GHSA-HQ58-P9MV-338C CometBFT's default for `BlockParams.MaxBytes` consensus parameter may increase block times and affect consensus participation

Amulet Security Advisory for CometBFT: ASA-2023-002 Component: CometBFT Criticality: Low Affected versions: All Affected users: Validators, Chain Builders + Maintainers Summary A default configuration in CometBFT has been found to be large for common use cases, and may affect block times and...

CometBFT's default for `BlockParams.MaxBytes` consensus parameter may increase block times and affect consensus participation

Amulet Security Advisory for CometBFT: ASA-2023-002 Component: CometBFT Criticality: Low Affected versions: All Affected users: Validators, Chain Builders + Maintainers Summary A default configuration in CometBFT has been found to be large for common use cases, and may affect block times and...

When admin sets fee parameters on a pair, it is guaranteed to corrupt the critical static fee parameters.

Lines of code Vulnerability details Description Factory owner can configure fee parameters of any pair using setFeesParametersOnPair. The actual change in pair storage happens in setFeeParameters: function setFeesParametersbytes32 packedFeeParameters internal bytes32 feeStorageSlot; assembly...

No cap on fee parameters

143 comment Warden: gzeon Consider adding caps to fee parameters to reduce rug risk --- The text was updated successfully, but these errors were encountered: All reactions...