LSD Network - Stakehouse contest - hl_'s results

A permissionless 3 pool liquid staking solution for Ethereum.

General Information

Platform: Code4rena

Start Date: 11/11/2022

Pot Size: $90,500 USDC

Total HM: 52

Participants: 92

Period: 7 days

Judge: LSDan

Total Solo HM: 20

Id: 182

League: ETH

Stakehouse Protocol

Findings Distribution

Researcher Performance

Rank: 80/92

Findings: 1

Award: $52.03

QA:

grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest Page Github Contest Repository Github Findings Repository Stakehouse Protocol

Findings Information

🌟 Selected for report: 0xSmartContract

Also found by: 0x4non, 0xNazgul, 0xRoxas, 0xdeadbeef0x, 0xmuxyz, 9svR6w, Awesome, Aymen0909, B2, Bnke0x0, CloudX, Deivitto, Diana, Franfran, IllIllI, Josiah, RaymondFam, ReyAdmirado, Rolezn, Sathish9098, Secureverse, SmartSek, Trust, Udsen, a12jmx, aphak5010, brgltd, bulej93, c3phas, ch0bu, chaduke, chrisdior4, clems4ever, cryptostellar5, datapunk, delfin454000, fs0c, gogo, gz627, hl_, immeas, joestakey, lukris02, martin, nogo, oyc_109, pashov, pavankv, peanuts, pedr02b2, rbserver, rotcivegaf, sahar, sakman, shark, tnevler, trustindistrust, zaskoh, zgo

Awards

52.0338 USDC - $52.03

Labels

bug

grade-b

QA (Quality Assurance)

Q-02

External Links

Link to GitHub issue

[N-01] Non-library/interface files should use fixed compiler versions, not floating ones.
[N-02] Avoid the use of sensitive terms in favour of neutral ones
[L-01] Open Todos
[L-02] _safemint() should be used rather than _mint() whereever possible

[N-01] Non-library/interface files should use fixed compiler versions, not floating ones.

For example:

https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/liquid-staking/GiantLP.sol#L1

[N-02] Avoid the use of sensitive terms in favour of neutral ones

Use allowlist rather than whitelist

For example:

https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/liquid-staking/LiquidStakingManager.sol#L267

[L-01] Open Todos

Code architecture, incentives, and error handling/reporting questions/issues should be resolved before deployment

https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/syndicate/Syndicate.sol#L195

[L-02] _safemint() should be used rather than _mint() whereever possible

https://github.com/code-423n4/2022-11-stakehouse/blob/4b6828e9c807f2f7c569e6d721ca1289f7cf7112/contracts/liquid-staking/GiantLP.sol#L29

#0 - c4-judge
2022-11-29T15:09:52Z

dmvt marked the issue as grade-b

LSD Network - Stakehouse contest - hl_'s results

A permissionless 3 pool liquid staking solution for Ethereum.

General Information

Findings Distribution

Researcher Performance

External Links

[Q-02] QA Report - $52.03

Findings Information

Awards

Labels

External Links

TABLE OF CONTENTS

[N-01] Non-library/interface files should use fixed compiler versions, not floating ones.

[N-02] Avoid the use of sensitive terms in favour of neutral ones

[L-01] Open Todos

[L-02] _safemint() should be used rather than _mint() whereever possible

#0 - c4-judge2022-11-29T15:09:52Z

#0 - c4-judge
2022-11-29T15:09:52Z