Out of order vulnerability due to mishandling retryable ticket


A general issues that we (Trail of Bits) have noticed due to the usage of retryable tickets are out-of-order vulnerability.

To increase the community awarness, we wrote a technical blogpost describing the issue and how to prevent it. In addition, we added a slither detector to automatically detect such a vulnerability.

We hope that this will help developers to avoid out-of-order vulnerabilities in their codebase.

disclaimer: Trail of Bits is part of the ARDC proposal