feat(attack): Secret Size Attack (#16)

manifoldfinance · Aug 23, 2022 · cb2dedf · cb2dedf
1 parent 20f9934
commit cb2dedf
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,7 @@
 # Decentralized Finance Threat Matrix
 
-- v3.0.2 is the latest release (v2022.06.13-302)
+- [v3.0.3 is the current release  (v2022.08.23-303)](https://github.com/manifoldfinance/defi-threat/blob/secret-size-attack/v3.0.3.md)
+- v3.0.2 is the previous release (v2022.06.13-302)
 
 ## Advisories 
 
@@ -10,6 +11,11 @@ We are now publishing Security Advisories [https://github.com/manifoldfinance/de
 
 ### Changes
 
+v3.0.3
+New attack: Secret Size Attack
+New Category: Interchain, id: 006
+
+v3.0.2
 New attacks such as: <br>
 Ex Post/Ex Ante Reorg (On-Chain),  <br>
 Compiler not Optimizing errors (Solidity),  <br>
@@ -29,7 +35,7 @@ be specialized towards the unique issues brought about in blockchain/cryptocurre
 
 ## Overview of Threat Matrix
 
-> version v3.0.2/2022.06
+> version v3.0.3/2022.08
 
 | _001_ 	| _002_ 	| _003_ 	| _004_ 	| _005_ 	|
 |---	|---	|---	|---	|---	|
@@ -60,7 +66,7 @@ be specialized towards the unique issues brought about in blockchain/cryptocurre
 | Cascading Loan Failure 	| Unexpected Fee on Transfer  	| Man in the Blotter 	| Ex Post Reorg 	| Compiler Optimizer not Optimizing 	|
 |  	|  	| BGP Routing 	| Nonstandard Proxy Implementation 	| Math operations differ in certain pragmas 	|
 |  	|  	| IP4/IP6 misconfiguration 	| Tyranny of the Majority 	| Uninitialized Contract 	|
-|  	|  	|  	|  	|  	|
+|  	|  	|  	| Secret Size Attack  	|  	|
 
 
 ### v2 Matrix 

diff --git a/package.json b/package.json
@@ -1,9 +1,9 @@
 {
   "name": "defi-threat-matrix",
-  "version": "0.7.0",
-  "description": "decentralized econometric threat and security assesment",
+  "version": "0.7.1",
+  "description": "a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance",
   "repository": "https://github.com/manifoldfinance/defi-threat",
-  "author": "sam bacha <sam@freighttrust.com>",
+  "author": "sam bacha <sam@manifoldfinance.com>",
   "license": "MPL-2.0",
   "private": false,
   "scripts": {},

diff --git a/v3.0.2.md → v3.0.3.md b/v3.0.2.md → v3.0.3.md
@@ -27,4 +27,4 @@
 | Cascading Loan Failure          | Unexpected Fee on Transfer                      | Man in the Blotter                         | Ex Post Reorg                           | Compiler Optimizer not Optimizing                 |
 |                                 |                                                 | BGP Routing                                | Nonstandard Proxy Implementation        | Math operations differ in certain pragmas         |
 |                                 |                                                 | IP4/IP6 misconfiguration                   | Tyranny of the Majority                 | Uninitialized Contract                            |
-|                                 |                                                 |                                            |                                         |                                                   |
+|                                 |                                                 |                                            | Secret Size Attack                                          |                                                   |