ArkProject: NFT Bridge

ArkProject

NFTBridge

60,000 USDC

Submission Details

Severity: high

Invalid

Inconsistent Offset Handling at cairoStringPack in Cairo library

Hello ArkProject,

The offset is initially set to 0x20, which skips the first 32 bytes (usually the length prefix of a dynamic array in Solidity). However, this offset is used throughout the function without further checks. This could lead to incorrect memory access if the string does not conform to the expected format.

Add Boundary Checks: Ensure that offset does not exceed the bounds of strBytes and that memory accesses are safe.

Updates

n0kto Lead Judge 12 months ago

Submission Judgement Published

Invalidated

Reason: Lack of quality

Total prize

60,000 USDC

nSLOC

2,301

26 USDC / LOC

High Medium

50,000 USDC

Low

5,500 USDC

Judges

4,500 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.