search

daimo-eth / p256-verifier

P256 signature verification solidity contract
https://p256.eth.limo
MIT License
147 stars 28 forks source link

Veridise Audit improvements #31

Closed nalinbhardwaj closed 8 months ago

nalinbhardwaj commented 8 months ago

Summary

This PR addresses issues discovered during followup audit 2 with Veridise.

Issues in audit fixed here

Note that these issues do not appear to impact security of existing codebase, but are improvements overall:

Issue ID Description Fix
1 Authenticator length check inconsistent with actual length https://github.com/daimo-eth/p256-verifier/commit/aa1ce7399d6755f8e7dbb7da99615fbf355973ab
2 Consider noting the draft version of WebAuthn in a comment https://github.com/daimo-eth/p256-verifier/commit/671cc1b5a197fccfcc6cab8f65e458ad41925f9d