hats-finance StakeWise-0xd91cd6ed6c9a112fdc112b1a3c66e47697f522cd issues

hats-finance / StakeWise-0xd91cd6ed6c9a112fdc112b1a3c66e47697f522cd

Liquid staking protocol for Ethereum

Other

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Audit Report Draft Update

#142 shayzluf opened 6 months ago
0
Gas

#141 0xmahdirostami closed 12 months ago
0
VaultWhitelist::_updateWhitelist(), _setWhitelister(), __VaultWhitelist_init() - no input validation checks for parameters `account` and `_whitelister`, for address(0) value. Since a mistake can be corrected, this is LOW/MEDIUM.

#140 hats-bug-reporter[bot] opened 1 year ago
1
OsTokenConfig::updateConfig() - L86: DoS of this function & therefore any ability to update config of OsToken IF the incorrect inequality indicator/sign is being used, I suspect it should be > and not <.

#139 hats-bug-reporter[bot] opened 1 year ago
2
sharesToBurn in _redeemOsToken should round up but didn't

#138 hats-bug-reporter[bot] opened 1 year ago
2
OsToken::burnShares() - L146: no check to see if `balanceOf[owner] >= shares`. Would revert here anyway due to underflow error, but maybe protocol would have wanted to then set `shares` = balanceOf[owner], and then deduct all that instead... like some protocols do...?

#137 hats-bug-reporter[bot] opened 1 year ago
1
OsToken::setCapacity() - L163: Unless it was intended to be able to set `capacity` to 0, e.g. for emergency or other scenarios, then there should be a check to avoid zero value assignment.

#136 hats-bug-reporter[bot] opened 1 year ago
1
OsToken::setAvgRewardPerSecond() - L203: Unless intended to be able to set avgRewardPerSecond to 0, there's a missing input validation check.

#135 hats-bug-reporter[bot] opened 1 year ago
1
OsTokenConfig::constructor() - L27: No input validation for parameter `_owner`. Unless this is intended functionality, which I doubt, then (additionally) it's calling the wrong function from Ownable.sol contract, the correct function contains address(0) check.

#134 hats-bug-reporter[bot] opened 1 year ago
1
OsToken::burnShares() - L146: no check to see if `balanceOf[owner] >= shares`. Would revert here anyway due to underflow error, but maybe protocol would have wanted to then set `shares` = balanceOf[owner], and then deduct all that instead... like some protocols do...?

#133 hats-bug-reporter[bot] opened 1 year ago
1
existing _exitRequests has the possibility to be over-written by new request leading to loss of existing requests and thus loss of fund.

#132 hats-bug-reporter[bot] opened 1 year ago
1
redeemToLtvPercent is higher than redeemFromLtvPercent

#131 hats-bug-reporter[bot] opened 1 year ago
1
Wrong calculation in for the first `updateState()` in `EthGenesisVault`

#130 hats-bug-reporter[bot] opened 1 year ago
2
staking fee could be changed

#129 hats-bug-reporter[bot] opened 1 year ago
1
Upgrading of contract forces upgrader to "donate" 9 gwei of ETH

#128 hats-bug-reporter[bot] opened 1 year ago
1
Lack of validation to check whether or not the `msg.value` sent as the security deposit would be more than `1 gwei`, which lead to the inflation attack

#127 hats-bug-reporter[bot] opened 1 year ago
1
`VaultOsToken`: `redeem` and `enterExitQueue` use outdated `cumulativeFeePerShare` value of OsToken

#126 hats-bug-reporter[bot] opened 1 year ago
1
Escaping losses by frontrunning the oracle updates

#125 hats-bug-reporter[bot] opened 1 year ago
3
Users in EthGenesisVault gain more than users in of StakeWise v2

#124 hats-bug-reporter[bot] opened 1 year ago
2
Users could manipulate APY formula

#123 hats-bug-reporter[bot] opened 1 year ago
2
```legacyReward(v2)``` and ```totalAssetsDelta(v3)`` are different in usage

#122 hats-bug-reporter[bot] opened 1 year ago
5
Wrong split of rewards in EthGenesisVault

#121 hats-bug-reporter[bot] opened 1 year ago
1
Users can `migrate()` before the first harvest to gain more shares

#120 hats-bug-reporter[bot] opened 1 year ago
6
Using `isCollateralized` to determine the first harvest is problematic

#119 hats-bug-reporter[bot] opened 1 year ago
2
User assets will be affected, if EthGenesisVault, if isn't Collateralized

#118 hats-bug-reporter[bot] opened 1 year ago
5
Users in EthGenesisVault extra gain of StakeWise v2

#117 hats-bug-reporter[bot] opened 1 year ago
1
Version in `_computeDomainSeparator()` isn't updated when contracts inheriting `ERC20Upgradeable.sol` are upgraded

#116 hats-bug-reporter[bot] opened 1 year ago
1
_checkHarvested` is not called in `burnOsToken` which cause incorrect calculation of cumulativeFeePerShare

#115 hats-bug-reporter[bot] opened 1 year ago
2
User can utilize a flash loan to manipulate treasury fee

#114 hats-bug-reporter[bot] opened 1 year ago
2
potential failing oracles on insufficient minimum oracles

#113 hats-bug-reporter[bot] opened 1 year ago
2
Staker are incentivised to self-liquidate instead of burning osETH when LTV >= 100%

#112 hats-bug-reporter[bot] opened 1 year ago
3
Liquidation doesn't make osETH positions healthier when LTV >= 100%

#111 hats-bug-reporter[bot] opened 1 year ago
2
Stakers might continue accumulating staking fees after being fully liquidated

#110 hats-bug-reporter[bot] opened 1 year ago
1
Liquidation premium encourages stakers to self-liquidate instead of burning osETH when LTV >= 100%

#109 hats-bug-reporter[bot] opened 1 year ago
1
Potential reentrancy attack vector in `redeem()`

#108 hats-bug-reporter[bot] opened 1 year ago
1
Incorrect calculation of shares for the fee receive

#107 hats-bug-reporter[bot] opened 1 year ago
1
The fee sholud be sent as ETH to the fee-receiver

#106 hats-bug-reporter[bot] opened 1 year ago
1
When the vault capacity is reached, user cannot deposit ETH to make his account healthy

#105 hats-bug-reporter[bot] opened 1 year ago
2
Lack of calling the ExitQueue#`push()` in the VaultEnterExit#`enterExitQueue()`, which lead to that a staker would never claim their unstaked-ETH from the Vault even if the exit queue is over

#104 hats-bug-reporter[bot] opened 1 year ago
1
Rogue implementation that are removed can still perform damaging action, the vault admin is permissionless and should not have the power to upgrade the vault contract

#103 hats-bug-reporter[bot] opened 1 year ago
5
the queueShares update is delayed and incorrect in _updateExitQueue

#102 hats-bug-reporter[bot] opened 1 year ago
2
`totalAssets()` in `OsToken` incorrectly excludes treasury assets

#101 hats-bug-reporter[bot] opened 1 year ago
1
In case the validator suffer from loss due to slashing, the totalAssets used to mint new shares is always inflated, and once the capacity of the vault is reached, user can neither deposit to mint new share nor withdraw

#100 hats-bug-reporter[bot] opened 1 year ago
2
Inaccurate comparison of redemption threshold

#99 hats-bug-reporter[bot] opened 1 year ago
3
New Users gain some rewards of old users

#98 hats-bug-reporter[bot] opened 1 year ago
5
Fund can be locked if the validator get slashed

#97 hats-bug-reporter[bot] opened 1 year ago
1
Inaccurate/unfair treasury fee added to the minter's position on mintOsToken

#96 hats-bug-reporter[bot] opened 1 year ago
1
users will lose share if they call enterExitQueue multiple times.

#95 hats-bug-reporter[bot] opened 1 year ago
1
Incorrect Position's Fee Calculation is done on burnOsToken which is not in favor of the protocol

#94 hats-bug-reporter[bot] opened 1 year ago
1
Sudden increases in OsToken minting makes the APY go out of sync with protocol state

#93 hats-bug-reporter[bot] opened 1 year ago
3