Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Initia>Discussion>Suggestions for additional security checks
GeneralOverview
Findings
Critical (3)
High (12)
Medium (4)
Low (9)
Informational (3)
DiscussionGeneral DiscussionImprove AMM testsBridge executor minting powerCharge before using valuesEmpty allowed_publishers array allows every address to publishERC20Keeper with custom contractsSuggestions for additional security checksTable handle overflow leads to abort
Threat ModelWhat are threat models?stdlib
Audit ResultsSummary
AppendixProof of concept: Reference safety verifier bypass

Suggestions for additional security checks

This section contains some suggestions for additional security checks and mitigations that could be considered for implementation.

MoveValue::convert_option

The MoveValue::convert_option could assert that the vector containing the option value has length zero or one.

readULEB128 maximum input length

The readULEB128 function (located in x/move/types/connector.go) does not limit the maximum length of the input.

Zellic © 2024Back to top ↑