Certik, Ethereum Bridge, Preliminary Report (v1), Severity: Minor [Priority 5]

[tcharchian]

• GEB-06 | Known Security Issue in Upstream Dependencies
• GEB-07 | Weak Address Validation in withdraw() in wrapped-token Contract
• GEB-08 | ADMIN Role Cannot Not Be Updated
• GEB-09 | Migration From cw20‑base Leaves Required Wrapped‑Token State Uninitialized
• GEB-10 | Migration of community‑sale Lacks Compatibility Checks and State Validation
• GEB-18 | Slot Donation Picks Under-Allocated Donor, Enabling Sybil Weight Inflation
• GEB-19 | Secret Shares Logged in logging.Debug
• GEB-20 | Decoding Returns Zero If Fails
• GEB-21 | Ineffective Polynomial Degree Check in evaluatePolynomial()
• GEB-22 | Unchecked amountToBytes32() Panic on Oversized Amounts
• GEB-23 | Missing Validation of MsgRequestThresholdSignature.ValidateBasic() for chain_id/request_id and Data Chunk Sizes
• GEB-24 | Insufficient Validation for Dealer Part Submissions in MsgSubmitDealerPart.ValidateBasic()
• GEB-25 | Missing Validation in Group Key Validation Signatures in MsgSubmitGroupKeyValidationSignature.ValidateBasic()
• GEB-26 | Missing Validation in Partial Signature Submissions in MsgSubmitPartialSignature.ValidateBasic()
• GEB-27 | Unbounded DealerValidity in Verification Vector Submissions of MsgSubmitVerificationVector.ValidateBasic()
• GEB-37 | DKG Process Can Be Stuck Due to Internal Errors
• GEB-38 | Inconsistent Comparison of Deadline Block
• GEB-39 | Missing Validation of msg.Amount Being Positive in MsgRequestBridgeWithdrawal
• GEB-40 | Broken Cleanup Logic
• GEB-42 | Unhandled Error of EmitTypedEvent()
• GEB-43 | Valid Dealers Can Be Less Than Threshold
• GEB-47 | Hard-coded threshold for BLS signature
• GEB-48 | Missing Signed Status in parseEpochDataFromJSON()
• GEB-49 | Missing Check of Withdrawal and Mint Amount
• GEB-56 | Missing Validation of Epoch Id in RequestThresholdSignature()
• GEB-57 | Slot Range Silently Clamped Instead of Failing