-
Notifications
You must be signed in to change notification settings - Fork 0
Issues: sherlock-audit/2024-10-ethos-network-judging
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
ParthMandale - pausableUpgradable from oppenzeppline must be used.
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#320
opened Nov 4, 2024 by
sherlock-admin4
sakibcy - Anybody can register their address with a particular The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
profileId
Sponsor Confirmed
#319
opened Nov 4, 2024 by
sherlock-admin3
durov - Review authors should be able to archive and restore reviews from any address that belongs to the profile
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#318
opened Nov 4, 2024 by
sherlock-admin2
John_Femi - Some Users may get less invites than other after setDefaultNumberOfInvites is called
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#317
opened Nov 4, 2024 by
sherlock-admin4
ParthMandale - The incorrect address is removed in _deleteAddressAtIndexFromArray()
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#316
opened Nov 4, 2024 by
sherlock-admin3
bareli - use safetransfer instead of transfer
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#315
opened Nov 4, 2024 by
sherlock-admin2
ajayss - User may have his transfer failed when paying price for review
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#313
opened Nov 4, 2024 by
sherlock-admin3
ajayss - User will get same hash when attestation details are modified slightly
#312
opened Nov 4, 2024 by
sherlock-admin2
John_Femi - Potential Hash Collision will cause overwrite of attestation
#311
opened Nov 4, 2024 by
sherlock-admin4
PNS - The incorrect counting of profile addresses wrongly limits their total number
Sponsor Disputed
The sponsor disputed this issue's validity
Will Fix
The sponsor confirmed this issue will be fixed
#310
opened Nov 4, 2024 by
sherlock-admin3
noromeb - a re-registred address will count double in the sum of checkMaxAddresses
#308
opened Nov 4, 2024 by
sherlock-admin3
PNS - Re-registering an address does not remove it from the compromised list
#307
opened Nov 4, 2024 by
sherlock-admin2
Albort - There’s an error in the _deleteAddressAtIndexFromArray function
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#306
opened Nov 4, 2024 by
sherlock-admin4
0xBhumii - Unauthorized The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
Attestations
Allowed for Archived Profiles in EthosAttestation
Contract
Sponsor Confirmed
#305
opened Nov 4, 2024 by
sherlock-admin3
LeFy - Attestation Reviews does not properly handle the case when attestation ownership has changed
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#304
opened Nov 4, 2024 by
sherlock-admin2
056Security - The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
attestationById
does not get updated when attestations are claimed in EthosAttestation
Sponsor Confirmed
#303
opened Nov 4, 2024 by
sherlock-admin4
Darinrikusham - There is no restriction on the number of invitees in the param in bulkInviteAddresses function in EthosProfile contract which could lead to out of bound gas issue.
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#302
opened Nov 4, 2024 by
sherlock-admin3
PNS - A compromised address does not lose any ability to perform actions on behalf of the profile
#301
opened Nov 4, 2024 by
sherlock-admin2
smbv-1923 - Wrong address gets deleted in
_deleteAddressAtIndexFromArray()
#299
opened Nov 4, 2024 by
sherlock-admin3
Darinrikusham - Signature entered in createAttestation function in EthosAttestation contract could lead to anyone using signature for malicious purpose for other profileId
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Won't Fix
The sponsor confirmed this issue will not be fixed
#298
opened Nov 4, 2024 by
sherlock-admin2
PNS - An incorrectly identified author will not be able to archive or restore reviews
Sponsor Confirmed
The sponsor acknowledged this issue is valid
Will Fix
The sponsor confirmed this issue will be fixed
#295
opened Nov 4, 2024 by
sherlock-admin2
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.