Platform: Code4rena
Start Date: 11/11/2022
Pot Size: $90,500 USDC
Total HM: 52
Participants: 92
Period: 7 days
Judge: LSDan
Total Solo HM: 20
Id: 182
League: ETH
Rank: 66/92
Findings: 1
Award: $52.03
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xSmartContract
Also found by: 0x4non, 0xNazgul, 0xRoxas, 0xdeadbeef0x, 0xmuxyz, 9svR6w, Awesome, Aymen0909, B2, Bnke0x0, CloudX, Deivitto, Diana, Franfran, IllIllI, Josiah, RaymondFam, ReyAdmirado, Rolezn, Sathish9098, Secureverse, SmartSek, Trust, Udsen, a12jmx, aphak5010, brgltd, bulej93, c3phas, ch0bu, chaduke, chrisdior4, clems4ever, cryptostellar5, datapunk, delfin454000, fs0c, gogo, gz627, hl_, immeas, joestakey, lukris02, martin, nogo, oyc_109, pashov, pavankv, peanuts, pedr02b2, rbserver, rotcivegaf, sahar, sakman, shark, tnevler, trustindistrust, zaskoh, zgo
52.0338 USDC - $52.03
Emmiting events is recommended each time when a state variable's value is being changed or just some critical event for the contract has occurred. It also helps off-chain monitoring of the contract's state.
There is 1 instance of this issue:
File: contracts/syndicate/Syndicate.sol 168: function updatePriorityStakingBlock(uint256 _endBlock) external onlyOwner {
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/syndicate/Syndicate.sol
public functions not called by the contract should be declared external insteadThere are 9 instances of this issue:
File: contracts/liquid-staking/GiantMevAndFeesPool.sol 176: function totalRewardsReceived() public view override returns (uint256) {
File: contracts/liquid-staking/GiantPoolBase.sol 34: function depositETH(uint256 _amount) public payable {
File: contracts/liquid-staking/GiantSavETHVaultPool.sol 29: function batchDepositETHForStaking(
File: contracts/liquid-staking/LSDNFactory.sol 73: function deployNewLiquidStakingDerivativeNetwork(
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/liquid-staking/LSDNFactory.sol
File: contracts/liquid-staking/LiquidStakingManager.sol 514: function isKnotDeregistered(bytes calldata _blsPublicKey) public view returns (bool) {
File: contracts/liquid-staking/SavETHVault.sol 200: function withdrawETHForStaking(
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/liquid-staking/SavETHVault.sol
File: contracts/liquid-staking/StakingFundsVault.sol 239: function withdrawETH(address _wallet, uint256 _amount) public onlyManager nonReentrant returns (uint256) {
File: contracts/syndicate/Syndicate.sol 458: function calculateNewAccumulatedETHPerCollateralizedSharePerKnot() public view returns (uint256) {
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/syndicate/Syndicate.sol
File: contracts/syndicate/SyndicateFactory.sol 21: function deploySyndicate(
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/syndicate/SyndicateFactory.sol
receive()/fallback() functionsThere are 2 instances of this issue:
File: contracts/liquid-staking/LiquidStakingManager.sol 629: receive() external payable {}
File: contracts/liquid-staking/SyndicateRewardsProcessor.sol 98: receive() external payable {}
There are 18 instances of this issue:
File: contracts/liquid-staking/ETHPoolLPFactory.sol 3: pragma solidity ^0.8.13;
File: contracts/liquid-staking/GiantLP.sol 1: pragma solidity ^0.8.13;
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/liquid-staking/GiantLP.sol
File: contracts/liquid-staking/GiantMevAndFeesPool.sol 1: pragma solidity ^0.8.13;
File: contracts/liquid-staking/GiantPoolBase.sol 1: pragma solidity ^0.8.13;
File: contracts/liquid-staking/GiantSavETHVaultPool.sol 1: pragma solidity ^0.8.13;
File: contracts/liquid-staking/LPToken.sol 1: pragma solidity ^0.8.13;
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/liquid-staking/LPToken.sol
File: contracts/liquid-staking/LPTokenFactory.sol 1: pragma solidity ^0.8.13;
File: contracts/liquid-staking/LSDNFactory.sol 1: pragma solidity ^0.8.13;
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/liquid-staking/LSDNFactory.sol
File: contracts/liquid-staking/LiquidStakingManager.sol 3: pragma solidity ^0.8.13;
File: contracts/liquid-staking/OptionalGatekeeperFactory.sol 3: pragma solidity ^0.8.13;
File: contracts/liquid-staking/OptionalHouseGatekeeper.sol 1: pragma solidity ^0.8.13;
File: contracts/liquid-staking/SavETHVault.sol 3: pragma solidity ^0.8.13;
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/liquid-staking/SavETHVault.sol
File: contracts/liquid-staking/SavETHVaultDeployer.sol 1: pragma solidity ^0.8.13;
File: contracts/liquid-staking/StakingFundsVault.sol 3: pragma solidity ^0.8.13;
File: contracts/liquid-staking/StakingFundsVaultDeployer.sol 3: pragma solidity ^0.8.13;
File: contracts/liquid-staking/SyndicateRewardsProcessor.sol 3: pragma solidity ^0.8.13;
File: contracts/smart-wallet/OwnableSmartWallet.sol 3: pragma solidity ^0.8.13;
File: contracts/smart-wallet/OwnableSmartWalletFactory.sol 3: pragma solidity ^0.8.13;
There are 4 instances of this issue:
File: contracts/liquid-staking/OptionalGatekeeperFactory.sol 1: // SPDX-License-Identifier: MIT
File: contracts/liquid-staking/SavETHVaultDeployer.sol 1: pragma solidity ^0.8.13;
File: contracts/liquid-staking/StakingFundsVaultDeployer.sol 1: // SPDX-License-Identifier: MIT
File: contracts/syndicate/SyndicateErrors.sol 1: pragma solidity 0.8.13;
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/syndicate/SyndicateErrors.sol
indexed fieldsThere are 12 instances of this issue:
File: contracts/liquid-staking/ETHPoolLPFactory.sol 19: event LPTokenBurnt(bytes blsPublicKeyOfKnot, address token, address depositor, uint256 amount); 22: event NewLPTokenIssued(bytes blsPublicKeyOfKnot, address token, address firstDepositor, uint256 amount); 25: event LPTokenMinted(bytes blsPublicKeyOfKnot, address token, address depositor, uint256 amount);
File: contracts/liquid-staking/GiantPoolBase.sol 19: event LPSwappedForVaultLP(address indexed vaultLPToken, address indexed sender, uint256 amount);
File: contracts/liquid-staking/GiantSavETHVaultPool.sol 16: event LPBurnedForDETH(address indexed savETHVaultLPToken, address indexed sender, uint256 amount);
File: contracts/liquid-staking/LiquidStakingManager.sol 66: event ETHWithdrawnFromSmartWallet(address indexed associatedSmartWallet, bytes blsPublicKeyOfKnot, address nodeRunner);
File: contracts/liquid-staking/SavETHVault.sol 22: event ETHWithdrawnForStaking(address withdrawalAddress, address liquidStakingManager, uint256 amount); 121: event CurrentStamp(uint256 stamp, uint256 last, bool isConditionTrue);
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/liquid-staking/SavETHVault.sol
File: contracts/liquid-staking/StakingFundsVault.sol 28: event ETHWithdrawn(address receiver, address admin, uint256 amount); 31: event ERC20Recovered(address admin, address recipient, uint256 amount);
File: contracts/liquid-staking/SyndicateRewardsProcessor.sol 12: event ETHDistributed(address indexed user, address indexed recipient, uint256 amount);
File: contracts/syndicate/Syndicate.sol 63: event ETHClaimed(bytes BLSPubKey, address indexed user, address recipient, uint256 claim, bool indexed isCollateralizedClaim);
https://github.com/code-423n4/2022-11-stakehouse/tree/main/contracts/syndicate/Syndicate.sol
#0 - c4-judge
2022-11-30T14:16:46Z
dmvt marked the issue as grade-b