Описание
False-negative validation results in MINT transactions with invalid baton
Impact
Users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton.
Patches
npm package slpjs has been patched and published as version 0.27.2.
Workarounds
Upgrade to slpjs 0.27.2.
References
- slpjs commit
For more information
If you have any questions or comments about this advisory:
- Open an issue in slp-validate or slpjs
Пакеты
slpjs
< 0.27.2
0.27.2
Связанные уязвимости
SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. This is fixed in version 0.27.2.