Skills
.Work. You
Rest

unexpected-ecrecover-null-address

Community

Secure ecrecover calls

Software Engineering#security#vulnerability#auditing#smart contract#solidity#ecrecover
AuthorApegurus
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill addresses a critical security vulnerability in Solidity smart contracts where the ecrecover function is used improperly, potentially allowing unauthorized actions due to uninitialized or zero addresses.

Core Features & Use Cases

  • Vulnerability Detection: Identifies direct usage of ecrecover without proper validation against address(0).
  • Secure Coding Practices: Promotes the use of safer alternatives like OpenZeppelin's ECDSA.recover.
  • Use Case: Auditing a smart contract that uses ecrecover for signature verification to ensure that an attacker cannot exploit a scenario where the recovered address is address(0) and the expected signer is also address(0).

Quick Start

Analyze the attached contract 'Vault.sol' for the unexpected ecrecover null address vulnerability.

Dependency Matrix

Required Modules

None required

Components

references

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: unexpected-ecrecover-null-address
Download link: https://github.com/Apegurus/solidity-argus/archive/main.zip#unexpected-ecrecover-null-address

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.