Dennis Won denniswon
denniswon
/ gist:07499bcd9bf6efcb469ed4dc07470f6c
Created
March 17, 2026 20:31
zkTLS / TLSNotary Integration — Full Recall
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| zkTLS / TLSNotary Integration — Full Recall | |
| Project Summary | |
| Newton is integrating TLSNotary (MPC-TLS) for verifiable web data proofs in Rego policy evaluation. Author: @sigrid-magiclabs | |
| (Linear: NEWT-490). | |
| PR Chain Status (as of ~6 days ago) |
denniswon
/ gist:4585e61569dfc6b23174682897656cdf
Last active
March 17, 2026 13:58
On-Chain Identity Registry vs. Off-Chain Privacy Data Store
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| Good context gathered. I can see the current flow is: | |
| 1. newton-identity encrypts with RSA-OAEP (AWS KMS public key) → hex ciphertext | |
| 2. Signs the encrypted string with EIP-712 (EncryptedIdentityData) | |
| 3. Gateway verifies EIP-712 signature, then stores the encrypted data on-chain via submitIdentity | |
| 4. At evaluation time, operators decrypt via AWS KMS | |
| The Newton SDK already has a full HPKE privacy module (X25519 + HKDF-SHA256 + ChaCha20-Poly1305) with AAD binding, Ed25519 signing, and | |
| uploadEncryptedData RPC. |
denniswon
/ gist:80db91c5f2d4db883312479f1336db00
Created
March 16, 2026 07:03
[Low/informational[ Complete Triage: All 30 Findings
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Complete Triage: All 30 Findings | |
| Core Protocol — Actionable Fixes | |
| ┌─────┬─────────────────────────────────────────────────────────────────────┬───────────────┬─────────────────────────────────────────────────┐ | |
| │ # │ Finding │ Verdict │ Action │ | |
| ├─────┼─────────────────────────────────────────────────────────────────────┼───────────────┼─────────────────────────────────────────────────┤ | |
| │ #4 │ IRegoVerifier calldata return type │ Valid │ Fix — change to memory in interface │ | |
| ├─────┼─────────────────────────────────────────────────────────────────────┼───────────────┼─────────────────────────────────────────────────┤ | |
| │ #10 │ Missing TaskChallengedSuccessfully event in │ Valid │ Fix — add event emission │ |
denniswon
/ gist:68a25027c2a737d1b8b18adec91da42d
Created
March 16, 2026 04:39
Denial of Service: Failing External Calls in Challenge Slashing Operations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Denial of Service: Failing External Calls in Challenge Slashing Operations | |
| Executive Summary | |
| The ChallengeVerifier contract's slashing mechanism can experience denial of service when processing challenges. The slashSigningOperators function iterates over all operators and strategies without any batching or gas limits, causing transactions to revert when these sets grow large. This prevents challenge finalization, attestation invalidation, and operator punishment. | |
| Technical Analysis | |
| Root Cause |
denniswon
/ gist:f455082e40be5c85422d99216c259862
Created
March 16, 2026 04:39
Denial of Service via Quadratic-Time Signer Verification in verifySigningOperatorsWhitelisted
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Denial of Service via Quadratic-Time Signer Verification in verifySigningOperatorsWhitelisted | |
| Executive Summary | |
| The verifySigningOperatorsWhitelisted function in OperatorVerifierLib.sol contains algorithmic complexity issues that can cause out-of-gas reverts when processing task responses on source chains. The function performs quadratic-time operations and numerous external calls that scale poorly with operator set size, enabling semi-trusted operators to induce denial-of-service conditions by manipulating the signer/non-signer ratio. | |
| Vulnerability Details | |
| Location |
denniswon
/ gist:4cc515d5327d579cec038532197254fb
Created
March 16, 2026 04:38
Vulnerability Report: Repeatable Slashing in Direct-Challenge Functions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability Report: Repeatable Slashing in Direct-Challenge Functions | |
| Executive Summary | |
| The ChallengeVerifier contract contains two direct-challenge functions (challengeDirectlyVerifiedAttestation and challengeDirectlyVerifiedMismatch) that lack proper idempotency guards. This allows repeated invocations that trigger operator slashing multiple times for the same task, potentially draining all slashable stake from affected operators. | |
| Vulnerability Details | |
| Affected Functions |
denniswon
/ gist:e3ed1d29b8e110637351a9e08bf93bb7
Created
March 16, 2026 04:38
Vulnerability Report: Missing taskCreatedBlock in Task Hash Enables Time Manipulation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability Report: Missing taskCreatedBlock in Task Hash Enables Time Manipulation | |
| Executive Summary | |
| A critical vulnerability exists in the TaskLib.taskHash() function where the taskCreatedBlock field is not included in the computed hash. This allows attackers to manipulate time-sensitive security checks by supplying arbitrary taskCreatedBlock values that still pass task identity verification. The vulnerability enables two distinct attack vectors: premature slashing of operators on source chains and acceptance of late task responses. | |
| Vulnerability Details | |
| Location |
denniswon
/ gist:cc37e7ee239ccb4543fcf538018090d9
Created
March 16, 2026 03:40
Vulnerability Report: Unprotected Reinitializer and Client Registration Squatting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability Report: Unprotected Reinitializer and Client Registration Squatting | |
| Executive Summary | |
| Two related access control vulnerabilities exist in the IdentityRegistry and PolicyClientRegistry contracts that enable attackers to disrupt or bypass the identity linking system: | |
| IdentityRegistry.initializeV2() lacks access control, allowing any caller to replace the PolicyClientRegistry address | |
| PolicyClientRegistry.registerClient() allows anyone to register any policy client and become its registry "owner" | |
| These vulnerabilities can result in global denial-of-service for identity linking, bypass of client registration gating, or targeted per-client deactivation attacks. |
denniswon
/ gist:b7a9698251f6ad4f8c6b4e813bcb465a
Created
March 16, 2026 03:39
Vulnerability Report: Missing Ownership Verification in PolicyClientRegistry.registerClient
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability Report: Missing Ownership Verification in PolicyClientRegistry.registerClient | |
| Executive Summary | |
| The PolicyClientRegistry.registerClient function lacks verification that the caller is the actual owner of the policy client being registered. This allows any address to register as the "registry owner" of any INewtonPolicyClient contract, enabling them to control the client's active status and block identity linking operations in the dependent IdentityRegistry. | |
| Vulnerability Details | |
| Location |
denniswon
/ gist:329800d69d2935fa43400b12f1d65d73
Created
March 16, 2026 03:39
Vulnerability Report: Non-Canonical EIP-712 Array Encoding in IdentityRegistry
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerability Report: Non-Canonical EIP-712 Array Encoding in IdentityRegistry | |
| Executive Summary | |
| The IdentityRegistry contract contains a critical encoding flaw in its EIP-712 signature verification logic. The contract hashes bytes32[] arrays using abi.encode() instead of the canonical EIP-712 specification requiring abi.encodePacked(). This mismatch causes all standard EIP-712 signatures to fail verification, completely breaking the signature-based identity linking functionality. | |
| Vulnerability Details | |
| Location |