sherlock-audit 2024-06-allora-judging issues

sherlock-audit / 2024-06-allora-judging

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

imsrybr0 - Anyone can override reputers and worker nodes information by using the same LibP2PKey

#37 sherlock-admin3 closed 4 months ago
2
0xsi - Insufficient Error Handling in Sorting Functions in `math/utils.go`

#36 sherlock-admin2 closed 4 months ago
1
0xsi - Inadequate Error Handling in CLI Commands in `cmd/commands.go`

#35 sherlock-admin4 closed 4 months ago
1
0xsi - Lack of Validation for `appOpts` Type in `cmd/commands.go`

#34 sherlock-admin3 closed 4 months ago
1
0xsi - Lack of Validation in Encoding and Decoding in `math/collections.go`

#33 sherlock-admin2 closed 4 months ago
1
0xsi - Potential for Uncontrolled Resource Consumption in `topics_handler.go`

#32 sherlock-admin4 closed 3 months ago
8
0xsi - Lack of Error Handling in Goroutines in `topics_handler.go`

#31 sherlock-admin3 closed 3 months ago
3
imsrybr0 - SetDelegateStakePlacement error is not handled in RewardDelegateStake

#30 sherlock-admin2 opened 4 months ago
2
volodya - compilation error due to using resesrved word as a name

#29 sherlock-admin4 closed 3 months ago
3
Lambda - Malicious peer can cause a syncing node to panic during blocksync

#28 sherlock-admin3 opened 4 months ago
1
Lambda - Standard deviation calculation is biased

#27 sherlock-admin2 opened 4 months ago
1
volodya - incorrect condition for the iterative update of Equation 34

#26 sherlock-admin4 opened 4 months ago
1
volodya - represents the total fee revenue collected by topic t over the preceding week

#25 sherlock-admin2 closed 4 months ago
1
volodya - errors are not being handled which can lead to executing code with errors(silencing them) or a halt chain due to panic

#24 sherlock-admin4 closed 3 months ago
8
volodya - Iteration over map is non-deterministic and could cause issues in consensus-critical code

#23 sherlock-admin3 closed 4 months ago
2
defsec - Silent Failure in MustNewDecFromString Can Lead to Node Crashes

#22 sherlock-admin2 opened 4 months ago
1
Kow - Adversary can arbitrarily trigger a chain halt by sending `MsgRemove{Delegate}Stake` with negative amount

#21 sherlock-admin4 opened 4 months ago
2
volodya - incorrect default genesis state in emission module

#20 sherlock-admin3 closed 3 months ago
7
defsec - Inconsistent BlocksPerMonth Calculation with Actual Block Time

#19 sherlock-admin2 closed 4 months ago
3
defsec - Inconsistency in Stake Removal Delay Calculation

#18 sherlock-admin4 closed 4 months ago
2
imsrybr0 - Attacker can permanently DoS the chain by queuing a stake removal or a delegate stake removal with a negative amount

#17 sherlock-admin3 closed 4 months ago
2
volodya - The formula for forecast normalization differs from the one in the whitepaper.

#16 sherlock-admin2 opened 4 months ago
3
volodya - The default value of epsilon differs from what is stated in the whitepaper

#15 sherlock-admin4 opened 4 months ago
1
volodya - Not appropriate Inferences will be used when calculating the forecast

#14 sherlock-admin3 opened 4 months ago
2
defsec - Unchecked Error in ResetChurnableTopics Function

#13 sherlock-admin2 opened 4 months ago
1
volodya - forecast-implied inferences can be set to any value due to ForecastElements is not filtered by duplicate.

#12 sherlock-admin4 opened 4 months ago
2
volodya - anybody can halt chain in `nsertBulkWorkerPayload`

#11 sherlock-admin3 closed 3 months ago
9
defsec - Weak random number generation in SortTopicsByWeightDescWithRandomTiebreaker function

#10 sherlock-admin2 closed 4 months ago
1
defsec - RegisterLegacyAminoCodec is not implemented in AppModule

#9 sherlock-admin4 closed 4 months ago
1
0xsi - Concurrency Issues with Goroutines in `topics_handler.go`

#8 sherlock-admin3 closed 4 months ago
2
0xsi - Insufficient Address Verification in `config.go`

#7 sherlock-admin2 closed 4 months ago
1
0xsi - Panic on Denomination Registration Failure in `config.go`

#6 sherlock-admin4 closed 4 months ago
1
0xsi - Potential Arbitrary Code Execution in `api.go`

#5 sherlock-admin3 closed 4 months ago
2
volodya - topic's funds is being used twice when activating a topic

#4 sherlock-admin2 closed 4 months ago
2
defsec - Non-Determinism in GetAndUpdateActiveTopicWeights Function

#3 sherlock-admin4 closed 4 months ago
2
defsec - Lack of Authentication in OnRecvPacket

#2 sherlock-admin3 opened 4 months ago
2
defsec - Topic Activation Failure Due to Unhandled Error

#1 sherlock-admin2 closed 3 months ago
7