| SCSVS-BLOCK-1 |
S8.1.G1 |
No Test ID |
Verify secure iteration over operators and validators. |
- Does the protocol avoid iterating over the entire set of operators or validators to prevent gas limit issues? |
|
|
|
|
- Are there mechanisms to manage large sets of operators or validators without causing denial of service? |
|
|
|
|
- How does the protocol handle large numbers of operators or validators to maintain efficiency and avoid out-of-gas errors? |
| SCSVS-BLOCK-1 |
S8.1.G2 |
No Test ID |
Verify handling of oracle reverts. |
- Does the system handle potential oracle reverts effectively? |
|
|
|
|
- If an oracle revert occurs, are there safeguards to prevent Denial-of-Service conditions? |
|
|
|
|
- Are there alternative strategies in place to address oracle reverts? |
| SCSVS-BLOCK-1 |
S8.1.G3 |
No Test ID |
Verify blocking mechanism security. |
- Does the system use blocking or non-blocking mechanisms? |
|
|
|
|
- Can the use of a blocking mechanism lead to a DoS attack? |
|
|
|
|
- What are the risks associated with the current mechanism used? |
| SCSVS-BLOCK-1 |
S8.1.G4 |
No Test ID |
Verify protocol stability without overreliance on reserves. |
- Is there excessive reliance on pool reserves? |
|
|
|
|
- What alternative methods or checks are implemented to mitigate risks associated with pool reserves? |
|
|
|
|
- Can pool reserves be manipulated through techniques like flashloans? |
| SCSVS-BLOCK-1 |
S8.1.G5 |
No Test ID |
Verify Front-Running Risk |
- Are there safeguards to prevent front-running attacks by ensuring fair transaction processing? |
|
|
|
|
- Does the protocol include measures to handle transactions in a way that mitigates the risk of priority manipulation? |
|
|
|
|
- Is there a mechanism to protect against attacks that exploit transaction ordering or timing? |
| SCSVS-BLOCK-1 |
S8.1.G6 |
No Test ID |
Verify correct pausing functionality. |
- Can functionality be bypassed if a related pause check is missing in one of the functions? |
|
|
|
|
- Are all functions that should be paused during a system-wide pause consistently checked for the paused state? |
|
|
|
|
- Is there a mechanism to ensure all related functions respect the pause state uniformly? |
| SCSVS-BLOCK-2 |
S8.2.G1 |
No Test ID |
Verify Queue Processing DoS Risks |
- Is there a limit on the size or number of queued transactions to prevent denial of service? Verify that the contract enforces these limits. |
|
|
|
|
- Does the contract implement measures to prevent abuse of queue processing, such as rate limiting or prioritization? |
|
|
|
|
- How does the protocol handle excessive queue sizes or frequent updates to prevent system overload? |
| SCSVS-BLOCK-2 |
S8.2.G2 |
No Test ID |
Prevent Same-Block Withdrawal Attacks |
- Are withdrawals disabled within the same block as other significant actions? |
|
|
|
|
- Does the protocol prevent flashloan attacks by implementing a delay or restriction on withdrawals within the same block? |
| SCSVS-BLOCK-2 |
S8.2.G3 |
No Test ID |
Verify DoS in Loops |
- Is there a potential for a Denial-of-Service (DoS) attack in loops? Verify if external calls or user inputs could impact the loop execution. |
|
|
|
|
- How does the contract ensure that a failure in a single iteration does not affect the overall operation? |
|
|
|
|
- Are there mechanisms to handle or mitigate the impact of failed or problematic iterations in loops? |
| SCSVS-BLOCK-2 |
S8.2.G7 |
No Test ID |
Verify msg.value in Loop |
- Is msg.value used within a loop? Verify if msg.value is accessed multiple times within a loop. |
|
|
|
|
- How does the contract manage msg.value to ensure consistent accounting throughout the transaction? |
|
|
|
|
- Are there potential issues or mistakes in accounting if msg.value is used in a loop? |
| SCSVS-BLOCK-2 |
S8.2.G8 |
No Test ID |
Verify Batch Fund Transfer |
- Is there a loop to handle batch fund transfers? Verify how the mechanism handles residual or leftover funds. |
|
|
|
|
- How does the contract ensure that all funds are transferred correctly, including any residual amounts? |
|
|
|
|
- Are there specific checks or logic to handle the last transfer in a batch to account for dust funds? |
| SCSVS-BLOCK-2 |
S8.2.G9 |
No Test ID |
Verify Block Timestamp Manipulation |
- Is block.timestamp used for critical logic where precision is crucial? Verify that it is used appropriately. |
|
|
|
|
- How does the contract account for potential inaccuracies or manipulations in block.timestamp? |
|
|
|
|
- Are there alternative mechanisms or fallback strategies used when precise timing is required? |