Skip to content
This repository has been archived by the owner on Jun 11, 2023. It is now read-only.

Issues: sherlock-audit/2023-02-hats-judging

Clear current search query, filters, and sorts
9 Open 20 Closed
9 Open 20 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

roguereddwarf - HatsSignerGateBase: valid signer threshold can be bypassed because HSG checks signatures differently from Safe which allows exploitation Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#50 opened Mar 9, 2023 by sherlock-admin updated Apr 13, 2023
3
obront - Signers can brick safe by adding unlimited additional signers while avoiding checks Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#48 opened Mar 9, 2023 by sherlock-admin updated Apr 13, 2023
3
obront - Other module can add owners to safe that push us above maxSigners, bricking safe Escalation Resolved This issue's escalations have been approved/rejected Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#46 opened Mar 9, 2023 by sherlock-admin updated Apr 13, 2023
8
obront - If another module adds a module, the safe will be bricked Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#42 opened Mar 9, 2023 by sherlock-admin updated Apr 13, 2023
4
obront - Safe can be bricked because threshold is updated with validSignerCount instead of newThreshold Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#37 opened Mar 9, 2023 by sherlock-admin updated Apr 13, 2023
2
obront - Unlinked tophat retains linkedTreeRequests, can be rugged Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability Hats.sol High A valid High severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#35 opened Mar 9, 2023 by sherlock-admin updated Apr 13, 2023
2
obront - Signers can bypass checks to add new modules to a safe by abusing reentrancy Escalation Resolved This issue's escalations have been approved/rejected Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#41 opened Mar 9, 2023 by sherlock-admin updated Apr 14, 2023
7
obront - Signers can bypass checks and change threshold within a transaction Changes Requested Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#52 opened Mar 9, 2023 by sherlock-admin updated May 2, 2023
7
roguereddwarf - HatsSignerGate + MultiHatsSignerGate: more than maxSignatures can be claimed which leads to DOS in reconcileSignerCount Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Fix Approved High A valid High severity issue HSG Reward A payout will be made for this issue Will Fix The sponsor confirmed this issue will be fixed
#51 opened Mar 9, 2023 by sherlock-admin updated May 3, 2023
5
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.