Payouts
1st Places
3rd Places
Top 10
All
Sherlock
Code4rena
Jul '24
Mar '24
high
Taiko L1 - Proposer can maliciously cause loss of funds by forcing someone else to pay prover's fee
high
Validity and contests bond ca be incorrectly burned for the correct and ultimately verified transition
high
Gas issuance is inflated and will halt the chain or lead to incorrect base fee
medium
First block proposer check in the `LibProposing._isProposerPermitted` function is errorneous
medium
Bridge watcher can forge arbitrary message and drain bridge
medium
A recalled ERC20 bridge transfer can lock tokens in the bridge
Feb '24
high
Epoch is not incremented when withdrawing from EigenLayer
medium
Users can circumvent slashing penalties by front-running EigenLayer updates
medium
Slashing penalty is unfairly paid by a subset of users if a deficit is accumulated.
medium
Incorrect calculation of available shares lead to locked funds
medium
ETH withdrawers do not earn yield while waiting for a withdrawal
Jan '24
Nov '23
Apr '23
Mar '23
Feb '23
high
Protection buyers can exploit renewal functionality to enable and disable protection and as a result pay much less premium
high
Protection buyers can receive protection during their final payment period without paying for it
high
Anybody can front-run accruePremium..() and receive rewards as if they had provided protection since last accrual
high
withdrawlRequests and totalSTokenRequested are not updated when sTokens are transferred
medium
Buyers of protection can be protected in the first 90 days without paying a premium