This PR documents and exploits the double satisfaction vulnerability found by Facundo. It also removes the doubleSatAttack in the tests for the auction contract: It is possible, but not straightforward to make it find this particular vulnerability, and an automatic doubleSatAttack that needs a lot manual of work to find a relatively simple vulnerability doesn't look too compelling.
For the record: As far as I understand it, the doubleSatAttack performs poorly on this example not because of some flaw in that function itself, but for more general design reasons in cooked-validators.
This PR documents and exploits the double satisfaction vulnerability found by Facundo. It also removes the
doubleSatAttack
in the tests for the auction contract: It is possible, but not straightforward to make it find this particular vulnerability, and an automaticdoubleSatAttack
that needs a lot manual of work to find a relatively simple vulnerability doesn't look too compelling.