sherlock-audit 2024-02-optimism-2024-judging issues

sherlock-audit / 2024-02-optimism-2024-judging

6 stars 4 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Trust - Loss of bond amounts on re-org attacks

#201 sherlock-admin3 opened 7 months ago
14
MiloTruck - Leftmost claim incentives can be abused to steal bonds from honest parties

#200 sherlock-admin2 closed 6 months ago
2
Trust - Threat of unlimited parallelized games undermine core properties of the dispute game

#199 sherlock-admin4 closed 6 months ago
2
Trust - Loss of bonds and the game due to wrong assumption in resolveClaim()

#198 sherlock-admin3 closed 6 months ago
1
Trust - The in-game chess clock runs incorrectly, counting the seconds spend in favor of the non-answering team and leading to incorrect resolutions.

#197 sherlock-admin2 closed 6 months ago
1
shealtielanz - The Proxy Admin Owner is not able to upgrade smart contracts that sit behind a `Proxy contract` as stated in the Q&A.

#196 sherlock-admin4 closed 6 months ago
0
Trust - An attacker can cause temporary freeze of funds to a participant in the FaultDisputeGame

#195 sherlock-admin3 closed 6 months ago
8
Trust - Theft of initial bonds from proposers who are using smart wallets

#194 sherlock-admin2 opened 7 months ago
30
Trust - M - The safety mechanism of the DelayedWETH contract can be bypassed

#193 sherlock-admin4 closed 6 months ago
56
Trust - The respectedGameType is not initialized leading to unsactioned game types being respected

#192 sherlock-admin3 closed 6 months ago
1
gesha17 - User can frontrun call to setInitBond() whenever a new gameImpl is introduced and create dispute games without paying bonds

#191 sherlock-admin2 closed 6 months ago
0
Shield - Withdrawal proving and withdrawal finalization can be executed in two different `respectedGameTypes`

#190 sherlock-admin4 closed 6 months ago
1
FonDevs - Incorrect check if the calldatasize is too large when creating a new `GameType`

#189 sherlock-admin3 closed 6 months ago
1
0xDjango - ETH Bonds at the lowest depth of their respective path can be frozen

#188 sherlock-admin2 closed 6 months ago
1
jasonxiale - No Storage Gap for Upgradeable Contracts

#187 sherlock-admin4 closed 6 months ago
1
0xdeadbeef - Proven but not finalized withdrawals need to be re-proved when a new respected game type is changed

#186 sherlock-admin3 closed 6 months ago
0
shealtielanz - EOA's depositing on L2 will lose their funds if they do not control same address on L2.

#185 sherlock-admin2 closed 6 months ago
1
aycozynfada - Missing msg.value Check in depositTransaction Function

#184 sherlock-admin4 closed 6 months ago
0
FonDevs - `respectedGameType` is set in the constructor and not in the initializer function

#183 sherlock-admin3 closed 6 months ago
1
AllTooWell - If the game resolution logic is wrong, there is no way to start game again in the same game type

#182 sherlock-admin2 closed 6 months ago
0
bareli - wrong implement of "findLatestGames" function.

#181 sherlock-admin4 closed 6 months ago
1
lemonmon - `AnchorStateRegistry` does not have the mechanism to invalidate game result

#180 sherlock-admin3 closed 6 months ago
0
tsvetanovv - The `depositTransaction()` function will often revert even when `_gasLimit` is sufficient because `minimumGasLimit()` is not calculated correctly

#179 sherlock-admin2 closed 6 months ago
1
nuthan2x - Users cannot create a new game or proposal if the old game is blacklisted

#178 sherlock-admin4 closed 6 months ago
1
CodeWasp - DelayedWETH unlocking may lead to DoS / perpetual locking of funds

#177 sherlock-admin3 closed 6 months ago
0
CodeWasp - Bonds at `MAX_GAME_DEPTH`` can be irrevocably locked

#176 sherlock-admin2 closed 6 months ago
9
guhu95 - New dispute game cannot be created for the same root claim with a different L1 parent hash

#175 sherlock-admin4 closed 6 months ago
2
shealtielanz - Malicious users can bypass Optimism's air-gaps by manipulating Immutable arguments in their fault dispute game proxies.

#174 sherlock-admin3 closed 6 months ago
0
rvierdiiev - DelayedWETH.unlock extends existing lock

#173 sherlock-admin2 closed 6 months ago
0
thisvishalsingh - Inadequate Access Control in `unlock` Function Leading to Griefing and State Bloat

#172 sherlock-admin4 closed 6 months ago
1
lemonmon - `OptimismPortal2` not initialized `respectedGameTypeUpdatedAt` will allow games created before the upgrade

#171 sherlock-admin3 closed 6 months ago
1
lemonmon - `LibGameType:raw` will unsafely cast resulting in incorrect comparison between GameTypes

#170 sherlock-admin2 closed 6 months ago
1
darkbit - Guardian can override accepted valid withdrawals after PROOF_MATURITY_DELAY_SECONDS and DISPUTE_GAME_FINALITY_DELAY_SECONDS passed

#169 sherlock-admin4 closed 6 months ago
0
lemonmon - `FaultDisputeGame:move` can be called after `resolveClaim` makes the game unable to be resolved

#168 sherlock-admin3 closed 6 months ago
3
guhu95 - Uninitialized `respectedGameType` may cause game type mismatch and fraudulent proofs

#167 sherlock-admin2 closed 6 months ago
1
MiloTruck - Deploying dispute games with `CREATE` makes it susceptible to L1 re-orgs

#166 sherlock-admin4 closed 6 months ago
1
bareli - wrong calling initialize function to "address(0)"

#165 sherlock-admin3 closed 6 months ago
0
lemonmon - `FaultDisputeGame`: The bond will be locked if the leaf is not resolved before the entire `resolve`

#164 sherlock-admin2 closed 6 months ago
9
bareli - "Withdrawal Logic issue"

#163 sherlock-admin4 closed 6 months ago
1
MiloTruck - L1 re-orgs could cause `FaultDisputeGame.move()` to be executed on the wrong parent claim

#162 sherlock-admin3 closed 6 months ago
1
0xdeadbeef - Guardian role can be abused to delay withdrawals even when replaced

#161 sherlock-admin2 closed 6 months ago
10
ch13fd357r0y3r - Fake or Empty proof can be validated successfully on `step()` function

#160 sherlock-admin4 closed 6 months ago
4
lemonmon - A duplicate dispute game may be created for the same output proposal due to an issue inside `FaultDisputeGame.initialize()`

#159 sherlock-admin3 closed 6 months ago
1
ZanyBonzy - Users can avoid withdrawal delay time after first request.

#158 sherlock-admin2 closed 6 months ago
3
guhu95 - Blacklisting a malfunctioning game may still prevent reproving if `status()` reverts

#157 sherlock-admin4 closed 6 months ago
15
0xHunterBug - Agreement Misinterpretation in Step Function Causes Dispute Resolution Issues

#156 sherlock-admin3 closed 6 months ago
1
joshuajee - Return status from call in the `finalizeWithdrawalTransactionExternalProof` is not properly checked meaning the `call` can fail, without being reverted

#155 sherlock-admin2 closed 6 months ago
0
CodeWasp - Non-upgradable Guardian will render the system inoperable in case of compromise

#154 sherlock-admin4 closed 6 months ago
0
Z3R0 - Withdrawal Delay Improperly Enforced

#153 sherlock-admin3 closed 6 months ago
1
MiloTruck - `DisputeGameFactory.create()` does not protect against L1 re-orgs

#152 sherlock-admin2 closed 6 months ago
1

Previous Next