hats-finance SafeStaking-by-HOPR-0x607386df18b663cf5ee9b879fbc1f32466ad5a85 issues

hats-finance / SafeStaking-by-HOPR-0x607386df18b663cf5ee9b879fbc1f32466ad5a85

HOPR is an open incentivized mixnet which enables privacy-preserving point-to-point data exchange. HOPR is similar to Tor but actually private, decentralized and economically sustainable.

https://hoprnet.org

GNU General Public License v3.0

0 stars 1 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Audit Report Draft Update

#60 shayzluf opened 6 months ago
0
FOR LOOPS CAN BE GAS OPTIMIZED

#59 hats-bug-reporter[bot] opened 11 months ago
1
MISSING ZERO ADDRESS CHECKS

#58 hats-bug-reporter[bot] opened 11 months ago
0
Inconsistent logic to initialize the staking contracts

#57 hats-bug-reporter[bot] opened 11 months ago
1
Complex operations in function may lead to gas running out

#56 hats-bug-reporter[bot] opened 11 months ago
1
Hash collision due to abi.encodePacked

#55 hats-bug-reporter[bot] opened 11 months ago
2
No reentrancy protection on clone() function having callback

#54 hats-bug-reporter[bot] opened 11 months ago
0
address payable in contract but no means to withdraw Ethers

#53 hats-bug-reporter[bot] opened 11 months ago
1
Pragma non-specification can lead to non-functional / corrupted contract when deployed on Arbitrum

#52 hats-bug-reporter[bot] opened 11 months ago
1
Due to lack of validation, a malicious node can **repeatedly** prevent a destination node from redeeming their ticket

#51 hats-bug-reporter[bot] opened 11 months ago
1
Preemptive execution of `registerSafeByNode()` will make `registerSafeWithNodeSig()` unusable

#50 hats-bug-reporter[bot] opened 11 months ago
1
Owner can renounce ownership of contract

#49 hats-bug-reporter[bot] opened 11 months ago
0
The node already in member cannot execute the `includeNode()` function.

#48 hats-bug-reporter[bot] opened 11 months ago
1
Dust caller in variable `currentCaller` of the contract **HoprWhitehat**

#47 hats-bug-reporter[bot] opened 11 months ago
2
The Channels#`_fundChannelInternal()` would be called `twice` in a single transaction, which lead to a double-spending

#46 hats-bug-reporter[bot] opened 11 months ago
1
SimplifiedModule remains un-upgradeable

#45 hats-bug-reporter[bot] opened 11 months ago
13
OwnableUpgradeable uses single-step ownership transfer

#44 hats-bug-reporter[bot] opened 11 months ago
0
The constructor does not check for the zero address

#43 hats-bug-reporter[bot] opened 11 months ago
6
batchStakeFor function allows 0 amount stakes

#42 hats-bug-reporter[bot] opened 11 months ago
3
Return value of "send" method is not handled

#41 hats-bug-reporter[bot] opened 11 months ago
4
There is no zero address check for the parameter passed into the constructor

#40 hats-bug-reporter[bot] opened 11 months ago
7
gimmeToken function does not check that the contract has pre-funded wxHopr

#39 hats-bug-reporter[bot] opened 11 months ago
5
Wrong block will be verified for snapshot

#38 hats-bug-reporter[bot] opened 11 months ago
5
Empty string check is not applied

#37 hats-bug-reporter[bot] opened 11 months ago
0
Constructor lacks zero value check

#36 hats-bug-reporter[bot] opened 11 months ago
0
Constructor lacking address(0) check

#35 hats-bug-reporter[bot] opened 11 months ago
0
Time units are better and precise to use

#34 hats-bug-reporter[bot] opened 11 months ago
0
Constant keccak should be immutable

#33 hats-bug-reporter[bot] opened 11 months ago
1
Use a safe transfer helper library for ERC20 transfers

#32 hats-bug-reporter[bot] opened 11 months ago
1
Wrong manage of time in HoprChannels contract

#31 hats-bug-reporter[bot] opened 11 months ago
0
Possible to backdoor `Safe` to execute any transaction without consensus

#30 hats-bug-reporter[bot] opened 11 months ago
3
anyone can add a custom safe trough `NodeSafeRegistry`

#29 hats-bug-reporter[bot] opened 11 months ago
1
Missing Zero Address Check

#28 hats-bug-reporter[bot] opened 11 months ago
1
Single signer can disable `HoprNodeManagementModule`

#27 hats-bug-reporter[bot] opened 11 months ago
3
Safe can be permanently bricked if a broken guard were set

#26 hats-bug-reporter[bot] opened 11 months ago
4
Use safeMint instead of mint for ERC721

#25 hats-bug-reporter[bot] opened 11 months ago
1
The unlock mechanism has no permission check

#24 hats-bug-reporter[bot] opened 11 months ago
4
Problems with `ensureNodeIsSafeModuleMember()`

#23 hats-bug-reporter[bot] opened 11 months ago
2
Possible to front-run safe setup and inject malicious module

#22 hats-bug-reporter[bot] opened 12 months ago
2
Safe multisig threshold of one is unsafe

#21 hats-bug-reporter[bot] opened 12 months ago
5
`ownerRescueBoosterNft` did not check whether `myHoprStake.owner()` is qualified

#20 hats-bug-reporter[bot] opened 12 months ago
2
When `src==dest`, `redeemTicket()` will become unusable.

#19 hats-bug-reporter[bot] opened 12 months ago
5
`reclaimErc721Tokens()` has no limit tokenAddress is nftContract address

#18 hats-bug-reporter[bot] opened 12 months ago
2
Domain separators are susceptible to replay attacks, ticket rewards can be claimed twice

#17 hats-bug-reporter[bot] opened 12 months ago
2
Owner can renounce ownership of HoprTicketPriceOracle

#16 hats-bug-reporter[bot] opened 12 months ago
1
Missing storage gap for upgradeable contracts

#15 hats-bug-reporter[bot] opened 12 months ago
1
Use specific compiler version

#14 hats-bug-reporter[bot] opened 12 months ago
1
`reclaimErc20Tokens()` can take out REWARD_TOKEN

#13 hats-bug-reporter[bot] opened 12 months ago
1
USE OF DEPRECATED SETUPROLE FUNCTION

#12 hats-bug-reporter[bot] opened 12 months ago
1
channel balance could pass MAX_USED_BALANCE

#11 hats-bug-reporter[bot] opened 12 months ago
1