hats-finance Tapioca-0xe0b920d38a0900af3bab7ff0ca0af554129f54ad issues

hats-finance / Tapioca-0xe0b920d38a0900af3bab7ff0ca0af554129f54ad

4 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Audit Report Draft Update

#43 shayzluf opened 5 months ago
0
Contract with a payable function, but without a withdrawal capacity

#42 hats-bug-reporter[bot] opened 5 months ago
1
The code won't revert if `(_getChainId() == _data.governanceEid)` is false

#41 hats-bug-reporter[bot] opened 5 months ago
1
Incorrect comparison of uninitialized struct property

#40 hats-bug-reporter[bot] opened 5 months ago
3
User Can Claim More Than totalAmount Due to Lack of Max Return Amount Check in _vested Function

#39 hats-bug-reporter[bot] opened 5 months ago
6
Attacker can DOS LZ channel due to lack of minimum gas check

#38 hats-bug-reporter[bot] opened 5 months ago
2
Initial Unlock Amount Not Immediately Claimable

#37 hats-bug-reporter[bot] opened 5 months ago
4
Delay in Full Vesting of user tokens Due to Incorrect Calculation

#36 hats-bug-reporter[bot] opened 5 months ago
29
Tokens can be Permanently Locked in Vesting Contract

#35 hats-bug-reporter[bot] opened 5 months ago
0
Dos in `collectPaymentTokens`if token Revert on Zero Value

#34 hats-bug-reporter[bot] opened 5 months ago
1
Exploit Overflow of Vesting Contract

#33 hats-bug-reporter[bot] opened 5 months ago
1
Use of abi.encodePacked() with multiple dynamic arguments

#32 hats-bug-reporter[bot] opened 5 months ago
1
Unchecked return value of transfer functions

#31 hats-bug-reporter[bot] opened 5 months ago
1
Arbitrary `from` passed to `transferFrom`in Cross-chain Transactions (LayerZero) can cause loss of funds due to change in `msg.sender`

#30 hats-bug-reporter[bot] opened 5 months ago
1
A malicious actor can overtake the minting functionality in `aoTAP.sol` and easily make the broker related functions in `aoTAP.sol` unaccessible

#29 hats-bug-reporter[bot] opened 5 months ago
3
LZ channel can be blocked due to wrong gas amount being sent

#28 hats-bug-reporter[bot] opened 5 months ago
3
Cross-chain replay attacks are possible in `getTypedDataHash`

#27 hats-bug-reporter[bot] opened 5 months ago
1
Protocol's internal accounting would be broken whenever a singularity gets re-added

#26 hats-bug-reporter[bot] opened 5 months ago
4
Аdditional verification is missing in `isApprovedOrOwner` function

#25 hats-bug-reporter[bot] opened 5 months ago
2
Missing Validation Checks in `registerUsersForPhase` Function

#24 hats-bug-reporter[bot] opened 5 months ago
2
Unchecked `_claimTwpTapRewardsReceiver` `_srcReceiver` allows Permit Front-runner to steal rewards to self

#23 hats-bug-reporter[bot] opened 5 months ago
1
Underflow Vulnerability in `emitForWeek` function

#22 hats-bug-reporter[bot] opened 5 months ago
2
Unchecked ERC20 transfer

#21 hats-bug-reporter[bot] opened 5 months ago
1
Inability to lock `TAP` for any user in the `twTAP` contract

#20 hats-bug-reporter[bot] opened 5 months ago
1
Issue M-21 from Code4rena audit not correctly fixed

#19 hats-bug-reporter[bot] opened 5 months ago
6
`AirdropBroker.sol`: participants can claim their eligible amount as many times as possible

#18 hats-bug-reporter[bot] opened 5 months ago
1
`cumulative` is being inflated in some cases which would lead to the duration also being inflated

#17 hats-bug-reporter[bot] opened 5 months ago
1
Anyone can call exitPosition for oTAPTokenID they don't own, which would burn that oTAP token.

#16 hats-bug-reporter[bot] opened 5 months ago
1
fillPermittedOrderERC1155 and fillPermittedOrderERC20 does not work and always revert

#15 hats-bug-reporter[bot] opened 5 months ago
1
twTAP Cumulative can be reduced to a very small amount by abusing cumulative logic, preventing new locks

#14 hats-bug-reporter[bot] opened 5 months ago
1
permitTransferFromERC1155 / permitTransferFromERC20 can be frontrun and griefed

#13 hats-bug-reporter[bot] opened 5 months ago
5
Incorrect address check in `setTapToken` in `AirdropBrokerSol`

#12 hats-bug-reporter[bot] opened 5 months ago
1
Missing Zerro check in `setTapToken` function

#11 hats-bug-reporter[bot] opened 5 months ago
1
OTAP contract doesn't comply with EIP-721 standard

#10 hats-bug-reporter[bot] opened 5 months ago
1
OTAP contract doesn't comply with EIP-721 standard

#9 hats-bug-reporter[bot] opened 5 months ago
3
Vulnerability in `_getDiscountedPaymentAmount` Function

#8 hats-bug-reporter[bot] opened 5 months ago
5
Malicious user can front-run `brokerClaim()` and become a broker.

#7 hats-bug-reporter[bot] opened 5 months ago
1
Users cannot Redeem partial amount of LTap tokens

#6 hats-bug-reporter[bot] opened 5 months ago
1
Anybody can become a broker

#5 hats-bug-reporter[bot] opened 5 months ago
1
`decodeLockTwTapDstMsg()` will revert because of incorrect decoding

#4 hats-bug-reporter[bot] opened 5 months ago
2
TWAML weights can be griefed by burning tokens

#3 hats-bug-reporter[bot] opened 5 months ago
2
Issue [M-17] from Code4rena audit not fixed

#2 hats-bug-reporter[bot] opened 5 months ago
1
Ownable.sol constructor param not supplied

#1 hats-bug-reporter[bot] opened 5 months ago
1