Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Initia>Discussion>Suggestions for additional security checks
GeneralOverview
Findings
Critical (2)
High (7)
Medium (5)
Low (12)
Informational (5)
DiscussionGeneral DiscussionImprove AMM testsBridge executor minting powerCharge before using valuesEmpty allowed_publishers array allows every address to publishERC20Keeper with custom contractsSuggestions for additional security checksTable handle overflow leads to abort
Threat ModelWhat are threat models?stdlib
Audit ResultsSummary
AppendixProof of concept: Reference safety verifier bypass

Suggestions for additional security checks

This section contains some suggestions for additional security checks and mitigations that could be considered for implementation.

MoveValue::convert_option

The MoveValue::convert_option could assert that the vector containing the option value has length zero or one.

readULEB128 maximum input length

The readULEB128 function (located in x/move/types/connector.go) does not limit the maximum length of the input.

Zellic © 2025Back to top ↑