Xiao Yi
Xiao Yi
This a security vulnerability. The wallet uses ordered inputs of transactions (`src/wallet/wallet.cpp`, [line 3657 - 3671](https://github.com/RavenProject/Ravencoin/blob/master/src/wallet/wallet.cpp#L3657-L3671)), which may incur privacy risks like fingerprinting the wallet to observers. A possible solution...
This is a security vulnerability. In the `ConnectBlock()` function of `src/validation.cpp`, it misses the check for whether the block is corrupted or not. If the block is corrupted, it should...
Currently, the outbound peers on incompatible chains may use up outbound connection slots (the `ProcessMessage()` function in `src/net_processing.cpp`). If the block header is valid, but the block is known to...
The wallet uses ordered inputs of transactions (`src/wallet/wallet.cpp`, [line 2628 - 2640](https://github.com/dogecoin/dogecoin/blob/master/src/wallet/wallet.cpp#L2628-L2640)), which may incur privacy risks like fingerprinting the wallet to observers. A possible solution is to clear the...
This is a security vulnerability. Currently, the outbound peers on incompatible chains may use up outbound connection slots (the `ProcessMessage()` function in `src/main.cpp`). If the block header is valid, but...
This is a security vulnerability. Though we have a detection for block download stalling in `SendMessages()` of `src/main.cpp` at [line 6380](https://github.com/HorizenOfficial/zen/blob/master/src/main.cpp#L6380), the timeout for header sync remain unchecked. This check...
This is a security vulnerability. In the `ConnectBlock()` function of `src/main.cpp`, it misses the check for whether the block is corrupted or not. If the block is corrupted, it should...
This is a security vulnerability. Currently, a new header descendant from an invalid block is still accepted. A possible solution is to get the ancestor of the block, check the...
This is a security vulnerability. The wallet uses ordered inputs of transactions (`src/wallet/wallet.cpp`, [line 2766 - 2772](https://github.com/HorizenOfficial/zen/blob/master/src/wallet/wallet.cpp#L2766-L2772)), which may incur privacy risks like fingerprinting the wallet to observers. A possible...