This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate multiversx-sc-codec Dependencies (2 total, all up-to-date)
Crate multiversx-sc-codec-derive Dependencies (4 total, 3 outdated)
Crate Required Latest Status proc-macro2 =1.0.781.0.81out of date quote =1.0.351.0.36out of date syn =2.0.482.0.60out of date hex =0.4.30.4.3up to date
Crate multiversx-sc Dependencies (3 total, 2 outdated)
Crate multiversx-sc-derive Dependencies (5 total, 3 outdated)
Crate Required Latest Status proc-macro2 =1.0.781.0.81out of date quote =1.0.351.0.36out of date syn =2.0.482.0.60out of date hex =0.4.30.4.3up to date radix_trie =0.2.10.2.1up to date
Crate multiversx-sc-meta Dependencies (18 total, 4 outdated)
Crate multiversx-sc-scenario Dependencies (15 total, 2 outdated)
Crate multiversx-sc-snippets Dependencies (6 total, 1 outdated)
Crate Required Latest Status tokio ^1.241.37.0up to date hex ^0.40.4.3up to date base64 ^0.21.50.22.1out of date log ^0.4.170.4.21up to date env_logger ^0.110.11.3up to date futures ^0.30.3.30up to date
Crate multiversx-sc-wasm-adapter No external dependencies! 🙌
Crate multiversx-sdk Dependencies (18 total, 3 outdated)
Crate Required Latest Status tokio ^1.241.37.0up to date reqwest ^0.11.40.12.4out of date serde ^1.0.1301.0.200up to date serde_json ^1.0.681.0.116up to date serde_repr ^0.1.80.1.19up to date anyhow ^1.0.441.0.82up to date rand ^0.8.50.8.5up to date bip39 ^2.0.02.0.0up to date sha2 ^0.10.80.10.8up to date sha3 ^0.10.80.10.8up to date hmac ^0.12.10.12.1up to date hex ^0.4.30.4.3up to date base64 ^0.21.50.22.1out of date pbkdf2 ^0.12.20.12.2up to date zeroize ^1.4.21.7.0up to date bech32 ^0.90.11.0out of date itertools ^0.12.00.12.1up to date pem ^3.0.23.0.4up to date
Crate multiversx-chain-scenario-format Dependencies (7 total, 1 outdated)
Crate mxpy-snippet-generator Dependencies (4 total, 1 outdated)
Crate multiversx-chain-vm Dependencies (13 total, 2 outdated, 1 possibly insecure)
Crate multiversx-sc-modules No external dependencies! 🙌
Crate multiversx-price-aggregator-sc Dependencies (3 total, all up-to-date)
Crate Required Latest Status arrayvec ^0.70.7.4up to date rand ^0.8.50.8.5up to date getrandom ^0.20.2.14up to date
Crate multiversx-price-aggregator-sc-meta No external dependencies! 🙌
Crate multiversx-wegld-swap-sc No external dependencies! 🙌
Crate multiversx-wegld-swap-sc-meta No external dependencies! 🙌
Crate benchmark-common No external dependencies! 🙌
Crate linked-list-repeat No external dependencies! 🙌
Crate linked-list-repeat-meta No external dependencies! 🙌
Crate map-repeat No external dependencies! 🙌
Crate map-repeat-meta No external dependencies! 🙌
Crate queue-repeat No external dependencies! 🙌
Crate queue-repeat-meta No external dependencies! 🙌
Crate set-repeat No external dependencies! 🙌
Crate set-repeat-meta No external dependencies! 🙌
Crate single-value-repeat No external dependencies! 🙌
Crate single-value-repeat-meta No external dependencies! 🙌
Crate vec-repeat No external dependencies! 🙌
Crate vec-repeat-meta No external dependencies! 🙌
Crate large-storage No external dependencies! 🙌
Crate large-storage-meta No external dependencies! 🙌
Crate str-repeat No external dependencies! 🙌
Crate str-repeat-meta No external dependencies! 🙌
Crate send-tx-repeat No external dependencies! 🙌
Crate send-tx-repeat-meta No external dependencies! 🙌
Crate adder No external dependencies! 🙌
Crate adder-meta No external dependencies! 🙌
Crate basic-interact Dependencies (3 total, all up-to-date)
Crate Required Latest Status clap ^4.4.74.5.4up to date serde ^1.01.0.200up to date toml ^0.8.60.8.12up to date
Crate esdt-transfer-with-fee No external dependencies! 🙌
Crate esdt-transfer-with-fee-meta No external dependencies! 🙌
Crate bonding-curve-contract No external dependencies! 🙌
Crate bonding-curve-contract-meta No external dependencies! 🙌
Crate crowdfunding-esdt Dev dependencies (3 total, all up-to-date)
Crate crowdfunding-esdt-meta No external dependencies! 🙌
Crate crypto-bubbles No external dependencies! 🙌
Crate crypto-bubbles-meta No external dependencies! 🙌
Crate crypto-zombies No external dependencies! 🙌
Crate crypto-zombies-meta No external dependencies! 🙌
Crate check-pause Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status num-bigint ^0.40.4.4up to date
Crate check-pause-meta No external dependencies! 🙌
Crate kitty-ownership No external dependencies! 🙌
Crate kitty-ownership-meta No external dependencies! 🙌
Crate kitty-genetic-alg No external dependencies! 🙌
Crate kitty-genetic-alg-meta No external dependencies! 🙌
Crate kitty-auction No external dependencies! 🙌
Crate kitty-auction-meta No external dependencies! 🙌
Crate digital-cash No external dependencies! 🙌
Crate digital-cash-meta No external dependencies! 🙌
Crate empty Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status num-bigint ^0.40.4.4up to date
Crate empty-meta No external dependencies! 🙌
Crate factorial No external dependencies! 🙌
Crate factorial-meta No external dependencies! 🙌
Crate fractional-nfts No external dependencies! 🙌
Crate fractional-nfts-meta No external dependencies! 🙌
Crate lottery-esdt No external dependencies! 🙌
Crate lottery-esdt-meta No external dependencies! 🙌
Crate multisig Dev dependencies (3 total, all up-to-date)
Crate multisig-meta No external dependencies! 🙌
Crate multisig-interact Dependencies (3 total, all up-to-date)
Crate Required Latest Status clap ^4.4.74.5.4up to date serde ^1.01.0.200up to date toml ^0.8.60.8.12up to date
Crate nft-minter No external dependencies! 🙌
Crate nft-minter-meta No external dependencies! 🙌
Crate nft-subscription No external dependencies! 🙌
Crate nft-subscription-meta No external dependencies! 🙌
Crate nft-storage-prepay No external dependencies! 🙌
Crate nft-storage-prepay-meta No external dependencies! 🙌
Crate order-book-factory No external dependencies! 🙌
Crate factory-meta No external dependencies! 🙌
Crate order-book-pair No external dependencies! 🙌
Crate pair-meta No external dependencies! 🙌
Crate proxy-pause No external dependencies! 🙌
Crate proxy-pause-meta No external dependencies! 🙌
Crate ping-pong-egld No external dependencies! 🙌
Crate ping-pong-egld-meta No external dependencies! 🙌
Crate rewards-distribution No external dependencies! 🙌
Crate rewards-distribution-meta No external dependencies! 🙌
Crate seed-nft-minter No external dependencies! 🙌
Crate seed-nft-minter-meta No external dependencies! 🙌
Crate token-release No external dependencies! 🙌
Crate token-release-meta No external dependencies! 🙌
Crate abi-tester No external dependencies! 🙌
Crate abi-tester-meta No external dependencies! 🙌
Crate alloc-features No external dependencies! 🙌
Crate alloc-features-meta No external dependencies! 🙌
Crate basic-features No external dependencies! 🙌
Crate basic-features-meta No external dependencies! 🙌
Crate basic-features-interact Dependencies (3 total, all up-to-date)
Crate Required Latest Status clap ^4.4.74.5.4up to date serde ^1.01.0.200up to date toml ^0.8.60.8.12up to date
Crate big-float-features No external dependencies! 🙌
Crate big-float-features-meta No external dependencies! 🙌
Crate composability-tests No external dependencies! 🙌
Crate interact Dependencies (3 total, all up-to-date)
Crate Required Latest Status clap ^4.4.74.5.4up to date serde ^1.01.0.200up to date toml ^0.8.60.8.12up to date
Crate builtin-func-features No external dependencies! 🙌
Crate builtin-func-features-meta No external dependencies! 🙌
Crate esdt-contract-pair No external dependencies! 🙌
Crate first-contract No external dependencies! 🙌
Crate first-contract-meta No external dependencies! 🙌
Crate second-contract No external dependencies! 🙌
Crate second-contract-meta No external dependencies! 🙌
Crate parent No external dependencies! 🙌
Crate parent-meta No external dependencies! 🙌
Crate child No external dependencies! 🙌
Crate child-meta No external dependencies! 🙌
Crate forwarder No external dependencies! 🙌
Crate forwarder-meta No external dependencies! 🙌
Crate forwarder-queue No external dependencies! 🙌
Crate forwarder-queue-meta No external dependencies! 🙌
Crate forwarder-raw No external dependencies! 🙌
Crate forwarder-raw-meta No external dependencies! 🙌
Crate local-esdt-and-nft No external dependencies! 🙌
Crate local-esdt-and-nft-meta No external dependencies! 🙌
Crate promises-features No external dependencies! 🙌
Crate promises-features-meta No external dependencies! 🙌
Crate proxy-test-first Dependencies (1 total, all up-to-date)
Crate Required Latest Status hex-literal ^0.4.10.4.1up to date
Crate proxy-test-first-meta No external dependencies! 🙌
Crate proxy-test-second No external dependencies! 🙌
Crate proxy-test-second-meta No external dependencies! 🙌
Crate recursive-caller No external dependencies! 🙌
Crate recursive-caller-meta No external dependencies! 🙌
Crate transfer-role-features No external dependencies! 🙌
Crate transfer-role-features-meta No external dependencies! 🙌
Crate vault No external dependencies! 🙌
Crate vault-meta No external dependencies! 🙌
Crate crowdfunding-erc20 No external dependencies! 🙌
Crate crowdfunding-erc20-meta No external dependencies! 🙌
Crate erc20 No external dependencies! 🙌
Crate erc20-meta No external dependencies! 🙌
Crate erc721 No external dependencies! 🙌
Crate erc721-meta No external dependencies! 🙌
Crate erc1155 No external dependencies! 🙌
Crate erc1155-meta No external dependencies! 🙌
Crate erc1155-marketplace No external dependencies! 🙌
Crate erc1155-marketplace-meta No external dependencies! 🙌
Crate erc1155-user-mock No external dependencies! 🙌
Crate erc1155-user-mock-meta No external dependencies! 🙌
Crate lottery-erc20 No external dependencies! 🙌
Crate lottery-erc20-meta No external dependencies! 🙌
Crate esdt-system-sc-mock No external dependencies! 🙌
Crate esdt-system-sc-mock-meta No external dependencies! 🙌
Crate formatted-message-features No external dependencies! 🙌
Crate formatted-message-features-meta No external dependencies! 🙌
Crate managed-map-features No external dependencies! 🙌
Crate managed-map-features-meta No external dependencies! 🙌
Crate multi-contract-features No external dependencies! 🙌
Crate multi-contract-features-meta No external dependencies! 🙌
Crate panic-message-features No external dependencies! 🙌
Crate panic-message-features-meta No external dependencies! 🙌
Crate payable-features No external dependencies! 🙌
Crate payable-features-meta No external dependencies! 🙌
Crate rust-snippets-generator-test No external dependencies! 🙌
Crate rust-snippets-generator-test-meta No external dependencies! 🙌
Crate rust-testing-framework-tester Dev dependencies (3 total, all up-to-date)
Crate rust-testing-framework-tester-meta No external dependencies! 🙌
Crate use-module No external dependencies! 🙌
Crate use-module-meta No external dependencies! 🙌
Crate exchange-features No external dependencies! 🙌
Crate exchange-features-meta No external dependencies! 🙌
Crate kitty No external dependencies! 🙌
Crate random No external dependencies! 🙌
Security Vulnerabilities ed25519-dalek: Double Public Key Signing Function Oracle Attack on `ed25519-dalek`RUSTSEC-2022-0093
Versions of ed25519-dalek prior to v2.0 model private and public keys as
separate types which can be assembled into a Keypair, and also provide APIs
for serializing and deserializing 64-byte private/public keypairs.
Such APIs and serializations are inherently unsafe as the public key is one of
the inputs used in the deterministic computation of the S part of the signature,
but not in the R value. An adversary could somehow use the signing function as
an oracle that allows arbitrary public keys as input can obtain two signatures
for the same message sharing the same R and only differ on the S part.
Unfortunately, when this happens, one can easily extract the private key.
Revised public APIs in v2.0 of ed25519-dalek do NOT allow a decoupled
private/public keypair as signing input, except as part of specially labeled
"hazmat" APIs which are clearly labeled as being dangerous if misused.
