Hats contracts

Contract name
Link
Modification
HATVaults
​https://etherscan.io/address/0x571f39d351513146248AcafA9D0509319A327C4D
​
Immutable
HATToken
​https://etherscan.io/address/0x685D939C8FE6CCe02f3C7Cbc37d024E99570812c​
Immutable
TokenLockFactory
​https://etherscan.io/address/0x2c7dAec5B1C6157C2b37B2505d5D57d6D075E39E
​
Upgradable by Hats governance 
HATTimelockController
​https://etherscan.io/address/0xFd4255F16378306CA83E37015Df01a1700DAc296
Immutable
Owners can be changed with the default timelock (3 weeks)
Oracles
Hats protocol does not rely on oracles. Vault token value are displayed for better UX only.
Front run attacks mitigation
Hats deposits have a withdrawal request period (currently set to 7 days) which prevent the depositors from front running the bounty payout function call. In addition to that the pendingApprovalClaim function that pauses the withdrawals in order to pay a bounty can be called only in a safety period(1 hour twice a day) a period where withdrawals are disabled. So even a depositor that have an active withdrawal request cant frontrun the bounty payout. 
Timelock
Timelocks are handled by HATTimelockController contract that is based on openzeppelin-solidity/contracts/governance/TimelockController.sol default timeout is set to 3 weeks.
Flashloans
Hats functions are not susceptible to flashloans. Hats vaults swapBurnSend function can only be called by governance therefore it is not susceptible to price manipulation attack.
Pause controls
Hats contracts don't have pause controls. Hats vaults withdrawals cannot be stoped only deposits can be paused by Hats governance.
​

General - Previous

Next - CTF

FAQ

Last modified 5mo ago

Copy link