Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • CASINO
Crypto Flexs
  • DIRECTORY
  • CRYPTO
    • ETHEREUM
    • BITCOIN
    • ALTCOIN
  • BLOCKCHAIN
  • EXCHANGE
  • ADOPTION
  • TRADING
  • HACKING
  • SLOT
  • CASINO
Crypto Flexs
Home»HACKING NEWS»Сow Protocol: ComposableCoW and ExtensibleFallbackHandler Audit Summary
HACKING NEWS

Сow Protocol: ComposableCoW and ExtensibleFallbackHandler Audit Summary

By Crypto FlexsApril 15, 20243 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Сow Protocol: ComposableCoW and ExtensibleFallbackHandler Audit Summary
Share
Facebook Twitter LinkedIn Pinterest Email

CoW Swap is the first trading interface built on the CoW protocol. CoW Swap is a Meta DEX aggregator that allows you to buy and sell tokens using gasless orders settled peer-to-peer between users or settled with on-chain liquidity sources, while providing protection from MEV.

cow protocol We performed a security review of ComposableCoW and ExtensibleFallbackHandler leveraging Ackee Blockchain, with total time donations as follows: 8 engineering days in the period between July 18th and July 28, 2023.

methodology

We use static analysis tools, namely wake up. We then took a closer look at the logic of the contract. For testing we wake up Test framework. During the review process, we paid special attention to the following:

  • replay attack
  • Signature Verification
  • Payload manipulation
  • Possible re-entry detection
  • Verify that the system’s calculations are correct
  • Accuracy of data encoding/decoding
  • ERC-1271 compliance
  • I’m looking for common problems like data validation.

range

The audit was conducted in the following scope:

A review has been performed on the specified commit. Revision 1.0:

  • 27ec79b For ComposableCow
  • 11273c1 For ExtensibleFallbackHandler

Revision 1.2 was done in the ComposableCow commit. bd2634dThe ExtensibleFallbackHandler commit has not changed since Revision 1.1.

result

Here we have our result.

critical severity

C1: StopLoss arithmetic mismatch

Severity High

No high severity issues were found.

medium severity

M1: Oracle data validation

low severity

L1: Constructor data validation

warning severity

W1: GPv2Order data tampering

W2: Revert condition mismatch

W3: Vulnerable MerkleProof library

W4: GoodAfterTime order is missing recipient address.

Information Severity

I1: Unnecessary SafeMath

I2: Missing cabinet organization

I3: Error in documentation

I4: Specify TradeAboveThreshold order recipient name

I5: mismatch error

I6: Commented code

I7: Inconsistent naming

conclusion

The review resulted in 14 findings ranging in severity from informational to critical. important issue C1: StopLoss arithmetic mismatch Modified according to our recommendations and M1: Oracle data validation The issue has been implemented correctly (revision 1.2).

Other issues include low-severity data validation, warnings, and informational findings, which are recommendations rather than issues. The overall code quality and architecture are professional. The entire project is well documented, with in-code NatSpec documentation and detailed explanations.

Ackee Blockchain recommends the CoW protocol.

  • To add Oracle data validation
  • Know about zero address verification
  • To unify syntax and naming
  • We resolve all reported issues.

As of revision 1.2, the L1: constructor data validation issue has been acknowledged and all other issues have been fixed.

Ackee blockchain is full COW Protocol You can find the audit report with a more detailed description of all findings and recommendations. here.

We were happy to give our thanks. cow protocol We look forward to working with them again.

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Wake’s GMX Hacking Analysis and Attack Scenario

July 25, 2025

How to Start with Web3 and Crypto -Dew Prehtation

July 23, 2025

FTT increases by 7% as the backpack starts the platform to help victims clear liquidation.

July 21, 2025
Add A Comment

Comments are closed.

Recent Posts

Forexus drops NFT coins -the public stage is sold in a few minutes.

July 27, 2025

Using XRP Cloud To Mine BTC And DOGE, Helping Investors Obtain Stable Daily Income

July 27, 2025

Safe and expandable MCP server development: Main strategies and best practices

July 27, 2025

Cardano (ADA) flashes optimistic signals. Did the meeting just started?

July 26, 2025

DL Mining Launches In The U.S.

July 26, 2025

Ripple CTO’s amazing regret for censorship

July 26, 2025

Ether Leeum validation exit exit queue will explode with 521,000 ETH ATH.

July 26, 2025

Wake’s GMX Hacking Analysis and Attack Scenario

July 25, 2025

Pepeto Announces $5.5M Presale And Demo Trading Platform

July 25, 2025

$75K In Rewards Announced For Valhalla’s First-Ever Tournament

July 25, 2025

Bitcoin Market Bullish? DL Mining Launches $100 Bonus + Sustainable Cloud Mining

July 25, 2025

Crypto Flexs is a Professional Cryptocurrency News Platform. Here we will provide you only interesting content, which you will like very much. We’re dedicated to providing you the best of Cryptocurrency. We hope you enjoy our Cryptocurrency News as much as we enjoy offering them to you.

Contact Us : Partner(@)Cryptoflexs.com

Top Insights

Forexus drops NFT coins -the public stage is sold in a few minutes.

July 27, 2025

Using XRP Cloud To Mine BTC And DOGE, Helping Investors Obtain Stable Daily Income

July 27, 2025

Safe and expandable MCP server development: Main strategies and best practices

July 27, 2025
Most Popular

PAXOS improves the existence of Europe by just acquiring finance.

February 6, 2025

Did this whale manipulate Hype’s liquidation system for profits?

March 12, 2025

Why did the Ethereum (ETH) price go up today?

August 9, 2024
  • Home
  • About Us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms and Conditions
© 2025 Crypto Flexs

Type above and press Enter to search. Press Esc to cancel.