sherlock-audit 2023-01-optimism-judging issues

sherlock-audit / 2023-01-optimism-judging

22 stars 8 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Chom - It would be great if you allow withdraw of FeeVault to L2 without bridging to L1

#314 github-actions[bot] closed 1 year ago
1
ak1 - SystemConfig.sol : unsafe storage location use

#313 github-actions[bot] closed 1 year ago
0
cergyk - Nonce non incremented on deposit tx if ErrGasLimit

#312 github-actions[bot] closed 1 year ago
0
w42d3n - Using bools for storage incurs overhead

#311 github-actions[bot] closed 1 year ago
0
shw - No authorization on `finalizeWithdrawalTransaction` in `OptimismPortal` leads to chances of MEV attacks.

#310 github-actions[bot] closed 1 year ago
1
ak1 - Known issues with compiler versions used to compile the contracts

#309 github-actions[bot] closed 1 year ago
5
w42d3n - The visibility for constructor is ignored

#308 github-actions[bot] closed 1 year ago
1
w42d3n - Large multiples of ten should use scientific notation

#307 github-actions[bot] closed 1 year ago
1
Chom - L1ERC721Bridge is not implementing ERC721Receiver, although it is holding ERC721 tokens which is an anti-pattern.

#306 github-actions[bot] closed 1 year ago
0
yongkiws - L1 and L2 cannot validate correctly

#305 github-actions[bot] closed 1 year ago
5
unforgiven - [Medium] hard-coded gas amount specified in CrossDomainMessenger and it can cause cross domain messages to revert if Ethereum gas cost changes or contracts in other chain get updated

#304 github-actions[bot] closed 1 year ago
1
w42d3n - Use of tx.origin in OptimismPortal.sol

#303 github-actions[bot] closed 1 year ago
0
shw - No mechanism for rollup nodes to revoke submitted batches

#302 github-actions[bot] closed 1 year ago
1
Chom - L1ERC721Bridge _initiateBridgeERC721 is not using safeTransferFrom. Necessary hooks and checks wouldn't be performed.

#301 github-actions[bot] closed 1 year ago
0
w42d3n - add zero address validation in constructor and initializer

#300 github-actions[bot] closed 1 year ago
0
w42d3n - Use safeTransferFrom() instead of transferFrom() for outgoing erc721 transfers

#299 github-actions[bot] closed 1 year ago
1
Barichek - Incorrect implementation of the `_isCorrectTokenPair` function

#298 github-actions[bot] closed 1 year ago
1
Barichek - Incorrect withdrawal finalization due to EIP-150 logic

#297 github-actions[bot] closed 1 year ago
5
Barichek - Permanent freeze of withdrawal due to the impossibility of reproving

#296 github-actions[bot] closed 1 year ago
1
unforgiven - [High] funds in FeeVault and child contracts in L2 can be locked because withdraw() specify hardcoded and low amount of gas when calling bridgeETHTo()

#295 github-actions[bot] closed 1 year ago
1
Chom - Missing free 1.92 million gas cause bridging gas costs to increase dramatically.

#294 github-actions[bot] closed 1 year ago
1
0xWeiss - [M-05] Incompatibility with fee on transfer tokens

#293 github-actions[bot] closed 1 year ago
1
0xWeiss - [M-04] Unchecked to and from address are not 0 can lead to unexpected burn of funds.

#292 github-actions[bot] closed 1 year ago
1
0xWeiss - [M-03] Insufficient validation while initializing

#291 github-actions[bot] closed 1 year ago
1
obront - PayloadBufPool Allocation Overflow

#290 github-actions[bot] closed 1 year ago
1
0xWeiss - [M-02] Gas grieffing attack while bridging NFT

#289 github-actions[bot] closed 1 year ago
1
0xWeiss - [M-01] Gas grieffing attack while external calling

#288 github-actions[bot] closed 1 year ago
1
0xWeiss - [H-02] Wrongly checked return value of a external call

#287 github-actions[bot] closed 1 year ago
1
SaharDevep - Unsafe ERC20 Operation

#286 github-actions[bot] closed 1 year ago
0
0xWeiss - [H-01] No capability to hold ERC721 tokens. NFTs will be lost

#285 github-actions[bot] closed 1 year ago
1
sach1r0 - For ERC721 transfers, use `safeTransferFrom()` instead of `transferFrom()`

#284 github-actions[bot] closed 1 year ago
1
obront - Batch validation logic is ordered differently to specification

#283 github-actions[bot] opened 1 year ago
0
obront - Client will accept invalid blocks from gossip channels due to insufficient L1BlockInfo decoding

#282 github-actions[bot] closed 1 year ago
1
sach1r0 - Lack of zero-address check in the constructor of `BaseFeeVault.sol`

#281 github-actions[bot] closed 1 year ago
0
obront - First withdrawal of fees to L1 may malfunction due to unforeseen gas fees

#280 github-actions[bot] closed 1 year ago
0
obront - Batcher frames are incorrectly decoded leading to consensus split

#279 github-actions[bot] opened 1 year ago
5
ak1 - Unsafe block variables handling.

#278 github-actions[bot] closed 1 year ago
5
obront - Censorship resistance is undermined and bridging of assets can be DOSed at low cost

#277 github-actions[bot] opened 1 year ago
1
shw - Panic when decoding a malformed deposit transaction JSON string

#276 github-actions[bot] opened 1 year ago
1
obront - Withdrawals in the 7 days prior to migration are immune to challenges, disabling the key defense mechanism of ORU

#275 github-actions[bot] closed 1 year ago
5
obront - Bad RPC provider data can (and did) take down sequencer

#274 github-actions[bot] closed 1 year ago
1
xiaoming90 - NFT Might Be Locked In The Bridges

#273 github-actions[bot] closed 1 year ago
1
obront - Relayers can send additional gas with cross domain messages

#272 github-actions[bot] closed 1 year ago
1
obront - When messenger is paused, all matured withdrawals can be forever invalidated

#271 github-actions[bot] closed 1 year ago
5
obront - Double spend of deposits is possible during migration due to re-org opportunity

#270 github-actions[bot] closed 1 year ago
1
Josiah - Double Division causing precision loss

#269 github-actions[bot] closed 1 year ago
0
obront - User funds may be lost during migration when performed in a quick fashion

#268 github-actions[bot] closed 1 year ago
1
shw - Incorrect encoding of deposit transactions that creates a new contract

#267 github-actions[bot] closed 1 year ago
0
shw - Specification of the new base fee calculation is inconsistent with the code

#266 github-actions[bot] opened 1 year ago
0
xiaoming90 - Inconsistency In Immutable Configuration

#265 github-actions[bot] closed 1 year ago
1