Ockam

Findings · 6

1. 1 The system is vulnerable to SNDL attacks by quantum computers Medium
2. 2 Serialized VersionedData struct’s data is ambiguous Informational
3. 3 Truncating ChangeHistory hash to 160 bits introduces risk of collisions Informational
4. 4 The meanings of the primary key fields created_at and expires_at are undocumented Medium
5. 5 Insucient threat model documentation Medium
6. 6 The supported signature schemes have dierent security properties Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.