OpenVM

OpenVM

Cantina Security Report

Organization

@OpenVM

Engagement Type

Cantina Reviews

Period

-

Repositories

GitHubopenvm-org/openvm

Researchers

Om Parikh

zigtur

Findings

Informational

2 findings

2 fixed

0 acknowledged

Informational2 findings

  1. ISA.md variables name are different than the codebase

    State

    Fixed

    PR #1567

    Severity

    Severity: Informational

    Submitted by

    zigtur

    Description

    In commit 20c494e, two variable names have been modified in the ISA.md file: ADDR_SPACE_OFFSET and addr_space_height.

    However, it is confusing as these new names do not correspond to the variable used in the codebase.

    Recommendation

    Consider reverting to the previous naming that matches with the codebase.

    OpenVM

    Fixed in feat/new-execution branch linked to PR1567.

    Cantina

    Fixed. The variables in the code have been renamed.

  2. alloc will be deprecated in the future

    State

    Fixed

    PR #1981

    Severity

    Severity: Informational

    Submitted by

    zigtur

    Description

    The alloc::alloc function is called to allocate memory. This function's documentation indicates that this function is expected to be deprecated when the allocate function and the Allocate trait are stable.

    This function is expected to be deprecated in favor of the allocate method of the Global type when it and the Allocator trait become stable.

    Recommendation

    Consider monitoring future stable release to upgrade to allocate function when it is stable.

    OpenVM

    Fixed in PR1981.

    Cantina

    Fixed. A TODO comment has been added to keep track of this potential deprecation.