skalenetwork / skale-consensus

Running the very core of SKL network, SKALE BFT consensus is universal, modern, modular, high-performance, asynchronous, provably-secure, agent-based Proof-of-Stake blockchain consensus engine in C++ 17. Includes provably secure embedded Oracle. Used by SKALE elastic blockchains. Easy and flexible enough to implement your own blockchain or smart contract platform. BLS signatures and Binary Asynchronous Consensus are main building blocks.
https://docs.skale.network/technology/consensus-spec
GNU Affero General Public License v3.0
77 stars 31 forks source link

282 d availability #683

Closed kladkogex closed 2 years ago

guardrails[bot] commented 2 years ago

:warning: We detected 2 security issues in this pull request:

Insecure Use of Crypto (2)
Docs | Details ----- | -------- [:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/c/insecure_use_of_crypto.html?utm_source=ghpr#) | Title: **Insecure random generator**, Severity: High
https://github.com/skalenetwork/skale-consensus/blob/7a305a245d2ef6e3fda50781180c7cff7580d8b5/datastructures/CommittedBlock.h#L87 [:bulb:](https://docs.guardrails.io/docs/en/vulnerabilities/c/insecure_use_of_crypto.html?utm_source=ghpr#) | Title: **Insecure random generator**, Severity: High
https://github.com/skalenetwork/skale-consensus/blob/7a305a245d2ef6e3fda50781180c7cff7580d8b5/datastructures/CommittedBlock.h#L88 More info on how to fix Insecure Use of Crypto in [C/C++](https://docs.guardrails.io/docs/en/vulnerabilities/c/insecure_use_of_crypto.html?utm_source=ghpr#).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.