pcaversaccio
commented
1 month ago For further reference, see here the previous discussion between @kajaaz and myself.
Open mattaereal opened 1 month ago
pcaversaccio
commented
1 month ago For further reference, see here the previous discussion between @kajaaz and myself.
Robert-MacWha
commented
1 month ago Oh yes let's do this.
I imagine ISAC already has some schema in use. I'll go ask about it, but if not this could be a very helpful thing for SEAL to maintain.
mattaereal
commented
4 weeks ago I'd only like to clarify that in the conversation @pcaversaccio had with @kajaaz, kaj was more inclined toward having something to categorize vulnerabilities as in CVE-style. That is out of the scope of frameworks, but @pcaversaccio and I agreed that it might be a good idea that frameworks hold the categorization upon which someone else can create this other different product.
It might be a separate initiative, who knows?
What content are you looking to add?
A web3 vulnerabilities classification.
Why do you think it is important?
Most of the current ones are outdated or unmaintained afaik. Maybe if this lives inside the repo, it might have a better chance to keep it updated.
Can you cite resources where to base the content from?
https://swcregistry.io/ https://securing.github.io/SCSVS/ https://github.com/sigp/solidity-security-blog https://dl.acm.org/doi/fullHtml/10.1145/3391195#sec-9 https://nvd.nist.gov/vuln/detail/CVE-2023-40014