Skip to content
This repository has been archived by the owner on Jun 11, 2023. It is now read-only.

Issues: sherlock-audit/2023-02-hats-judging

Clear current search query, filters, and sorts
16 Open 13 Closed
16 Open 13 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

minhtrng - Owners can be swapped even though they still wear their signer hats Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#118 opened Mar 9, 2023 by sherlock-admin
2
cducrest-brainbot - Usage of HSG for existing safe can brick safe Fix Approved HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#93 opened Mar 9, 2023 by sherlock-admin
5
Allarious - [Medium][Outdated State] _removeSigner incorrectly updates signerCount and safe threshold Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#79 opened Mar 9, 2023 by sherlock-admin
3
obront - Signers can bypass checks and change threshold within a transaction Changes Requested Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Won't Fix The sponsor confirmed this issue will not be fixed
#52 opened Mar 9, 2023 by sherlock-admin
7
roguereddwarf - HatsSignerGate + MultiHatsSignerGate: more than maxSignatures can be claimed which leads to DOS in reconcileSignerCount Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label Fix Approved High A valid High severity issue HSG Reward A payout will be made for this issue Will Fix The sponsor confirmed this issue will be fixed
#51 opened Mar 9, 2023 by sherlock-admin
5
roguereddwarf - HatsSignerGateBase: valid signer threshold can be bypassed because HSG checks signatures differently from Safe which allows exploitation Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#50 opened Mar 9, 2023 by sherlock-admin
3
obront - Signers can brick safe by adding unlimited additional signers while avoiding checks Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#48 opened Mar 9, 2023 by sherlock-admin
3
obront - Other module can add owners to safe that push us above maxSigners, bricking safe Escalation Resolved This issue's escalations have been approved/rejected Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#46 opened Mar 9, 2023 by sherlock-admin
8
obront - Safe threshold can be set above target threshold, causing transactions to revert Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#44 opened Mar 9, 2023 by sherlock-admin
2
obront - If signer gate is deployed to safe with more than 5 existing modules, safe will be bricked Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#43 opened Mar 9, 2023 by sherlock-admin
4
obront - If another module adds a module, the safe will be bricked Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#42 opened Mar 9, 2023 by sherlock-admin
4
obront - Signers can bypass checks to add new modules to a safe by abusing reentrancy Escalation Resolved This issue's escalations have been approved/rejected Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#41 opened Mar 9, 2023 by sherlock-admin
7
obront - If a hat is owned by address(0), phony signatures will be accepted by the safe Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#39 opened Mar 9, 2023 by sherlock-admin
3
obront - Swap Signer fails if final owner is invalid due to off by one error in loop Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#38 opened Mar 9, 2023 by sherlock-admin
2
obront - Safe can be bricked because threshold is updated with validSignerCount instead of newThreshold Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability High A valid High severity issue HSG Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#37 opened Mar 9, 2023 by sherlock-admin
2
obront - targetThreshold can be set below minThreshold, violating important invariant Fix Approved Has Duplicates A valid issue with 1+ other issues describing the same vulnerability HSG Medium A valid Medium severity issue Reward A payout will be made for this issue Sponsor Confirmed The sponsor acknowledged this issue is valid Will Fix The sponsor confirmed this issue will be fixed
#36 opened Mar 9, 2023 by sherlock-admin
2
ProTip! Add no:assignee to see everything that’s not assigned.