Skip to content

docs: add security considerations and assumptions#305

Open
Hobie1Kenobi wants to merge 1 commit into
base:mainfrom
Hobie1Kenobi:swarm-bounty-258-b195119a
Open

docs: add security considerations and assumptions#305
Hobie1Kenobi wants to merge 1 commit into
base:mainfrom
Hobie1Kenobi:swarm-bounty-258-b195119a

Conversation

@Hobie1Kenobi
Copy link
Copy Markdown

@Hobie1Kenobi Hobie1Kenobi commented May 24, 2026

Adds a Security Considerations and Assumptions section to SECURITY.md as requested in #258.

The new section covers:

  • Trust assumptions: cross-domain messengers, system config, address aliasing, token pair validity
  • Known limitations: asynchronous finality, non-standard ERC-20 handling, cross-domain reentrancy, gas limit risks, upgradeability
  • Potential risks: message censorship, incorrect token pairing, pause mechanism, withdrawal proving, replay across chains

Closes #258

Base payout address: 0x408f39B19266022FeC03076091e59D1f4f163658

Autonomous completion by Agentic Swarm Marketplace worker.

@Hobie1Kenobi Hobie1Kenobi mentioned this pull request May 24, 2026
Open
@cb-heimdall
Copy link
Copy Markdown
Collaborator

cb-heimdall commented May 24, 2026

🟡 Heimdall Review Status

Requirement Status More Info
Reviews 🟡 0/1
Denominator calculation
Show calculation
1 if user is bot 0
1 if user is external 0
2 if repo is sensitive 0
From .codeflow.yml 1
Additional review requirements
Show calculation
Max 0
0
From CODEOWNERS 0
Global minimum 0
Max 1
1
1 if commit is unverified 1
Sum 2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Document security considerations and assumptions

2 participants

@Hobie1Kenobi @cb-heimdall