-
Pre-commitments (fields in the `n` list) are hashed versions of the CESR strings (b64) of the public keys appearing in the `k` field when rotated to and not hashes of the public keys themselves. This…
-
The `getSender` function of `SalesPolicy.sol` calls the Solidity ecrecover function directly to verify the given signatures. However, the ecrecover EVM opcode allows malleable (non-unique) signatures …
-
### Problem description
`TransactionBody`'s `ID()` method makes use of `MakeID()` function that calls `Fingerprint()`under the hood to hash data structure.
`Fingerprint()` is implemented on `Transact…
-
Originally reported on Google Code with ID 464
```
The micropayment channels protocol is designed so the client doesn't need internet access
to complete it. Thus, the client asks the server to broadc…
-
Hello,
As usual, many thanks for the most fantastic crypto construction Go library out there!
Are there any plans for [Ristretto](https://ristretto.group/) support? The group is `ristretto255`, …
-
# Lines of code
https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/NounsDAOV3Proposals.sol#L270-L275
https://github…
-
**Github username:** @0xfuje
**Twitter username:** 0xfuje
**Submission hash (on-chain):** 0x13bd93ec6653c12372834eacc23e6ba32025e0acf7bfe6d61f4c1aca66184c59
**Severity:** low
**Description:**
## Imp…
-
# https://hackerone.com/reports/2498849
## Summary:
Malicious validators can prevent legitimate transactions from being executed.
## Proof-of-Concept (PoC)
1. When a malicious validator re…
-
# Handle
0xRajeev
# Vulnerability details
## Impact
The ecrecover function is used to verify and execute EIP-2612 permit transactions. The built-in EVM precompile ecrecover is susceptible to sign…
-
# Handle
0xRajeev
# Vulnerability details
## Impact
The ecrecover function is used to verify and execute Meta transactions. The built-in EVM precompile ecrecover is susceptible to signature malle…