Orga and Merk

Findings · 7

1. 1 Slashing of re-delegated stake is computed incorrectly Medium
2. 2 Malicious state sync peer can cause syncing nodes to crash Low
3. 3 Interrupted snapshots can lead to inconsistent state Low
4. 4 Malicious state sync peer can cause a stack overflow in Merk Low
5. 5 Merk trunk splitting can lead to panics on degenerate trees Low
6. 6 Stored IBC consensus states cannot be pruned Low
7. 7 Merk proofs can be forged to claim arbitrary key/value inclusions High

Findings extracted from the published report PDF. See the full report below for details and remediation.