issues
search
sherlock-audit
/
2023-02-hats-judging
2
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
roguereddwarf - Hats._isEligible and Hats._isActive functions might access old data
#81
sherlock-admin
closed
1 year ago
1
Allarious - [Low][Flow] `deployHatsSignerGate` does not check if the safe is connected to another HSG
#80
sherlock-admin
closed
1 year ago
0
Allarious - [Medium][Outdated State] `_removeSigner` incorrectly updates `signerCount` and safe `threshold`
#79
sherlock-admin
opened
1 year ago
3
juancito - Transactions will be frozen if incorrect settings are used during a deployment on HatsSignerGateFactory
#78
sherlock-admin
closed
1 year ago
0
Allarious - [Medium][Outdated State] `_swapSigner` might cause `signerCount` to increase incorrectly
#77
sherlock-admin
closed
1 year ago
2
Allarious - [High][Flow] `reconcileSignerCount` is not updating the safe threshold correctly
#76
sherlock-admin
closed
1 year ago
0
Allarious - [Medium][Outdated State] `setThreshold` functions are not using an updated `SignerCount` and might set the threshold on safe incorrectly
#75
sherlock-admin
closed
1 year ago
0
ktg - Incompatibility between balanceOf and balanceOfBatch.
#74
sherlock-admin
closed
1 year ago
0
Allarious - [Medium][Gas/Stack Management] Recursive functions are used regularly and can increase gas usage quadratically or might face stack too deep
#73
sherlock-admin
closed
1 year ago
0
Allarious - [High][Flow]`createHat` allows creation of hats without intermediary, which can lead to hats getting completely overwritten in the future
#72
sherlock-admin
closed
1 year ago
0
Dug - `maxSigners` can be exceeded, causing all safe transactions to revert
#71
sherlock-admin
closed
1 year ago
0
Dug - Valid signers can be forcibly removed from the safe
#70
sherlock-admin
closed
1 year ago
1
clems4ever - False default value for badStanding can expose the hat to side effects.
#69
sherlock-admin
closed
1 year ago
1
Dug - Safe threshold set incorrectly by `reconcileSignerCount`
#68
sherlock-admin
closed
1 year ago
0
roguereddwarf - Signers can backdoor the Safe by swapping modules to execute any transaction in the future without consensus
#67
sherlock-admin
closed
1 year ago
0
duc - When all signers of the gate lose their hats, `reconcileSignerCount` will not update threshold, then `targetThreshold` can be updated to be lower than the current threshold during here, leads to freeze safe's actions.
#66
sherlock-admin
closed
1 year ago
0
0xMojito - Hat level can become too large and DOS other functions
#65
sherlock-admin
closed
1 year ago
0
0xMojito - Invalid token ID hat with skipped level should not be able to be created
#64
sherlock-admin
closed
1 year ago
1
duc - Function `reconcileSignerCount` updates wrong threshold, leads to freezing safe’s actions
#63
sherlock-admin
closed
1 year ago
0
clems4ever - Top Hats can be overriden due to arithmetic overflow
#62
sherlock-admin
closed
1 year ago
1
xyzbtchunt - `transferHat` returns no value prevents accidental input
#61
sherlock-admin
closed
1 year ago
0
tsvetanovv - Wrong logical operator in `_checkAdminOrWearer`
#60
sherlock-admin
closed
1 year ago
0
roguereddwarf - HatsSignerGateFactory: Should revert if there are more than 5 existing modules
#59
sherlock-admin
closed
1 year ago
0
roguereddwarf - Safe can no longer execute transactions when module other than HatsSignerCreate enables a module
#58
sherlock-admin
closed
1 year ago
0
ktg - Inactive hats can still be minted and transferred
#57
sherlock-admin
closed
1 year ago
5
xyzbtchunt - incorrect doesn't validate inputs `hats.sol#mintTopHat`
#56
sherlock-admin
closed
1 year ago
0
Met - Setting wrong variable to signer threshold of the Gnosis safe
#55
sherlock-admin
closed
1 year ago
0
DahirMuhammadDahir - changeHaxMaxSupply() function implementation is different and misleading from its documentation
#54
sherlock-admin
closed
1 year ago
3
roguereddwarf - HatsSignerGateBase: reconcileSignerCount function might set threshold too high
#53
sherlock-admin
closed
1 year ago
0
obront - Signers can bypass checks and change threshold within a transaction
#52
sherlock-admin
opened
1 year ago
7
roguereddwarf - HatsSignerGate + MultiHatsSignerGate: more than maxSignatures can be claimed which leads to DOS in reconcileSignerCount
#51
sherlock-admin
opened
1 year ago
5
roguereddwarf - HatsSignerGateBase: valid signer threshold can be bypassed because HSG checks signatures differently from Safe which allows exploitation
#50
sherlock-admin
opened
1 year ago
3
descharre - Direct usage of ecrecover allows signature malleability
#49
sherlock-admin
closed
1 year ago
0
obront - Signers can brick safe by adding unlimited additional signers while avoiding checks
#48
sherlock-admin
opened
1 year ago
3
obront - Can get around hats per level constraints using phantom levels
#47
sherlock-admin
opened
1 year ago
10
obront - Other module can add owners to safe that push us above maxSigners, bricking safe
#46
sherlock-admin
opened
1 year ago
8
obront - buildHatId returns incorrect value for lowest level child
#45
sherlock-admin
closed
1 year ago
8
obront - Safe threshold can be set above target threshold, causing transactions to revert
#44
sherlock-admin
opened
1 year ago
2
obront - If signer gate is deployed to safe with more than 5 existing modules, safe will be bricked
#43
sherlock-admin
opened
1 year ago
4
obront - If another module adds a module, the safe will be bricked
#42
sherlock-admin
opened
1 year ago
4
obront - Signers can bypass checks to add new modules to a safe by abusing reentrancy
#41
sherlock-admin
opened
1 year ago
7
chaduke - An admin can secure the good standing and eligibility of any hat wear under him easily.
#40
sherlock-admin
closed
1 year ago
1
obront - If a hat is owned by address(0), phony signatures will be accepted by the safe
#39
sherlock-admin
opened
1 year ago
3
obront - Swap Signer fails if final owner is invalid due to off by one error in loop
#38
sherlock-admin
opened
1 year ago
2
obront - Safe can be bricked because threshold is updated with validSignerCount instead of newThreshold
#37
sherlock-admin
opened
1 year ago
2
obront - targetThreshold can be set below minThreshold, violating important invariant
#36
sherlock-admin
opened
1 year ago
2
obront - Unlinked tophat retains linkedTreeRequests, can be rugged
#35
sherlock-admin
opened
1 year ago
2
obront - Changing hat toggle address can lead to unexpected changes in status
#34
sherlock-admin
opened
1 year ago
8
obront - Owners of linkedin tophats cannot have eligibility revoked
#33
sherlock-admin
opened
1 year ago
4
chaduke - DOS attack to getHatLevel()
#32
sherlock-admin
closed
1 year ago
0
Previous
Next