issues
search
sherlock-audit
/
2024-04-titles-judging
1
stars
1
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
trachev - Work attributions cannot be changed
#413
sherlock-admin4
closed
1 month ago
0
recursiveEth - Title: Access Control Vulnerability in createEdge Function Allows Unauthorized Edge Creation
#412
sherlock-admin3
closed
1 month ago
1
CodeWasp - `Edition` not EIP-1155 compliant
#411
sherlock-admin4
closed
1 month ago
0
Shaheen - `mintBatch()` will always revert for the users
#410
sherlock-admin3
closed
1 month ago
5
Brenzee - ETH refund during minting does not work, stuck ETH can be used to mint work tokens for free
#409
sherlock-admin4
closed
1 month ago
0
i3arba - `msg.sender` is not correctly transmited in external calls, blocking users from minting NFTs through `Edition.sol::mint`
#408
sherlock-admin3
closed
1 month ago
0
den_sosnovskyi - `TitlesGraph::_setAcknowledged` does not change the edge's acknowledged
#407
sherlock-admin4
closed
1 month ago
0
BengalCatBalu - Failure to control the size of msg.value can result non-payment fees FOR CREATION being paid for money on the FeeManager contract rather than money attached to the transaction
#406
sherlock-admin3
closed
1 month ago
4
0x73696d616f - Referral system can be gamed as editions and works are free to chose any `referrer` they want
#405
sherlock-admin4
closed
1 month ago
92
Shubham - Users may get extra refund after minting than intended
#404
sherlock-admin3
closed
1 month ago
0
alexzoid - Limitation of Revenue Due to Hardcoded `MAX_PROTOCOL_FEE`
#403
sherlock-admin4
closed
1 month ago
0
KupiaSec - `checkSignature` modifier does not consider `block.chainid`
#402
sherlock-admin3
closed
1 month ago
1
KupiaSec - `Edition::transferWork` function doesn't change the receiver of the `_feeReceivers`
#401
sherlock-admin4
closed
1 month ago
1
KupiaSec - Lack of Functionality for Granting or Revoking Important Roles in the `Edition` Contract
#400
sherlock-admin3
closed
1 month ago
2
KupiaSec - Absence of Refund Functionality in `FeeManager::collectCreationFee` function
#399
sherlock-admin4
closed
1 month ago
6
Bauchibred - The restricted Edition owner is allowed to have access to context they shouldn't be allowed to
#398
sherlock-admin3
closed
1 month ago
0
Bauchibred - Protocol does not set gas fees/USDB/WETH to claimable resulting in a loss of funds for the protocol.
#397
sherlock-admin4
closed
1 month ago
0
trachev - No slippage protection for mint fee payments
#396
sherlock-admin3
closed
1 month ago
0
Bigsam - Unsafe Downcasting in _buildSharesAndTargets Function
#395
sherlock-admin4
closed
1 month ago
0
0x73696d616f - Malicious editions can be created to publish works and perform all sort of attacks
#394
sherlock-admin3
closed
1 month ago
21
alexzoid - Incorrect Referrer Address in Fee Routing
#393
sherlock-admin4
closed
1 month ago
5
smbv-1923 - Excessive ETH passed during mint() would not be refunded
#392
sherlock-admin3
closed
1 month ago
5
den_sosnovskyi - `TitlesGraph::createEdge` should have access restriction to be called only by ADMIN_ROLE, but didn't
#391
sherlock-admin4
closed
1 month ago
1
BengalCatBalu - Failure to control the size of msg.value can result non-payment fees FOR MINTINT being paid for money on the FeeManager contract rather than money attached to the transaction
#390
sherlock-admin3
closed
1 month ago
0
CodeWasp - `Edition.transferWork` does not update fee routes
#389
sherlock-admin4
closed
1 month ago
0
CodeWasp - `Edition.transferWork` allows zero address, leaves work inaccessible for further updates
#388
sherlock-admin3
closed
1 month ago
5
AllTooWell - mint referrer can get mint fee which belongs to collection referrer
#387
sherlock-admin4
closed
1 month ago
0
avoloder - If there are more than 255 attributions, only first 255 will get the fee distribution
#386
sherlock-admin3
closed
1 month ago
0
alexzoid - Inconsistent Edge ID Generation after Work Transfer
#385
sherlock-admin4
closed
1 month ago
5
Bigsam - Potential Precision Loss in Protocol Share Value
#384
sherlock-admin3
closed
1 month ago
1
KupiaSec - The reentrancy attack is possible while collecting fees in the `FeeManager` contract
#383
sherlock-admin4
closed
1 month ago
11
KupiaSec - Incorrect Handling of Mint Fees in `Edition::mintBatch` Function
#382
sherlock-admin3
closed
1 month ago
5
KupiaSec - Improper handling of `msg.value` in the `Edition::mintBatch` function
#381
sherlock-admin4
closed
1 month ago
5
KupiaSec - Design Flaw in `Edition::_refundExcess` Function Implementation
#380
sherlock-admin3
closed
1 month ago
5
KupiaSec - Improper Reference in `FeeManager::_splitProtocolFee` Function
#379
sherlock-admin4
closed
1 month ago
5
KupiaSec - The function `TitlesGraph._setAcknowledged()` doesn't function properly due to its reliance on a memory variable
#378
sherlock-admin3
closed
1 month ago
0
BengalCatBalu - DoS в mintBatch and promoMintFunction
#377
sherlock-admin4
closed
1 month ago
0
PratRed - No Storage Gap for Upgradeable Contract Might Lead to Storage Slot Collision
#376
sherlock-admin3
closed
1 month ago
0
KupiaSec - Attackers can revert `TitlesGraph.acknowledgeEdge()` by front-running
#375
sherlock-admin4
closed
1 month ago
0
smbv-1923 - For Loop would create issue while calling `mintBatch()`
#374
sherlock-admin3
closed
1 month ago
5
pynschon - Missing check for token price in `Edition::mintBatch`
#373
sherlock-admin4
closed
1 month ago
0
pynschon - Reuse of `msg.value` in `Edition::mintBatch` for loop.
#372
sherlock-admin3
closed
1 month ago
0
AllTooWell - `createEdition` can be front run to get control of the publish of work of edition and steal mint fee
#371
sherlock-admin4
closed
1 month ago
0
ArsenLupin - During the collectMintFee the collection referrer doesn't receive any fees.
#370
sherlock-admin3
closed
1 month ago
5
ZdravkoHr. - `TitlesGraph` signatures are replayable because of a compact signature vulnerability
#369
sherlock-admin4
closed
1 month ago
15
pynschon - Tokens can be minted for free when funds are trapped in `FeeManagers` contract.
#368
sherlock-admin3
closed
1 month ago
0
alexzoid - Misuse of Signature for Edge Status Changes
#367
sherlock-admin4
closed
1 month ago
5
funkornaut - `FeeManager::_buildSharesAndTargets` could casue a DoS
#366
sherlock-admin3
closed
1 month ago
0
BengalCatBalu - Malicious minter can steal all funds from Edition.sol due to a lack of data validation in the _collectMintFee function
#365
sherlock-admin4
closed
1 month ago
0
CodeWasp - `Edition.mintBatch(address[], ...)` has disproportionally low mint fee
#364
sherlock-admin3
closed
1 month ago
7
Previous
Next