14 docs tagged with "oracle"

Detects contracts that rely on insecure or predictable sources of randomness.

Detects reliance on block.timestamp, block.number, or other attributes in ways that break assumptions.

Detects contracts that rely on `blockhash` for randomness or critical control flow.

Detects heartbeats that are ignored or misconfigured, allowing stale oracle data to persist.

Detects contracts that rely on optimistic rollup sequencers without verifying their up-time or status.

Detects when nonces or sequence numbers are not updated properly, enabling signature reuse.

Detects unauthorized or illogical changes to contract storage that break invariants.

Detects when oracle results are used without validating their authenticity or range.

Detects reliance on outdated oracle data that may no longer reflect current market conditions.

Detects when protocols rely on price data that may become outdated and lead to incorrect decisions.

Detects reliance on `block.timestamp` for critical logic that miners can manipulate within a short range.

Detects any use of `tx.origin` in authorization or decision making logic.

Detects storage pointers that are not properly initialized, leading to clobbered state.

Detects authorization logic that relies on `tx.origin`, exposing the contract to phishing attacks.