Fix CI checks

contracts/OperatorRewardsCollector.sol

@@ -3,6 +3,7 @@
 
 import { Math } from "@openzeppelin/contracts/utils/math/Math.sol";
 import { AccessControlUpgradeable } from "@openzeppelin/contracts-upgradeable/access/AccessControlUpgradeable.sol";
+import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
 
 import { UtilLib } from "./library/UtilLib.sol";
 
@@ -17,7 +18,7 @@
 import { IWETH } from "./interfaces/IWETH.sol";
 import { IStaderOracle } from "../contracts/interfaces/IStaderOracle.sol";
 
-contract OperatorRewardsCollector is IOperatorRewardsCollector, AccessControlUpgradeable {
+contract OperatorRewardsCollector is IOperatorRewardsCollector, AccessControlUpgradeable, ReentrancyGuard {
     IStaderConfig public staderConfig;
 
     mapping(address => uint256) public balances;
@@ -144,19 +145,23 @@
                     balances[operator],
                     operatorLiquidation.totalAmountInEth - operatorLiquidation.totalFeeInEth
                 );
+
+                uint256 protocolFee = Math.min(operatorLiquidation.totalFeeInEth, balances[operator]);
+
+                // Effects
+                balances[operator] -= wETHDeposit;
+                balances[operator] -= protocolFee;
 
                 weth.deposit{ value: wETHDeposit }();
                 if (weth.transferFrom(address(this), operatorLiquidation.liquidator, wETHDeposit) == false)
                     revert WethTransferFailed();
-                balances[operator] -= wETHDeposit;
 
-                uint256 protocolFee = Math.min(operatorLiquidation.totalFeeInEth, balances[operator]);
                 UtilLib.sendValue(staderConfig.getStaderTreasury(), protocolFee);
 
-                balances[operator] -= protocolFee;
                 sdUtilityPool.completeLiquidation(operator);
             } else {
                 // Transfer WETH to liquidator and ETH to treasury
+                balances[operator] -= operatorLiquidation.totalAmountInEth;
                 weth.deposit{ value: operatorLiquidation.totalAmountInEth - operatorLiquidation.totalFeeInEth }();
                 if (
                     weth.transferFrom(
@@ -168,7 +173,6 @@
                 UtilLib.sendValue(staderConfig.getStaderTreasury(), operatorLiquidation.totalFeeInEth);
 
                 sdUtilityPool.completeLiquidation(operator);
-                balances[operator] -= operatorLiquidation.totalAmountInEth;
             }
         }
     }
@@ -180,10 +184,11 @@
      * @param operator The address of the operator claiming the amount.
      * @param amount The amount to be claimed.
      */
-    function _claim(address operator, uint256 amount) internal {
+    function _claim(address operator, uint256 amount) internal nonReentrant{
         uint256 maxWithdrawableInEth = withdrawableInEth(operator);
         if (amount > maxWithdrawableInEth || amount > balances[operator]) revert InsufficientBalance();
 
+        //slither-disable-next-line reentrancy-eth
         balances[operator] -= amount;
 
         // If there's an amount to send, transfer it to the operator's rewards address

contracts/PermissionedPool.sol

@@ -272,6 +272,7 @@ contract PermissionedPool is IStaderPoolBase, AccessControlUpgradeable, Reentran
     }
 
     function increasePreDepositValidatorCount(uint256 _count) internal {
+        //slither-disable-next-line reentrancy-eth
         preDepositValidatorCount += _count;
     }
 

contracts/PermissionlessNodeRegistry.sol

@@ -228,6 +228,7 @@ contract PermissionlessNodeRegistry is
         }
 
         if (frontRunValidatorsLength > 0) {
+            //slither-disable-next-line arbitrary-send-eth
             IStaderInsuranceFund(staderConfig.getStaderInsuranceFund()).depositFund{
                 value: frontRunValidatorsLength * FRONT_RUN_PENALTY
             }();
@@ -440,6 +441,7 @@ contract PermissionlessNodeRegistry is
      */
     function transferCollateralToPool(uint256 _amount) external override nonReentrant {
         UtilLib.onlyStaderContract(msg.sender, staderConfig, staderConfig.PERMISSIONLESS_POOL());
+        //slither-disable-next-line arbitrary-send-eth
         IPermissionlessPool(staderConfig.getPermissionlessPool()).receiveRemainingCollateralETH{ value: _amount }();
         emit TransferredCollateralToPool(_amount);
     }
@@ -658,6 +660,7 @@ contract PermissionlessNodeRegistry is
 
     // handle front run validator by changing their status, deactivating operator and imposing penalty
     function handleFrontRun(uint256 _validatorId) internal {
+        //slither-disable-next-line reentrancy-eth
         validatorRegistry[_validatorId].status = ValidatorStatus.FRONT_RUN;
         uint256 operatorId = validatorRegistry[_validatorId].operatorId;
         operatorStructById[operatorId].active = false;
@@ -666,9 +669,11 @@ contract PermissionlessNodeRegistry is
     // handle validator with invalid signature for 1ETH deposit
     //send back remaining ETH to operator address
     function handleInvalidSignature(uint256 _validatorId) internal {
+        //slither-disable-next-line reentrancy-eth
         validatorRegistry[_validatorId].status = ValidatorStatus.INVALID_SIGNATURE;
         uint256 operatorId = validatorRegistry[_validatorId].operatorId;
         address operatorAddress = operatorStructById[operatorId].operatorAddress;
+        //slither-disable-next-line arbitrary-send-eth
         IOperatorRewardsCollector(staderConfig.getOperatorRewardsCollector()).depositFor{
             value: (COLLATERAL_ETH - staderConfig.getPreDepositSize())
         }(operatorAddress);

contracts/PermissionlessPool.sol

@@ -257,6 +257,7 @@ contract PermissionlessPool is IStaderPoolBase, AccessControlUpgradeable, Reentr
             withdrawCredential,
             _DEPOSIT_SIZE
         );
+        //slither-disable-next-line arbitrary-send-eth
         IDepositContract(_ethDepositContract).deposit{ value: _DEPOSIT_SIZE }(
             pubkey,
             withdrawCredential,

contracts/SocializingPool.sol

@@ -83,6 +83,7 @@ contract SocializingPool is
         lastReportedRewardsData = _rewardsData;
         rewardsDataMap[_rewardsData.index] = _rewardsData;
 
+        //slither-disable-next-line arbitrary-send-eth
         IStaderStakePoolManager(staderConfig.getStakePoolManager()).receiveExecutionLayerRewards{
             value: _rewardsData.userETHRewards
         }();

contracts/StaderInsuranceFund.sol

@@ -57,6 +57,7 @@ contract StaderInsuranceFund is IStaderInsuranceFund, AccessControlUpgradeable,
         if (address(this).balance < _amount) {
             revert InSufficientBalance();
         }
+        //slither-disable-next-line arbitrary-send-eth
         IPermissionedPool(staderConfig.getPermissionedPool()).receiveInsuranceFund{ value: _amount }();
     }
 

contracts/StaderStakePoolsManager.sol

@@ -256,6 +256,7 @@ contract StaderStakePoolsManager is
             address poolAddress = IPoolUtils(poolUtils).poolAddressById(poolIdArray[i]);
             uint256 poolDepositSize = ETH_PER_NODE - IPoolUtils(poolUtils).getCollateralETH(poolIdArray[i]);
 
+            //slither-disable-next-line reentrancy-eth
             lastExcessETHDepositBlock = block.number;
             //slither-disable-next-line arbitrary-send-eth
             IStaderPoolBase(poolAddress).stakeUserETHToBeaconChain{ value: validatorToDeposit * poolDepositSize }();

contracts/VaultProxy.sol

@@ -41,7 +41,7 @@ contract VaultProxy is IVaultProxy {
         address vaultImplementation = isValidatorWithdrawalVault
             ? staderConfig.getValidatorWithdrawalVaultImplementation()
             : staderConfig.getNodeELRewardVaultImplementation();
-        // solhint-disable-next-line avoid-low-level-calls
+        //slither-disable-next-line controlled-delegatecall
         (bool success, bytes memory data) = vaultImplementation.delegatecall(_input);
         if (!success) {
             revert(string(data));