Evmos 安全漏洞

Evmos is a scalable, high-throughput proof-of-equity blockchain. It is used for full compatibility and interoperability with Ether. A security vulnerability exists in Evmos versions prior to 17.0.0, which stems from the fact that transaction execution does not take into account all state...

State Manipulation Attack

github.com/evmos/evmos is vulnerable to state manipulation attacks. The vulnerability is due to an inconsistency between the originStorage and dirtyStorage states during transaction execution, which allows for the potential minting of arbitrary tokens...

GHSA-3FP5-2XWH-FXM6 Evmos transaction execution not accounting for all state transition after interaction with precompiles

Context - stateObject: represents the state of an account and is used to store its updates during a state transition. This is accomplished using two in memory Storage variables: originStorage and dirtyStorage - StateDB: it is the general interface to retrieve accounts and holds a map of...

LACK OF DEADLINE AND SLIPPAGE CHECKS COULD PROMPT THE USERS TO EXECUTE THE BUY AND SELL TRANSACTIONS AT UNFAVOURABLE PRICE POINTS

Lines of code Vulnerability details Impact The Market.sol contract implements four functions which depend on the linear bonding curve to calculate the price and fee amounts associated with their logic execution. These functions are Market.buy, Market.sell, Market.mintNFT and Market.burnNFT. The...