issues
search
sherlock-audit
/
2024-01-telcoin-judging
6
stars
5
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
zhuying - [M-01] The burn function will break the claim function
#255
sherlock-admin
closed
8 months ago
1
grearlake - Malicious builder can back-run to update malicious config of staking contrat when deploying
#254
sherlock-admin2
closed
8 months ago
2
0xlucky - StakingRewards: Significant loss of precision possible
#253
sherlock-admin
closed
8 months ago
2
kgothatso - `TelcoinDistributor :: proposeTransaction ` Council Member can steal all funds
#252
sherlock-admin2
closed
8 months ago
1
m4ttm - Approvals persist when a CouncilMember is burned and the id is later reminted
#251
sherlock-admin
closed
8 months ago
1
Avci - the `batchTelcoin` will always fail due to wrong check in require.
#250
sherlock-admin2
closed
8 months ago
1
sonny2k - mint() function using totalSupply() as the id for newly minted NFT will always be reverted if some NFTs were burnt
#249
sherlock-admin
closed
8 months ago
1
grearlake - Latest council member will lost rewards after burning council member NFT
#248
sherlock-admin2
closed
8 months ago
1
kgothatso - `TelcoinDistributor :: ` out of gas can lead to DOS
#247
sherlock-admin
closed
8 months ago
1
m4ttm - Users balances are incorrectly swapped when a CouncilMember is burned
#246
sherlock-admin2
closed
8 months ago
1
0xlucky - In function topUp() staking.setRewardsDuration() allows setting near zero or enormous `rewardsDuration`, which breaks reward logic
#245
sherlock-admin
closed
8 months ago
2
sonny2k - Removing the item in array without preserving the array index making other functions unusable in CouncilMember.sol: burn() and StakingRewardsManager.sol: removeStakingRewardsContract()
#244
sherlock-admin2
closed
8 months ago
1
BAICE - CouncilMember NFT still support `setApprovalForAll` , `safeTransferFrom` `transferFrom` methods
#243
sherlock-admin
closed
8 months ago
5
Avci - there is a wrong require check in `executeTransaction` revert for expiration of challenge.
#242
sherlock-admin2
closed
8 months ago
2
araj - staking contract with different rewardToken can be added in stakingContractManager
#241
sherlock-admin
closed
8 months ago
2
kgothatso - `TelcoinDistributor : : executeTransaction ` internal Reentrancy by Council Member
#240
sherlock-admin2
closed
8 months ago
2
ggg_ttt_hhh - There is a misuse of indices input in the topUp function.
#239
sherlock-admin
closed
8 months ago
1
m4ttm - Burning any CouncilMember other than the last can prevent minting
#238
sherlock-admin2
closed
8 months ago
1
sonny2k - Missing check if the sum of amounts value in array equals to totalWithdrawl in proposeTransaction()
#237
sherlock-admin
closed
8 months ago
1
grearlake - `SUPPORT_ROLE` can steal TELCOIN by calling `recoverERC20FromStaking()` function
#236
sherlock-admin2
closed
8 months ago
1
ydlee - The last council member cannot claim his allocated TELCOIN after someone's token is burnt.
#235
sherlock-admin
closed
8 months ago
1
dipp - Incorrect balance is removed when burning
#234
sherlock-admin2
closed
8 months ago
1
BAICE - TokenId collision in `CouncilMember`, user A can claim user B's Telcoin balance
#233
sherlock-admin
closed
8 months ago
1
kgothatso - `TelcoinDistributor :: batchTelcoin ` function can cause A DOS if array is not the same transaction can revert
#232
sherlock-admin2
closed
8 months ago
1
grearlake - No council member can be created after burning a NFT token
#231
sherlock-admin
closed
8 months ago
1
asui - SUPPORT_ROLE can steal tokens which they are not trusted for incase of staking contracts with double entry point tokens .
#230
sherlock-admin2
closed
8 months ago
2
m4ttm - Potentially incorrect access control in _isAuthorized
#229
sherlock-admin
closed
8 months ago
1
sonny2k - Missing check for equal length arrays in TelcoinDistributor: proposeTransaction()
#228
sherlock-admin2
closed
8 months ago
1
0xboriskataa - Incorrect input of parameters for the `StakingRewardsManager.sol: recoverERC20` function call
#227
sherlock-admin
closed
8 months ago
1
HonorLt - Challenge period immediate effect
#226
sherlock-admin2
closed
8 months ago
2
zzykxx - `removeFromOffice()` does not reset `_tokenApproval`
#225
sherlock-admin
closed
8 months ago
1
m4ttm - ERC-165 is not implemented correctly in CouncilMember
#224
sherlock-admin2
closed
8 months ago
1
iberry - The _withdrawAll function in the CouncilMember contract does not adhere to the CEI pattern
#223
sherlock-admin
closed
8 months ago
2
jah - we can't call mint function after we called burn funciton
#222
sherlock-admin2
closed
8 months ago
1
fnanni - Proposals in TelcoinDistributor don't get paused when the contract is paused
#221
sherlock-admin
closed
8 months ago
1
grearlake - Malicious council member can't be removed
#220
sherlock-admin2
closed
8 months ago
1
tives - When burning a council member NFT in the middle of the array, then the balance moving logic is incorrect.
#219
sherlock-admin
closed
8 months ago
1
jah - the burn function can prevent the last cm to not clime his reward because of line 219
#218
sherlock-admin2
closed
8 months ago
1
araj - Existing council member can become member twice
#217
sherlock-admin
closed
8 months ago
2
jah - wrong logic on burn function
#216
sherlock-admin
closed
8 months ago
1
HonorLt - Wrong burn logic
#215
sherlock-admin2
closed
8 months ago
1
sakshamguruji - Council Member NFT Would Be Lost If New Council Member Contract Does Not Implement onERC721Received
#214
sherlock-admin
closed
8 months ago
1
sakshamguruji - Incorrect Balance Is Popped While Burn
#213
sherlock-admin2
closed
8 months ago
1
grearlake - Transaction can not be challenged during the pause, which can lead to transaction to be maliciously executed
#212
sherlock-admin
closed
8 months ago
1
psb01 - Incorrect implementation of burn() causes losses and undefined behaviour.
#211
sherlock-admin2
closed
8 months ago
1
zzykxx - `SUPPORT_ROLE` can transfer out `TELCOIN` tokens that are not yet distributed
#210
sherlock-admin
closed
8 months ago
2
sakshamguruji - Random Nonces Can Be Pushed
#209
sherlock-admin2
closed
8 months ago
15
bitsurfer - Lack of revoke or clear token approval when removed from office
#208
sherlock-admin
closed
8 months ago
1
BAICE - Different `stakingRewards` contract address by using a same index id, `StakingRewardsManager:removeStakingRewardsContract` will cause the index ->address map to be out of order
#207
sherlock-admin2
closed
8 months ago
1
0xpep7 - CouncilMember:_isAuthorized return false for owner address
#206
sherlock-admin
closed
8 months ago
2
Next