Payouts
1st Places
Top 10
Top 25
All
Code4rena
Dec '22
high
MinipoolManager: node operator can avoid being slashed
high
Hijacking of node operators minipool causes loss of staked funds
high
ProtocolDAO lacks a method to take out GGP
medium
NodeOp can get rewards even if there was an error in registering the node as a validator
medium
slashing fails when node operator doesn't have enough staked `GGP`
medium
NodeOp funds may be trapped by a invalid state transition
high
Reentrancy in buy function for ERC777 tokens allows buying funds with considerable discount
high
First depositor can break minting of shares
medium
Price will not always be 18 decimals, as expected and outlined in the comments
medium
Missing deadline checks allow pending transactions to be maliciously executed