Skip to content

Issues: sherlock-audit/2024-11-hats-protocol-judging

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

57 Open 3 Closed
57 Open 3 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Uneven Pine Sheep - it uses invalid “transient” variables causing logic errors.
#60 opened Nov 23, 2024 by sherlock-admin2
Dizzy Tan Parakeet - Potential Underflow Risk in checkTransaction Due to safe.nonce() - 1
#59 opened Nov 23, 2024 by sherlock-admin3
Daring Currant Griffin - A malicious user can prevent a signer from registering with a desired hat
#58 opened Nov 23, 2024 by sherlock-admin4
Uneven Pine Sheep - {actor} will {impact} {affected party}
#57 opened Nov 23, 2024 by sherlock-admin2
Joyous Cobalt Chameleon - Single hatId Assigned to Multiple Wearers Enables Governance Manipulation
#56 opened Nov 23, 2024 by sherlock-admin3
Dizzy Tan Parakeet - _countValidSignatures Fails if signatureSplit Method is Not Implemented
#55 opened Nov 23, 2024 by sherlock-admin4
Dizzy Tan Parakeet - _countValidSignatures Allows Duplicate Signatures, Leading to Incorrect Signature Count
#54 opened Nov 23, 2024 by sherlock-admin2
Uneven Pine Sheep - Logical Error in migrateToNewHSG Function
#53 opened Nov 23, 2024 by sherlock-admin3
Joyful Gingham Tarantula - Signers can frontrun Safe.exectransaction() when using delegatecalls to make it Revert.
#52 opened Nov 23, 2024 by sherlock-admin4
Merry Marigold Ferret - Threshold of existing Safe, could cause transaction failures
#51 opened Nov 23, 2024 by sherlock-admin2
Puny Grey Seal - Lack of Dynamic Threshold Adjustment for New Signers
#49 opened Nov 23, 2024 by sherlock-admin3
Dizzy Tan Parakeet - An Attacker Can Arbitrarily Remove Safe Signers via removeSigner Method
#48 opened Nov 23, 2024 by sherlock-admin4
Puny Grey Seal - Ownership and Threshold Management Issue when First Signer Joins
#47 opened Nov 23, 2024 by sherlock-admin2
Dizzy Tan Parakeet - An Attacker Can Register New Hats for Arbitrary Signers to Abuse Safe Signatures
#46 opened Nov 23, 2024 by sherlock-admin3
Docile Yellow Dachshund - Old signers and HSG can remove new signers and HSG, hijacking the safe wallet
#45 opened Nov 23, 2024 by sherlock-admin4
Joyous Cobalt Chameleon - Threshold Violation When Removing a Signer
#44 opened Nov 23, 2024 by sherlock-admin2
Joyful Gingham Tarantula - High Number of signers can make the Safe unusable.
#41 opened Nov 23, 2024 by sherlock-admin2
Puny Grey Seal - Vulnerability in Threshold Manipulation via Signer Reregistration
#40 opened Nov 23, 2024 by sherlock-admin3
Flat Watermelon Terrier - Cross-chain replay attack vulnerability
#39 opened Nov 23, 2024 by sherlock-admin2
Puny Grey Seal - Deployment of Malicious Safe Contracts During Hat Setup
#38 opened Nov 23, 2024 by sherlock-admin4
Elegant Caramel Elephant - removeSigner function need an access control
#37 opened Nov 23, 2024 by sherlock-admin3
Jolly Malachite Anteater - The _removeSigner function lacks validation to ensure that the signer being removed has no active responsibilities or critical roles in the system.
#36 opened Nov 23, 2024 by sherlock-admin2
Mini Navy Dachshund - Attacker will Disrupt Batch Signer Registration through Front-running
#35 opened Nov 23, 2024 by sherlock-admin4
Elegant Carbon Nightingale - DoS Attack by Malicious Signer in HatsSignerGate
#34 opened Nov 23, 2024 by sherlock-admin3
Elegant Carbon Nightingale - Gas Limit exceeded due to Unbounded Array in HatsSignerGate::_removeSigner
#33 opened Nov 23, 2024 by sherlock-admin2
ProTip! Exclude everything labeled bug with -label:bug.