Skip to content

Issues: sherlock-audit/2024-11-hats-protocol-judging

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

57 Open 3 Closed
57 Open 3 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Albort - it uses invalid “transient” variables causing logic errors.
#60 opened Nov 23, 2024 by sherlock-admin2
Taiger4526 - Potential Underflow Risk in checkTransaction Due to safe.nonce() - 1
#59 opened Nov 23, 2024 by sherlock-admin3
0xlookman - A malicious user can prevent a signer from registering with a desired hat
#58 opened Nov 23, 2024 by sherlock-admin4
Albort - {actor} will {impact} {affected party}
#57 opened Nov 23, 2024 by sherlock-admin2
Chupinexx - Single hatId Assigned to Multiple Wearers Enables Governance Manipulation
#56 opened Nov 23, 2024 by sherlock-admin3
Taiger4526 - _countValidSignatures Fails if signatureSplit Method is Not Implemented
#55 opened Nov 23, 2024 by sherlock-admin4
Taiger4526 - _countValidSignatures Allows Duplicate Signatures, Leading to Incorrect Signature Count
#54 opened Nov 23, 2024 by sherlock-admin2
Albort - Logical Error in migrateToNewHSG Function
#53 opened Nov 23, 2024 by sherlock-admin3
0x3adeade - Signers can frontrun Safe.exectransaction() when using delegatecalls to make it Revert.
#52 opened Nov 23, 2024 by sherlock-admin4
dobrevaleri - Threshold of existing Safe, could cause transaction failures
#51 opened Nov 23, 2024 by sherlock-admin2
0xKann - Lack of Dynamic Threshold Adjustment for New Signers
#49 opened Nov 23, 2024 by sherlock-admin3
Taiger4526 - An Attacker Can Arbitrarily Remove Safe Signers via removeSigner Method
#48 opened Nov 23, 2024 by sherlock-admin4
0xKann - Ownership and Threshold Management Issue when First Signer Joins
#47 opened Nov 23, 2024 by sherlock-admin2
Taiger4526 - An Attacker Can Register New Hats for Arbitrary Signers to Abuse Safe Signatures
#46 opened Nov 23, 2024 by sherlock-admin3
parzival - Old signers and HSG can remove new signers and HSG, hijacking the safe wallet
#45 opened Nov 23, 2024 by sherlock-admin4
Chupinexx - Threshold Violation When Removing a Signer
#44 opened Nov 23, 2024 by sherlock-admin2
0x3adeade - High Number of signers can make the Safe unusable.
#41 opened Nov 23, 2024 by sherlock-admin2
0xKann - Vulnerability in Threshold Manipulation via Signer Reregistration
#40 opened Nov 23, 2024 by sherlock-admin3
4th05 - Cross-chain replay attack vulnerability
#39 opened Nov 23, 2024 by sherlock-admin2
0xKann - Deployment of Malicious Safe Contracts During Hat Setup
#38 opened Nov 23, 2024 by sherlock-admin4
mgf15 - removeSigner function need an access control
#37 opened Nov 23, 2024 by sherlock-admin3
atsich - The _removeSigner function lacks validation to ensure that the signer being removed has no active responsibilities or critical roles in the system.
#36 opened Nov 23, 2024 by sherlock-admin2
pepocpeter - Attacker will Disrupt Batch Signer Registration through Front-running
#35 opened Nov 23, 2024 by sherlock-admin4
Ragnarok - DoS Attack by Malicious Signer in HatsSignerGate
#34 opened Nov 23, 2024 by sherlock-admin3
Ragnarok - Gas Limit exceeded due to Unbounded Array in HatsSignerGate::_removeSigner
#33 opened Nov 23, 2024 by sherlock-admin2
ProTip! Updated in the last three days: updated:>2025-01-12.