waiting for withdrawal, vault might not have enough token to withdraw, lead to token stuck

#321 c4-bot-4 closed 2 months ago
1
QA Report

#320 c4-bot-8 closed 2 months ago
0