issues
search
sherlock-audit
/
2024-01-telcoin-judging
6
stars
5
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
iberry - StakingRewardsManager:recoverERC20FromStaking allow SUPPORT_ROLE retrieve rewardsToken
#205
sherlock-admin2
closed
5 months ago
1
Sabit - Anyone can call recoverERC20, pause, unpause, and setChallengePeriod functions because of wrong "onlyOwner" implementation
#204
sherlock-admin
closed
5 months ago
1
r0ck3tz - Authorization added to approve function can be bypassed
#203
sherlock-admin2
closed
5 months ago
1
bitsurfer - Wrong logic in `_retrieve` function on increasing balances by using loop with sequential index
#202
sherlock-admin
closed
5 months ago
3
bitsurfer - Wrong logic on minting using `totalSupply` as tokenId can cause minting DoSed
#201
sherlock-admin2
closed
5 months ago
1
bitsurfer - burn will remove last `tokenId` balance, resulting user who own last `tokenId` can't claim their balance
#200
sherlock-admin
closed
5 months ago
1
0xpep7 - CouncilMember:burn renders the contract inoperable after the first execution
#199
sherlock-admin2
opened
5 months ago
5
fnanni - Vetoed transactions are not uniquely identified in SafeGuard's checkTransaction()
#198
sherlock-admin
closed
5 months ago
1
Jaraxxus - Governance council can withdraw and burn the wrong tokenId
#197
sherlock-admin2
closed
5 months ago
1
zzykxx - Use of `transferFrom()` instead of `safeTransferFrom()`
#196
sherlock-admin
closed
5 months ago
1
ggg_ttt_hhh - Council members have the ability to transfer their NFTs to others.
#195
sherlock-admin2
closed
5 months ago
1
Bauer - The last NFT owner may be unable to claim the reward
#194
sherlock-admin
closed
5 months ago
1
DenTonylifer - Incorrect removal of a council member
#193
sherlock-admin2
closed
5 months ago
1
Jaraxxus - Council Members can repeatedly challenge every proposal.
#192
sherlock-admin
closed
5 months ago
1
iberry - TelcoinDistributor: recoverERC20() can be used as a backdoor by the owner to retrieve Token, the owner can rug token
#191
sherlock-admin2
closed
5 months ago
2
Jaraxxus - Council members can transfer their NFTs to someone else
#190
sherlock-admin
closed
5 months ago
1
ggg_ttt_hhh - There is an issue in the logic when minting a new NFT.
#189
sherlock-admin2
closed
5 months ago
1
Jaraxxus - CouncilMember.sol does not comply with ERC721, breaking composability
#188
sherlock-admin
closed
5 months ago
1
Jaraxxus - Burning of council NFT may affect future minting of NFTs.
#187
sherlock-admin2
closed
5 months ago
1
BAICE - Mismatch length of destinations and amounts's length , will cause telcoin distribution fail
#186
sherlock-admin
closed
5 months ago
1
HonorLt - Unbounded nonces array
#185
sherlock-admin2
closed
5 months ago
1
Jaraxxus - The variables of proposeTransactions are not checked properly
#184
sherlock-admin
closed
5 months ago
1
Jaraxxus - period can be set to 0 even when constructor disallows it
#183
sherlock-admin2
closed
5 months ago
1
BAICE - Missing checks of 0x00 address when setting a number or an address
#182
sherlock-admin
closed
5 months ago
1
HonorLt - Spam proposals
#181
sherlock-admin2
closed
5 months ago
1
0xlamide - Council Member holding more than 1 nft will result in disbursement of fewer token than expected to Council member during CouncilMember.sol:retrieve
#180
sherlock-admin
closed
5 months ago
1
ggg_ttt_hhh - The distribution of Telcoin among council members was not done correctly.
#179
sherlock-admin2
closed
5 months ago
1
Bauer - The removeFromOffice() function is implemented incorrectly
#178
sherlock-admin
closed
5 months ago
2
iberry - input array == 0 will cause to bypass batchTelcoin 's safeTransfer logic
#177
sherlock-admin2
closed
5 months ago
2
BAICE - `SafeGuard` contract is not inherited from pre-written `IGuard` interface,
#176
sherlock-admin
closed
5 months ago
2
valentin2304 - Typo in StakingRewardsMangaer.sol/recoverERC20FromStaking
#175
sherlock-admin2
closed
5 months ago
1
BAICE - Missing return value in`SafeGuard:checkTransaction`, cannot check whether this transaction has been Vetoed
#174
sherlock-admin
closed
5 months ago
2
Dots - function recoverERC20FromStaking calls recoverERC20 with wrong parameters
#173
sherlock-admin2
closed
5 months ago
5
Bauer - Minting to users using `totalSupply()` as the NFT ID is incorrect
#172
sherlock-admin
closed
5 months ago
1
Strausses - Ability to transfer burned tokens, and later blocking TimeLock contract
#171
sherlock-admin2
closed
5 months ago
1
iberry - input array length must check be the same in proposeTransaction or batchTelcoin
#170
sherlock-admin
closed
5 months ago
1
VAD37 - Burn `CouncilMember` NFT mixed up rewards balance of other NFT members. Causing wrong rewards to user
#169
sherlock-admin2
closed
5 months ago
1
sakshamguruji - Incorrect topUp Mechanism
#168
sherlock-admin
closed
5 months ago
1
popeye - Multiple owners could show "ownership" of the same token ID in `CouncilMember.sol`
#167
sherlock-admin2
closed
5 months ago
1
popeye - Incorrect Balance Assignment When Burning Non-Sequential Tokens in `CouncilMember::burn`
#166
sherlock-admin
closed
5 months ago
1
popeye - Logical time gap flaw in `TelcoinDistributo::executeTransaction` causes potential oversight of valid challenges made at the end of the challenge period.
#165
sherlock-admin2
closed
5 months ago
2
popeye - Unstable Transaction Handling in `TelcoinDistributor::proposeTransaction` due to mismatch in array lengths
#164
sherlock-admin
closed
5 months ago
1
ravikiran.web3 - CouncilMember::burn() function is incorrectly implemented
#163
sherlock-admin2
closed
5 months ago
1
0xGreyWolf - `CouncilMembers::_retrieve()` loops over an array of `balances` to stream `individualBalance` and as the array size (council members) grow, gas cost expands until it becomes unusable.
#162
sherlock-admin
closed
5 months ago
1
almurhasan - runningBalance calculation is wrong in the function _retrieve(CouncilMember contract)
#161
sherlock-admin2
closed
5 months ago
2
ravikiran.web3 - StakingRewardManager::topUp() implementation is buggy
#160
sherlock-admin
closed
5 months ago
1
zzykxx - `checkTransaction()` might run out of gas because of an unbounded loop
#159
sherlock-admin2
closed
5 months ago
1
almurhasan - Council members will claim 0 telcoin tokens as tokenid burn mechanism is wrong.
#158
sherlock-admin
closed
5 months ago
1
ravikiran.web3 - StakingRewardManager::setStakingRewardsFactory() will break the sync of RewardContracts maintained between manager and factory
#157
sherlock-admin2
closed
5 months ago
2
0x_Sanzcy - StakingRewards Contract can't be managed StakingRewardsManager due to lack of ownership
#156
sherlock-admin
closed
5 months ago
1
Previous
Next