issues
search
sherlock-audit
/
2024-10-ethos-network-judging
0
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Scrawny Neon Python - `_doesReplyExist` Should call at first on `editReply` function of `EthosDiscussion`
#337
sherlock-admin4
closed
1 week ago
0
Dry Yellow Canary - AccessControlEnumerable will have storage collisions with UUPS
#336
sherlock-admin2
closed
1 week ago
0
Scrawny Neon Python - `archiveAttestation` should revert if already archived
#335
sherlock-admin3
closed
1 week ago
0
Jovial Tan Donkey - Wrong storage of removed addresses in EthosProfile causes confusion.
#334
sherlock-admin4
closed
1 week ago
1
Jovial Tan Donkey - Wrong storage of Reply in EthosDiscussion.sol
#333
sherlock-admin2
closed
1 week ago
0
Acrobatic Burlap Lizard - ContractAddressManager:getContractAddressForName() should revert if contract is not found
#332
sherlock-admin3
closed
1 week ago
0
Acrobatic Burlap Lizard - Function `targetExistsAndAllowedForId()` returns unnecessary the same doubled values
#331
sherlock-admin4
closed
1 week ago
0
Acrobatic Burlap Lizard - Function `EthosProfile:bulkInviteAddresses()`wastes a lot of gas
#330
sherlock-admin2
closed
1 week ago
0
Acrobatic Burlap Lizard - Hardcoded values could lead to errors
#329
sherlock-admin3
closed
1 week ago
0
Acrobatic Burlap Lizard - Value in InteractionControl.sol:removeControlledContractName() can be calculated before to save gas
#328
sherlock-admin4
closed
1 week ago
0
Acrobatic Burlap Lizard - Upgrade to Solidity 0.8.28
#327
sherlock-admin2
closed
1 week ago
0
Acrobatic Burlap Lizard - Contract Common.sol should be a library
#326
sherlock-admin3
closed
1 week ago
0
Acrobatic Burlap Lizard - Argument `randValue` of EthosAttestation.sol:createAttestation() is useless
#325
sherlock-admin4
closed
1 week ago
0
Acrobatic Burlap Lizard - Argument `uint256 profileId ` of EthosAttestation.sol:createAttestation() is useless
#324
sherlock-admin2
closed
1 week ago
0
Soft Tangerine Kitten - Unnecessary internal function call in 'modifyVote' function costs gas inefficiency
#323
sherlock-admin3
closed
1 week ago
0
Puny Obsidian Beaver - Incorrect `revert` parameter may lead to confusions
#322
sherlock-admin4
closed
1 week ago
0
Little Mandarin Chameleon - Non-upgradeable contracts inherited
#321
sherlock-admin2
closed
1 week ago
0
Melodic Peanut Anteater - pausableUpgradable from oppenzeppline must be used.
#320
sherlock-admin4
opened
1 week ago
0
Scrawny Neon Python - Anybody can register their address with a particular `profileId`
#319
sherlock-admin3
opened
1 week ago
1
Basic Pebble Haddock - Review authors should be able to archive and restore reviews from any address that belongs to the profile
#318
sherlock-admin2
opened
1 week ago
0
Precise Sapphire Mole - Some Users may get less invites than other after setDefaultNumberOfInvites is called
#317
sherlock-admin4
opened
1 week ago
0
Melodic Peanut Anteater - The incorrect address is removed in _deleteAddressAtIndexFromArray()
#316
sherlock-admin3
opened
1 week ago
0
Large Amber Camel - use safetransfer instead of transfer
#315
sherlock-admin2
opened
1 week ago
0
Electric Satin Koala - EthosProfile which contains multiple address cannot work with `archiveReview() and `restoreReview()`
#314
sherlock-admin4
opened
1 week ago
0
Dry Yellow Canary - User may have his transfer failed when paying price for review
#313
sherlock-admin3
opened
1 week ago
0
Dry Yellow Canary - User will get same hash when attestation details are modified slightly
#312
sherlock-admin2
opened
1 week ago
0
Precise Sapphire Mole - Potential Hash Collision will cause overwrite of attestation
#311
sherlock-admin4
opened
1 week ago
0
Passive Mahogany Porpoise - The incorrect counting of profile addresses wrongly limits their total number
#310
sherlock-admin3
opened
1 week ago
1
Bumpy Taupe Lobster - Anyone with a profile will have unlimited number of invites and can swing votes in their favor
#309
sherlock-admin4
closed
1 week ago
0
Jovial Chambray Sparrow - a re-registred address will count double in the sum of checkMaxAddresses
#308
sherlock-admin3
opened
1 week ago
0
Passive Mahogany Porpoise - Re-registering an address does not remove it from the compromised list
#307
sherlock-admin2
opened
1 week ago
0
Main Watermelon Octopus - There’s an error in the _deleteAddressAtIndexFromArray function
#306
sherlock-admin4
opened
1 week ago
1
Silly Grape Bear - Unauthorized `Attestations` Allowed for Archived Profiles in `EthosAttestation` Contract
#305
sherlock-admin3
opened
1 week ago
0
Proud Frost Alligator - Attestation Reviews does not properly handle the case when attestation ownership has changed
#304
sherlock-admin2
opened
1 week ago
0
Digital Umber Mustang - `attestationById` does not get updated when attestations are claimed in `EthosAttestation`
#303
sherlock-admin4
opened
1 week ago
0
Tart Coral Jay - There is no restriction on the number of invitees in the param in bulkInviteAddresses function in EthosProfile contract which could lead to out of bound gas issue.
#302
sherlock-admin3
opened
1 week ago
0
Passive Mahogany Porpoise - A compromised address does not lose any ability to perform actions on behalf of the profile
#301
sherlock-admin2
opened
1 week ago
0
Quaint Nylon Caterpillar - When a mock address is registered to another user, it loses its reviews, votes, and comments
#300
sherlock-admin4
opened
1 week ago
0
Electric Satin Koala - Wrong address gets deleted in `_deleteAddressAtIndexFromArray()`
#299
sherlock-admin3
opened
1 week ago
0
Tart Coral Jay - Signature entered in createAttestation function in EthosAttestation contract could lead to anyone using signature for malicious purpose for other profileId
#298
sherlock-admin2
opened
1 week ago
0
Proud Frost Alligator - Lack of proper validations in EthosDiscussion.sol lets a compromised address to add malicious replys on user's behalf
#297
sherlock-admin4
opened
1 week ago
0
Expert Ruby Yeti - Upgrades might cause storage collision
#296
sherlock-admin3
opened
1 week ago
0
Passive Mahogany Porpoise - An incorrectly identified author will not be able to archive or restore reviews
#295
sherlock-admin2
opened
1 week ago
1
Silly Grape Bear - Use of `transfe`r Instead of `safeTransfer` in `EthosReview` Contract can cause problems in some cases
#294
sherlock-admin4
opened
1 week ago
0
Tart Coral Jay - Hash collision due to use of abi.encodePacked() in registerAddress function will cause anyone to use signature for different profileId then the one it is signed for
#293
sherlock-admin3
opened
1 week ago
0
Basic Pebble Haddock - Compromised accounts can use the profile freely
#292
sherlock-admin2
opened
1 week ago
0
Tame Burlap Loris - _deleteAddressAtIndexFromArray() is broken
#291
sherlock-admin4
opened
1 week ago
0
Jovial Chambray Sparrow - self review is possible if a user review an attestation before claiming it .
#290
sherlock-admin3
opened
1 week ago
0
Future Merlot Cobra - `replyCount` starts at zero will create data inconsistency across Ethos Network
#289
sherlock-admin2
opened
1 week ago
0
Proud Frost Alligator - Lack of delete or compromised functionality for attestations can be exploited
#288
sherlock-admin4
opened
1 week ago
0
Next