-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
QA Report #66
Labels
bug
Something isn't working
grade-a
Q-09
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
sufficient quality report
This report is of sufficient quality
Comments
c4-bot-9
added
bug
Something isn't working
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
labels
Oct 25, 2024
c4-bot-4
added a commit
that referenced
this issue
Oct 25, 2024
howlbot-integration
bot
added
the
sufficient quality report
This report is of sufficient quality
label
Oct 28, 2024
ClementWalter
added
the
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
label
Nov 4, 2024
dmvt marked the issue as selected for report |
c4-judge
added
selected for report
This submission will be included/highlighted in the audit report
grade-a
labels
Nov 8, 2024
dmvt marked the issue as grade-a |
thebrittfactor
removed
the
selected for report
This submission will be included/highlighted in the audit report
label
Nov 8, 2024
Staff have removed the |
thebrittfactor
added
the
selected for report
This submission will be included/highlighted in the audit report
label
Nov 18, 2024
Staff have added the |
obatirou
added a commit
to kkrt-labs/kakarot
that referenced
this issue
Nov 25, 2024
code-423n4/2024-09-kakarot-findings#66 * Missing boundary check in EVM transaction decoding adds a check to ensure [call_array].data_offset + [call_array].data_len <= calldata_len * Several of the stack_size_diff values defined in constants.cairo are off put the right values * After Kakarot's native token is changed, an approval from account_contract instances can't be re-triggered remove the setter, this will not change * Some invalid values for the v field in Ethereum signatures are accepted add a check to ensure y_parity is 0 or 1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
bug
Something isn't working
grade-a
Q-09
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
sufficient quality report
This report is of sufficient quality
See the markdown file with the details of this report here.
The text was updated successfully, but these errors were encountered: