issues
search
sherlock-audit
/
2023-01-optimism-judging
22
stars
8
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Chom - It would be great if you allow withdraw of FeeVault to L2 without bridging to L1
#314
github-actions[bot]
closed
1 year ago
1
ak1 - SystemConfig.sol : unsafe storage location use
#313
github-actions[bot]
closed
1 year ago
0
cergyk - Nonce non incremented on deposit tx if ErrGasLimit
#312
github-actions[bot]
closed
1 year ago
0
w42d3n - Using bools for storage incurs overhead
#311
github-actions[bot]
closed
1 year ago
0
shw - No authorization on `finalizeWithdrawalTransaction` in `OptimismPortal` leads to chances of MEV attacks.
#310
github-actions[bot]
closed
1 year ago
1
ak1 - Known issues with compiler versions used to compile the contracts
#309
github-actions[bot]
closed
1 year ago
5
w42d3n - The visibility for constructor is ignored
#308
github-actions[bot]
closed
1 year ago
1
w42d3n - Large multiples of ten should use scientific notation
#307
github-actions[bot]
closed
1 year ago
1
Chom - L1ERC721Bridge is not implementing ERC721Receiver, although it is holding ERC721 tokens which is an anti-pattern.
#306
github-actions[bot]
closed
1 year ago
0
yongkiws - L1 and L2 cannot validate correctly
#305
github-actions[bot]
closed
1 year ago
5
unforgiven - [Medium] hard-coded gas amount specified in CrossDomainMessenger and it can cause cross domain messages to revert if Ethereum gas cost changes or contracts in other chain get updated
#304
github-actions[bot]
closed
1 year ago
1
w42d3n - Use of tx.origin in OptimismPortal.sol
#303
github-actions[bot]
closed
1 year ago
0
shw - No mechanism for rollup nodes to revoke submitted batches
#302
github-actions[bot]
closed
1 year ago
1
Chom - L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom. Necessary hooks and checks wouldn't be performed.
#301
github-actions[bot]
closed
1 year ago
0
w42d3n - add zero address validation in constructor and initializer
#300
github-actions[bot]
closed
1 year ago
0
w42d3n - Use safeTransferFrom() instead of transferFrom() for outgoing erc721 transfers
#299
github-actions[bot]
closed
1 year ago
1
Barichek - Incorrect implementation of the `_isCorrectTokenPair` function
#298
github-actions[bot]
closed
1 year ago
1
Barichek - Incorrect withdrawal finalization due to EIP-150 logic
#297
github-actions[bot]
closed
1 year ago
5
Barichek - Permanent freeze of withdrawal due to the impossibility of reproving
#296
github-actions[bot]
closed
1 year ago
1
unforgiven - [High] funds in FeeVault and child contracts in L2 can be locked because withdraw() specify hardcoded and low amount of gas when calling bridgeETHTo()
#295
github-actions[bot]
closed
1 year ago
1
Chom - Missing free 1.92 million gas cause bridging gas costs to increase dramatically.
#294
github-actions[bot]
closed
1 year ago
1
0xWeiss - [M-05] Incompatibility with fee on transfer tokens
#293
github-actions[bot]
closed
1 year ago
1
0xWeiss - [M-04] Unchecked to and from address are not 0 can lead to unexpected burn of funds.
#292
github-actions[bot]
closed
1 year ago
1
0xWeiss - [M-03] Insufficient validation while initializing
#291
github-actions[bot]
closed
1 year ago
1
obront - PayloadBufPool Allocation Overflow
#290
github-actions[bot]
closed
1 year ago
1
0xWeiss - [M-02] Gas grieffing attack while bridging NFT
#289
github-actions[bot]
closed
1 year ago
1
0xWeiss - [M-01] Gas grieffing attack while external calling
#288
github-actions[bot]
closed
1 year ago
1
0xWeiss - [H-02] Wrongly checked return value of a external call
#287
github-actions[bot]
closed
1 year ago
1
SaharDevep - Unsafe ERC20 Operation
#286
github-actions[bot]
closed
1 year ago
0
0xWeiss - [H-01] No capability to hold ERC721 tokens. NFTs will be lost
#285
github-actions[bot]
closed
1 year ago
1
sach1r0 - For ERC721 transfers, use `safeTransferFrom()` instead of `transferFrom()`
#284
github-actions[bot]
closed
1 year ago
1
obront - Batch validation logic is ordered differently to specification
#283
github-actions[bot]
opened
1 year ago
0
obront - Client will accept invalid blocks from gossip channels due to insufficient L1BlockInfo decoding
#282
github-actions[bot]
closed
1 year ago
1
sach1r0 - Lack of zero-address check in the constructor of `BaseFeeVault.sol`
#281
github-actions[bot]
closed
1 year ago
0
obront - First withdrawal of fees to L1 may malfunction due to unforeseen gas fees
#280
github-actions[bot]
closed
1 year ago
0
obront - Batcher frames are incorrectly decoded leading to consensus split
#279
github-actions[bot]
opened
1 year ago
5
ak1 - Unsafe block variables handling.
#278
github-actions[bot]
closed
1 year ago
5
obront - Censorship resistance is undermined and bridging of assets can be DOSed at low cost
#277
github-actions[bot]
opened
1 year ago
1
shw - Panic when decoding a malformed deposit transaction JSON string
#276
github-actions[bot]
opened
1 year ago
1
obront - Withdrawals in the 7 days prior to migration are immune to challenges, disabling the key defense mechanism of ORU
#275
github-actions[bot]
closed
1 year ago
5
obront - Bad RPC provider data can (and did) take down sequencer
#274
github-actions[bot]
closed
1 year ago
1
xiaoming90 - NFT Might Be Locked In The Bridges
#273
github-actions[bot]
closed
1 year ago
1
obront - Relayers can send additional gas with cross domain messages
#272
github-actions[bot]
closed
1 year ago
1
obront - When messenger is paused, all matured withdrawals can be forever invalidated
#271
github-actions[bot]
closed
1 year ago
5
obront - Double spend of deposits is possible during migration due to re-org opportunity
#270
github-actions[bot]
closed
1 year ago
1
Josiah - Double Division causing precision loss
#269
github-actions[bot]
closed
1 year ago
0
obront - User funds may be lost during migration when performed in a quick fashion
#268
github-actions[bot]
closed
1 year ago
1
shw - Incorrect encoding of deposit transactions that creates a new contract
#267
github-actions[bot]
closed
1 year ago
0
shw - Specification of the new base fee calculation is inconsistent with the code
#266
github-actions[bot]
opened
1 year ago
0
xiaoming90 - Inconsistency In Immutable Configuration
#265
github-actions[bot]
closed
1 year ago
1
Next