hats-finance Accumulated-finance-0x75278bcc0fa7c9e3af98654bce195eaf3bb6a784 issues

hats-finance / Accumulated-finance-0x75278bcc0fa7c9e3af98654bce195eaf3bb6a784

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

`withdrawalFee`, `redeemFee`, `depositFee` can be arbitrarily modified by the owner at any time without any user protections.

#69 hats-bug-reporter[bot] opened 1 day ago
5
mismatch in `minWithdrawal` due to no decimal consideration

#68 hats-bug-reporter[bot] opened 3 days ago
4
Delegations are not added in `allDelegations` array within the `delegate()` function.

#67 hats-bug-reporter[bot] opened 4 days ago
4
Some users may not be able to withdraw until rewardsCycleEnd due to underflow in beforeWithdraw() function

#66 hats-bug-reporter[bot] opened 4 days ago
0
wstX.sol contract deposit(), mint(), withdraw() and redeem() functions are not incomplaince with ERC4626

#65 hats-bug-reporter[bot] opened 4 days ago
0
Malicious user can spam the `receive()` function in the `Minter` contract.

#64 hats-bug-reporter[bot] opened 4 days ago
3
depositWithSignature() function can be affected by DOS

#63 hats-bug-reporter[bot] opened 6 days ago
0
depositWithSignature() won't work and always revert due to missing permit function in deposited asset

#62 hats-bug-reporter[bot] opened 6 days ago
0
the `_decodeReceiptUndelegateDone` function is the absence of a check to ensure that the parsing of the CBOR data structure

#61 hats-bug-reporter[bot] opened 6 days ago
1
the `_decodeReceiptUndelegateDone` function is the absence of a check to ensure that the parsing of the CBOR data structure

#60 hats-bug-reporter[bot] opened 6 days ago
1
Solmate safetransfer and safetransferfrom does not check the code size of the token address, which may lead to funding loss

#59 hats-bug-reporter[bot] opened 1 week ago
1
Attacker can execute DOS attack via Withdrawal Requests

#58 hats-bug-reporter[bot] opened 1 week ago
1
Non-Compliance with ERC-20 Standard

#57 hats-bug-reporter[bot] opened 1 week ago
1
the `withdraw()` function wrongly transfers withdraw fees without accounting

#56 hats-bug-reporter[bot] opened 1 week ago
1
Inconsistent Naming Convention Suffix

#55 hats-bug-reporter[bot] opened 1 week ago
1
Infinite Token Minting via Custom Group Exploit

#54 hats-bug-reporter[bot] opened 1 week ago
1
the `_transfer()` function is incompliant with eip-721 standards

#53 hats-bug-reporter[bot] opened 1 week ago
3
Floating pragma used in `Minter` and `stROSEMinter`

#52 hats-bug-reporter[bot] opened 1 week ago
0
transfer functions does not check token existence

#51 hats-bug-reporter[bot] opened 1 week ago
2
Critical Fee Loss in Withdrawal Process

#50 hats-bug-reporter[bot] opened 1 week ago
1
Precision Loss in Redemption Fee Calculation

#49 hats-bug-reporter[bot] opened 1 week ago
1
Precision Loss in Deposit Fee Calculation

#48 hats-bug-reporter[bot] opened 1 week ago
1
Event Emission Discrepancy in Withdrawal Request

#47 hats-bug-reporter[bot] opened 1 week ago
1
Inaccurate Available Balance Calculation in ERC20MinterWithdrawal Contract

#46 hats-bug-reporter[bot] opened 1 week ago
2
First depositors can avoid the deposit fee

#45 hats-bug-reporter[bot] opened 1 week ago
7
Lack of validation to check whether or not a given `receiver` is not a `zero` address and lack of function to cancel an existing withdrawal request, which lead a user's stakingToken to being stuck forever inside the stROSEMinter contract

#44 hats-bug-reporter[bot] opened 1 week ago
2
Improper handling of deposit fees leads to unintended asset extraction and may result in protocol insolvency

#43 hats-bug-reporter[bot] opened 1 week ago
1
Incorrect `lastTokenIndex` calculation in `_removeTokenFromOwnerEnumeration`

#42 hats-bug-reporter[bot] opened 1 week ago
2
the `getWithdrawalRequest()` function returns data for burned NFTs

#41 hats-bug-reporter[bot] opened 1 week ago
3
delegation amount not updated

#40 hats-bug-reporter[bot] opened 1 week ago
1
unbonded `withdrawalIds` length in `processWithdrawals()` function can result in DOS

#39 hats-bug-reporter[bot] opened 1 week ago
1
Event Emission Inconsistency in Deposit Function

#38 hats-bug-reporter[bot] opened 1 week ago
1
Inefficient Retrieval and Management of Delegations

#37 hats-bug-reporter[bot] opened 1 week ago
4
Unprotected Zero-Address Delegation Risks Permanent Token Lock

#36 hats-bug-reporter[bot] opened 1 week ago
2
Race Condition in `undelegate` and `takeReceiptUndelegate` Functions Can Lead to Incorrect Share Calculations

#35 hats-bug-reporter[bot] opened 1 week ago
1
Lack of Slashing Protection will lead to Incorrect Share Accounting and Potential Financial Discrepancies

#34 hats-bug-reporter[bot] opened 1 week ago
1
Lack of Finalization for Undelegation Process will Lock Tokens Indefinitely

#33 hats-bug-reporter[bot] opened 1 week ago
1
Lack of Share-to-Amount Conversion in Undelegation Process Can Lead to Token Discrepancies for Users

#32 hats-bug-reporter[bot] opened 1 week ago
1
Unauthorized Withdrawal Vulnerability in requestWithdrawal() Function Allows Token Theft

#31 hats-bug-reporter[bot] opened 1 week ago
1
Insufficient Balance Handling in `processWithdrawals` Can Lead to Unfulfilled Withdrawal Requests (BaseMinterWithdrawal::processWithdrawals)

#30 hats-bug-reporter[bot] opened 1 week ago
1
Owner can drain funds reserved for user withdrawals

#29 hats-bug-reporter[bot] opened 1 week ago
1
testing purpose

#28 hats-bug-reporter[bot] closed 1 week ago
0
_addDelegation and _removeDelagation use unbounded loops and can lead to out of gas

#27 hats-bug-reporter[bot] opened 1 week ago
1
interruption issue in `processWithdrawals()` function

#26 hats-bug-reporter[bot] opened 1 week ago
6
Emergency consensus withdraw and account transfer functions are not implemented in `stROSEMinter.sol`

#25 hats-bug-reporter[bot] opened 1 week ago
1
Slashed validators can not be removed

#24 hats-bug-reporter[bot] opened 1 week ago
1
TakeReceiptUndelegate event should include block.number

#23 hats-bug-reporter[bot] opened 1 week ago
1
Deposit events in NativeMinter and ERC20Minter do not emit minted shares and Refund events do not emit the redeemAmount

#22 hats-bug-reporter[bot] opened 1 week ago
1
withdrawal requests can not be cancelled by users

#21 hats-bug-reporter[bot] opened 1 week ago
1
collectWithdrawalFees will always emit 0 collected fees because totalWithdrawalFees is set to 0 before emitting the event

#20 hats-bug-reporter[bot] opened 1 week ago
1