search

code-423n4 / 2024-03-saltyio-mitigation-findings

0 stars 0 forks source link

M-25 MitigationConfirmed #86

Open c4-bot-9 opened 8 months ago

c4-bot-9 commented 8 months ago

Lines of code

Vulnerability details

Comments

The original implementation assumes that r1 * z0 always be greater than r0 * z1 in L192. However it could be wrong if maximumMSB is greater than 80 and all variables are scaled by maximumMSB.

Mitigation

commit 44320a8 The mitigation removed scaling function. all r0, r1, z0, z1 will be used for calculation without any scaling. The original issue was resolved.

Conclusion

Confirmed

c4-judge commented 8 months ago

Picodes marked the issue as satisfactory