issues
search
sherlock-audit
/
2023-02-hats-judging
2
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
bin2chen - checkTransaction() can skip minThreshold limt
#31
sherlock-admin
closed
1 year ago
4
rvierdiiev - HatsSignerGateBase will not allow tx, that decrease owners count(some wearers are not eligible to wear hat)
#30
sherlock-admin
closed
1 year ago
1
cducrest-brainbot - Inconsistent isAdminOfHat function for top hats
#29
sherlock-admin
closed
1 year ago
1
chaduke - noCircularLinkage() might fail to detect circles in the tree
#28
sherlock-admin
closed
1 year ago
7
rvierdiiev - HatsSignerGate.claimSigner will revert when signerCount = maxSigners and any of owners is invalid
#27
sherlock-admin
closed
1 year ago
7
cducrest-brainbot - checkHatWearerStatus does not match _isEligible
#26
sherlock-admin
closed
1 year ago
1
rvierdiiev - HatsSignerGateBase.setTargetThreshold should adjust minThreshold
#25
sherlock-admin
closed
1 year ago
0
cducrest-brainbot - Unlink hat checks for admin instead of root tree
#24
sherlock-admin
closed
1 year ago
1
cducrest-brainbot - Move tree root to different tree without consent
#23
sherlock-admin
closed
1 year ago
0
cducrest-brainbot - Minting inactive hats
#22
sherlock-admin
closed
1 year ago
0
sinarette - createHat can be called by indirect admins
#21
sherlock-admin
closed
1 year ago
1
rvierdiiev - Hat wearer can call function with limited amount of gas in order to make toggle call revert and use previous active status
#20
sherlock-admin
closed
1 year ago
4
roguereddwarf - HatsSignerGateBase: signers can add / remove / swap signers which bypasses the HSG logic and can lead to multiple bad outcomes including DOS and increased control over Safe
#19
sherlock-admin
closed
1 year ago
0
descharre - Missing 0 address check in constructor
#18
sherlock-admin
closed
1 year ago
0
descharre - Payable functions but no way to withdraw the eth.
#17
sherlock-admin
closed
1 year ago
0
descharre - Missing 0 check in setUp function or missing setter for address
#16
sherlock-admin
closed
1 year ago
0
Bauer - The target threshold may be lower than the minimum threshold
#15
sherlock-admin
closed
1 year ago
0
carrot - Contract breaks if `targetThreshold` is ever reduced
#14
sherlock-admin
closed
1 year ago
0
carrot - `claimSigner` can unexpectedly revert
#13
sherlock-admin
closed
1 year ago
0
carrot - `MultiHatsSignerGate` allows addition but not removal of signer hats
#12
sherlock-admin
closed
1 year ago
1
carrot - Hats can be overwritten
#11
sherlock-admin
opened
1 year ago
3
carrot - Incorrect threshold update in `reconcileSignerCount`
#10
sherlock-admin
closed
1 year ago
0
roguereddwarf - Hats.sol: linkedTreeRequests entry should be deleted when unlinking
#9
sherlock-admin
closed
1 year ago
0
roguereddwarf - Hats.sol: staticcalls can revert by consuming all gas which can cause other functionality to be blocked
#8
sherlock-admin
closed
1 year ago
3
descharre - Initializer modifier on constructor
#7
sherlock-admin
closed
1 year ago
0
descharre - Missing 0 address check in _mintHat
#6
sherlock-admin
closed
1 year ago
0
descharre - Wrong if check for wearer of hat
#5
sherlock-admin
closed
1 year ago
0
roguereddwarf - Hats.balanceOfBatch returns wrong result
#4
sherlock-admin
closed
1 year ago
0
roguereddwarf - Hats.supportsInterface function should not return true for ERC1155
#3
sherlock-admin
closed
1 year ago
2
roguereddwarf - Hats.uri function can be DOSed by providing large details or imageURI string or cause large gas fees
#2
sherlock-admin
opened
1 year ago
4
roguereddwarf - _constructURI function allows to break out of json format and to inject malicious properties / code
#1
sherlock-admin
closed
1 year ago
7
Previous