You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It appears that the vulnerability may have been addressed with this commit: 6294f5a. However, I would like to caution future developers or users who may consider forking this repo.
Context:
The affected contracts were deployed by Rocket Pool on Optimism, and the exploit resulted in users being refunded with Generation Software's security budget.
Recommended Action:
To prevent similar issues from arising in the future, I recommend sharing this security event more broadly. While the event is documented on HackMD, sharing it via more prominent channels (e.g., public channels or security advisories) could help prevent others from unknowingly using vulnerable versions of the code.
I haven’t identified any additional issues, but I’m raising this to ensure further visibility and caution. Thanks for your attention.
The text was updated successfully, but these errors were encountered:
It appears that the vulnerability may have been addressed with this commit:
6294f5a. However, I would like to caution future developers or users who may consider forking this repo.
For reference, the details of the exploit are documented here:
https://hackmd.io/@g9-trevor/BybsGuHFC
Context:
The affected contracts were deployed by Rocket Pool on Optimism, and the exploit resulted in users being refunded with Generation Software's security budget.
Recommended Action:
To prevent similar issues from arising in the future, I recommend sharing this security event more broadly. While the event is documented on HackMD, sharing it via more prominent channels (e.g., public channels or security advisories) could help prevent others from unknowingly using vulnerable versions of the code.
I haven’t identified any additional issues, but I’m raising this to ensure further visibility and caution. Thanks for your attention.
The text was updated successfully, but these errors were encountered: