slpjs is vulnerable to authorization bypass. An attacker is able to create a malicious Bitcoin script to cause a hard-fork from the SLP concensus due to difference between the specified SLP concensus and the validation result of the slpjs npm package which causes a discrepancy in the simple ledger protocol.