hats-finance Smooth-0x64bc275b37e62eec81a00ecaecd2b9567058f990 issues

hats-finance / Smooth-0x64bc275b37e62eec81a00ecaecd2b9567058f990

Dappnode's MEV Smoothing Pool

0 stars 2 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Initialization can be front-run

#46 hats-bug-reporter[bot] opened 1 year ago
1
Missing checks for address(0x0) when updating address state variables

#45 hats-bug-reporter[bot] opened 1 year ago
1
Missing checks for address(0x0) in the initializer

#44 hats-bug-reporter[bot] opened 1 year ago
1
External call recipient may consume all transaction gas

#43 hats-bug-reporter[bot] opened 1 year ago
1
Consider implementing two-step procedure for updating protocol addresses

#42 hats-bug-reporter[bot] opened 1 year ago
1
updateCheckpointSlotSize() / updateCollateral() does note remove old entries before adding new ones

#41 hats-bug-reporter[bot] opened 1 year ago
1
The owner is a single point of failure and a centralization risk

#40 hats-bug-reporter[bot] opened 1 year ago
1
Unchecked return value of low-level call()

#39 hats-bug-reporter[bot] opened 1 year ago
1
Anyone can unsubscribe a validator

#38 hats-bug-reporter[bot] opened 1 year ago
1
Prevent msg.sender to set himself as reward recipient.

#37 hats-bug-reporter[bot] opened 1 year ago
1
Lack of zero address check for governance transfer

#36 hats-bug-reporter[bot] opened 1 year ago
1
Funds will not transfeered to Validator if it’s a contract without fallback or receive

#35 hats-bug-reporter[bot] opened 1 year ago
1
Possible collision occurrence between Validator Ids

#34 hats-bug-reporter[bot] opened 1 year ago
1
Loss of Funds for user

#33 hats-bug-reporter[bot] opened 1 year ago
1
Save amount used for Subscription for each validator

#32 hats-bug-reporter[bot] opened 1 year ago
1
Consider Two-Phase Ownership Transfer

#31 hats-bug-reporter[bot] opened 1 year ago
2
Event not emitted when contract receives ether

#30 hats-bug-reporter[bot] opened 1 year ago
1
Donations and MEV rewards will be stuck in the contract

#29 hats-bug-reporter[bot] opened 1 year ago
4
`subscribeValidators` function can be DOS

#28 hats-bug-reporter[bot] opened 1 year ago
4
The claimedBalance mapping is not updated correctly

#27 hats-bug-reporter[bot] opened 1 year ago
14
setRewardRecipient function allows anyone to set any address as reward recipient address

#26 hats-bug-reporter[bot] opened 1 year ago
10
accumulatedBalance is not bounded. A very large value could be passed to claim absurd amounts

#25 hats-bug-reporter[bot] opened 1 year ago
7
Possible DOS due to out of gas in unbound loop

#24 hats-bug-reporter[bot] opened 1 year ago
1
Ownership can be renounced

#23 hats-bug-reporter[bot] opened 1 year ago
1
Missing checks for address(0x0) in initialize parameters

#22 hats-bug-reporter[bot] opened 1 year ago
1
Contract's initialization can be frontran

#21 hats-bug-reporter[bot] opened 1 year ago
1
The `initialize` not emit the `AcceptGovernance` event

#20 hats-bug-reporter[bot] opened 1 year ago
1
Clear Pending Governance After Completed Transfer of Governance

#19 hats-bug-reporter[bot] opened 1 year ago
2
Unchecked Quorum Reduction Fails to Consider Current State

#18 hats-bug-reporter[bot] opened 1 year ago
1
Inadequate Validation in updateQuorum and removeOracleMember

#17 hats-bug-reporter[bot] opened 1 year ago
1
Inadequate Validation of `oracleMemberIndex` in `removeOracleMember` Function

#16 hats-bug-reporter[bot] opened 1 year ago
1
The collateral subscription of the validator is not returned in the function `unsubscribeValidator`

#15 hats-bug-reporter[bot] opened 1 year ago
1
Missing storage gap for upgradeable contracts

#14 hats-bug-reporter[bot] opened 1 year ago
1
Un-indexed events limit the off-chain functionality of the protocol

#13 hats-bug-reporter[bot] opened 1 year ago
1
pragma solidity 0.8.21 uses PUSH0 which is not supported in L2's

#12 hats-bug-reporter[bot] opened 1 year ago
1
`poolFee` and `checkpointSlotSize` is unbounded

#11 hats-bug-reporter[bot] opened 1 year ago
2
Possible to renounce ownership

#10 hats-bug-reporter[bot] opened 1 year ago
4
Missing zero address checks all through `DappnodeSmoothingPool.sol` contract

#9 hats-bug-reporter[bot] opened 1 year ago
2
Lack of two-step process for ownership transfer

#8 hats-bug-reporter[bot] opened 1 year ago
1
Reentrancy and untrusted call can be used to drain funds from claimRewards()

#7 hats-bug-reporter[bot] opened 1 year ago
1
Lack of checks on `proposedRewardsRoot` in `submitReport()`

#6 hats-bug-reporter[bot] opened 1 year ago
1
Validators can be added to the protocol for 0 collateral before initialize() is called

#5 hats-bug-reporter[bot] opened 1 year ago
1
Validators don't receive their collateral when they unsubscribe

#4 hats-bug-reporter[bot] opened 1 year ago
1
__Ownable_init() function isn't called properly in the initializer

#3 hats-bug-reporter[bot] opened 1 year ago
1
Unrestricted initialize() can be frontran

#2 hats-bug-reporter[bot] opened 1 year ago
1
Contract initialization is unprotected and is vulnerable to front-running

#1 hats-bug-reporter[bot] opened 1 year ago
3