Offchain Arbitrum Stylus

Findings · 41

1. 1 Gas for WASM program activation not charged early enough Medium
2. 2 Project contains no build instructions Informational
3. 3 WASM Merkleization is computationally expensive Low
4. 4 WASM binaries lack memory protections against corruption Low
5. 5 Ink is charged preemptively for reading and writing to memory Low
6. 6 Integer overflow vulnerability in brotli-sys Low
7. 7 Reliance on outdated dependencies Informational
8. 8 WASM validation relies on Wasmer code that could result in undefined behavior Medium
9. 9 Execution of natively compiled WASM code triggers ASan warning Informational
10. 10 Unclear program version checks Informational
11. 11 Memory leak in capture_hostio Informational
12. 12 Use of mem::forget for FFI is error-prone Undetermined
13. 13 Lack of safety documentation for unsafe Rust Informational
14. 14 Undefined behavior when passing padded struct via FFI Undetermined
15. 15 Stylus’s 63/64th gas forwarding diers from go-ethereum Low
16. 16 Undocumented WASM/WAVM limits Informational
17. 17 Missing sanity checks for argumentData instruction Informational
18. 18 Discrepancy in EIP-2200 implementation Informational
19. 19 Tests missing assertions for some errors and values Low
20. 20 Machine state serialization/deserialization does not account for error guards Low
21. 21 Lack of minimum-value check for program activation Informational
22. 22 SetWasmKeepaliveDays sets ExpiryDays instead of KeepaliveDays Medium
23. 23 Potential nil dereference error in Node.Start Informational
24. 24 Incorrect dataPricer model update in ProgramKeepalive, causing lower cost and demand High
25. 25 Machine does not properly handle WASM binaries with both Rust and Go support Low
26. 26 Computation of internal stack hash uses wrong prefix string Informational
27. 27 WASI preview 1 may be incompatible with future versions Informational
28. 28 Possible out-of-bounds write in strncpy function in Stylus C SDK Medium
29. 29 Insucient out-of-bounds check in memcpy utility function for ConstString Medium
30. 30 Unused and unset timeouts in Arbitrator's JIT code Informational
31. 31 New machine hashing format breaks backward compatibility Informational
32. 32 Unclear handling of unexpected machine state transitions Informational
33. 33 Potential footguns and attack vectors due to new memory model Informational
34. 34 Storage cache can become out of sync for reentrant and delegated calls High
35. 35 Storage cache can be written to in a static call context Low
36. 36 Revert conditions always override user returned status Low
37. 37 CacheManager bids cannot be increased Informational
38. 38 The makeSpace function does not refund excess bid value and can be front-run Informational
39. 39 Bids do not account for program size Informational
40. 40 Incorrect bid check Informational
41. 41 MemoryGrow opcode is underpriced for programs with fixed memory Medium

Findings extracted from the published report PDF. See the full report below for details and remediation.