# Fuel Network | Attackathon
## Reports by Severity
[Critical](#critical) | [High](#high) | [Medium](#medium) | [Low](#low) | [Insight](#insight)
Critical
* [Attackathon \_ Fuel Network 32965 - \[Blockchain\_DLT - Critical\] Messages to L included even on reverts allows theft from bridge](/fuel-network-or-attackathon/attackathon-_-fuel-network-32965-blockchain_dlt-critical-messages-to-l-included-even-on-reverts-allo.md)
* [Attackathon \_ Fuel Network 33351 - \[Smart Contract - Critical\] ABI supertraits methods are available externally](/fuel-network-or-attackathon/attackathon-_-fuel-network-33351-smart-contract-critical-abi-supertraits-methods-are-available-exter.md)
* [Attackathon \_ Fuel Network 33519 - \[Smart Contract - Critical\] Silent Stack overflow on variables between cross-contract calls](/fuel-network-or-attackathon/attackathon-_-fuel-network-33519-smart-contract-critical-silent-stack-overflow-on-variables-between.md)
High
* [Attackathon \_ Fuel Network 32269 - \[Smart Contract - High\] Incorrect fuel dce optimization register usage tracking](/fuel-network-or-attackathon/attackathon-_-fuel-network-32269-smart-contract-high-incorrect-fuel-dce-optimization-register-usage.md)
* [Attackathon \_ Fuel Network 32465 - \[Blockchain\_DLT - High\] Abuse of CCP instruction to do cheap memory clears](/fuel-network-or-attackathon/attackathon-_-fuel-network-32465-blockchain_dlt-high-abuse-of-ccp-instruction-to-do-cheap-memory-cle.md)
* [Attackathon \_ Fuel Network 32696 - \[Smart Contract - High\] incorrect setting of non\_negative value in ceil function in all IFP libs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32696-smart-contract-high-incorrect-setting-of-non_negative-value-in-ceil.md)
* [Attackathon \_ Fuel Network 32700 - \[Smart Contract - High\] double increasing underlying value in ceil function can lead to sendunsend more amounts tofrom users when its called](/fuel-network-or-attackathon/attackathon-_-fuel-network-32700-smart-contract-high-double-increasing-underlying-value-in-ceil-func.md)
* [Attackathon \_ Fuel Network 32706 - \[Smart Contract - High\] the function subtract in signed libs like Isw did not handle the case when selfvalue is smaller than othervalue value correctly](/fuel-network-or-attackathon/attackathon-_-fuel-network-32706-smart-contract-high-the-function-subtract-in-signed-libs-like-isw-d.md)
* [Attackathon \_ Fuel Network 32825 - \[Blockchain\_DLT - High\] Consensus between -bit and -bit system can fail for LDC opcode](/fuel-network-or-attackathon/attackathon-_-fuel-network-32825-blockchain_dlt-high-consensus-between-bit-and-bit-system-can-fail-f.md)
* [Attackathon \_ Fuel Network 32872 - \[Smart Contract - High\] Incorrect load\_store\_to\_memcopy optimization](/fuel-network-or-attackathon/attackathon-_-fuel-network-32872-smart-contract-high-incorrect-load_store_to_memcopy-optimization.md)
* [Attackathon \_ Fuel Network 33039 - \[Smart Contract - High\] The subtraction function is not correctly implemented for signed integers which can lead to incorrect values being calculated](/fuel-network-or-attackathon/attackathon-_-fuel-network-33039-smart-contract-high-the-subtraction-function-is-not-correctly-imple.md)
* [Attackathon \_ Fuel Network 33168 - \[Smart Contract - High\] Incorrect Sign Determination In Multiply Divide Operations within IFP Implementations](/fuel-network-or-attackathon/attackathon-_-fuel-network-33168-smart-contract-high-incorrect-sign-determination-in-multiply-divide.md)
* [Attackathon \_ Fuel Network 33175 - \[Smart Contract - High\] Sway-lib Subtract i Logic Vulnerability](/fuel-network-or-attackathon/attackathon-_-fuel-network-33175-smart-contract-high-sway-lib-subtract-i-logic-vulnerability.md)
* [Attackathon \_ Fuel Network 33195 - \[Smart Contract - High\] Incorrect Calculations in Subtraction Functions for Signed Integers](/fuel-network-or-attackathon/attackathon-_-fuel-network-33195-smart-contract-high-incorrect-calculations-in-subtraction-functions.md)
* [Attackathon \_ Fuel Network 33227 - \[Smart Contract - High\] Lack of overflow protection in the pow functions for unsigned integers can lead to a loss of coins when calculating coin amounts](/fuel-network-or-attackathon/attackathon-_-fuel-network-33227-smart-contract-high-lack-of-overflow-protection-in-the-pow-function.md)
* [Attackathon \_ Fuel Network 33242 - \[Smart Contract - High\] Incorrect Implementation of IFP Multiply and Divide Functions](/fuel-network-or-attackathon/attackathon-_-fuel-network-33242-smart-contract-high-incorrect-implementation-of-ifp-multiply-and-di.md)
* [Attackathon \_ Fuel Network 33248 - \[Smart Contract - High\] Incorrect Implementation of IFP Floor and Ceil Functions](/fuel-network-or-attackathon/attackathon-_-fuel-network-33248-smart-contract-high-incorrect-implementation-of-ifp-floor-and-ceil.md)
* [Attackathon \_ Fuel Network 33267 - \[Smart Contract - High\] Bug in Multiply and Divide function](/fuel-network-or-attackathon/attackathon-_-fuel-network-33267-smart-contract-high-bug-in-multiply-and-divide-function.md)
* [Attackathon \_ Fuel Network 33331 - \[Smart Contract - High\] Overflow in Types Less Than u](/fuel-network-or-attackathon/attackathon-_-fuel-network-33331-smart-contract-high-overflow-in-types-less-than-u.md)
Medium
* [Attackathon \_ Fuel Network 32271 - \[Blockchain\_DLT - Medium\] Incorrect state range access helper](/fuel-network-or-attackathon/attackathon-_-fuel-network-32271-blockchain_dlt-medium-incorrect-state-range-access-helper.md)
* [Attackathon \_ Fuel Network 32275 - \[Smart Contract - Medium\] Various Sway Libs Bugs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32275-smart-contract-medium-various-sway-libs-bugs.md)
* [Attackathon \_ Fuel Network 32486 - \[Blockchain\_DLT - Medium\] Public RPC node craches via GraphQL API](/fuel-network-or-attackathon/attackathon-_-fuel-network-32486-blockchain_dlt-medium-public-rpc-node-craches-via-graphql-api.md)
* [Attackathon \_ Fuel Network 32628 - \[Blockchain\_DLT - Medium\] A GraphQL query crashes core process](/fuel-network-or-attackathon/attackathon-_-fuel-network-32628-blockchain_dlt-medium-a-graphql-query-crashes-core-process.md)
* [Attackathon \_ Fuel Network 32768 - \[Blockchain\_DLT - Medium\] WDCM and WQCM doesnt respect the fuel-specs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32768-blockchain_dlt-medium-wdcm-and-wqcm-doesnt-respect-the-fuel-specs.md)
* [Attackathon \_ Fuel Network 32884 - \[Smart Contract - Medium\] Compilerstd-lib storage collison between variables and StorageMap allows hidden backdoors likely loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32884-smart-contract-medium-compilerstd-lib-storage-collison-between-vari.md)
* [Attackathon \_ Fuel Network 32886 - \[Smart Contract - Medium\] Incorrect function purity check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32886-smart-contract-medium-incorrect-function-purity-check.md)
* [Attackathon \_ Fuel Network 32973 - \[Smart Contract - Medium\] Impl block dependency overwriting](/fuel-network-or-attackathon/attackathon-_-fuel-network-32973-smart-contract-medium-impl-block-dependency-overwriting.md)
* [Attackathon \_ Fuel Network 33170 - \[Smart Contract - Medium\] UFP Exp In Sway-lib Logic Vulnerability](/fuel-network-or-attackathon/attackathon-_-fuel-network-33170-smart-contract-medium-ufp-exp-in-sway-lib-logic-vulnerability.md)
* [Attackathon \_ Fuel Network 33186 - \[Smart Contract - Medium\] \_compute\_bytecode\_root goes to an infinite loop when bytecode is empty](/fuel-network-or-attackathon/attackathon-_-fuel-network-33186-smart-contract-medium-_compute_bytecode_root-goes-to-an-infinite-lo.md)
* [Attackathon \_ Fuel Network 33193 - \[Blockchain\_DLT - Medium\] Fuel SDKs ABI Decoder Behaves Differently Based On Architecture Of The Machine](/fuel-network-or-attackathon/attackathon-_-fuel-network-33193-blockchain_dlt-medium-fuel-sdks-abi-decoder-behaves-differently-bas.md)
* [Attackathon \_ Fuel Network 33233 - \[Smart Contract - Medium\] Incorrect Implementation of Unsigned -bit Fixed Point Fractional Function](/fuel-network-or-attackathon/attackathon-_-fuel-network-33233-smart-contract-medium-incorrect-implementation-of-unsigned-bit-fixe.md)
* [Attackathon \_ Fuel Network 33302 - \[Smart Contract - Medium\] Exp function does not work correctly](/fuel-network-or-attackathon/attackathon-_-fuel-network-33302-smart-contract-medium-exp-function-does-not-work-correctly.md)
* [Attackathon \_ Fuel Network 33303 - \[Smart Contract - Medium\] Incorrect sign change](/fuel-network-or-attackathon/attackathon-_-fuel-network-33303-smart-contract-medium-incorrect-sign-change.md)
* [Attackathon \_ Fuel Network 33360 - \[Blockchain\_DLT - Medium\] The typescript SDK has no awareness of to-be-spent transactions causing some transactions to fail or silently get pruned as they are funded with already used UTXOs](/fuel-network-or-attackathon/attackathon-_-fuel-network-33360-blockchain_dlt-medium-the-typescript-sdk-has-no-awareness-of-to-be.md)
* [Attackathon \_ Fuel Network 33451 - \[Smart Contract - Medium\] Incorrect code size estimation can bypass protocol security checks leading to loss of user funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-33451-smart-contract-medium-incorrect-code-size-estimation-can-bypass-pro.md)
* [Attackathon \_ Fuel Network 33488 - \[Smart Contract - Medium\] Insecure implementation of StorageMap could lead to unintended storage overwrite](/fuel-network-or-attackathon/attackathon-_-fuel-network-33488-smart-contract-medium-insecure-implementation-of-storagemap-could-l.md)
Low
* [Attackathon \_ Fuel Network 32270 - \[Smart Contract - Low\] Inappropriate fuel dce on side affects](/fuel-network-or-attackathon/attackathon-_-fuel-network-32270-smart-contract-low-inappropriate-fuel-dce-on-side-affects.md)
* [Attackathon \_ Fuel Network 32302 - \[Smart Contract - Low\] Src ContractConfigurables hash collision](/fuel-network-or-attackathon/attackathon-_-fuel-network-32302-smart-contract-low-src-contractconfigurables-hash-collision.md)
* [Attackathon \_ Fuel Network 32327 - \[Websites and Applications - Low\] REVISED Malicious Downtime via missing Input Validation on Fuel Wallet Browser Extension Backend GraphQL server](/fuel-network-or-attackathon/attackathon-_-fuel-network-32327-websites-and-applications-low-revised-malicious-downtime-via-missin.md)
* [Attackathon \_ Fuel Network 32388 - \[Smart Contract - Low\] Buffer overflow in EncodeBufferAppend intrinsic](/fuel-network-or-attackathon/attackathon-_-fuel-network-32388-smart-contract-low-buffer-overflow-in-encodebufferappend-intrinsic.md)
* [Attackathon \_ Fuel Network 32390 - \[Smart Contract - Low\] Unchecked Virtual Immediate Construction Overflows Value Range](/fuel-network-or-attackathon/attackathon-_-fuel-network-32390-smart-contract-low-unchecked-virtual-immediate-construction-overflo.md)
* [Attackathon \_ Fuel Network 32438 - \[Smart Contract - Low\] Unhandled Bailout During AbstractInstructionSet Constant Folding Pass](/fuel-network-or-attackathon/attackathon-_-fuel-network-32438-smart-contract-low-unhandled-bailout-during-abstractinstructionset.md)
* [Attackathon \_ Fuel Network 32439 - \[Smart Contract - Low\] Missing Alignment Check During AbstractInstructionSet Constant Folding Pass](/fuel-network-or-attackathon/attackathon-_-fuel-network-32439-smart-contract-low-missing-alignment-check-during-abstractinstructi.md)
* [Attackathon \_ Fuel Network 32453 - \[Smart Contract - Low\] Unhandled Side Effect During AbstractInstructionSet Constant Folding](/fuel-network-or-attackathon/attackathon-_-fuel-network-32453-smart-contract-low-unhandled-side-effect-during-abstractinstruction.md)
* [Attackathon \_ Fuel Network 32459 - \[Websites and Applications - Low\] URGENT WEB funds drained using URL path based manipulation and injection an attacker can spoof domains on any important web dapp API call as legitimate domains](/fuel-network-or-attackathon/attackathon-_-fuel-network-32459-websites-and-applications-low-urgent-web-funds-drained-using-url-pa.md)
* [Attackathon \_ Fuel Network 32491 - \[Smart Contract - Low\] Incorrect PushA PopA Mask Calculation](/fuel-network-or-attackathon/attackathon-_-fuel-network-32491-smart-contract-low-incorrect-pusha-popa-mask-calculation.md)
* [Attackathon \_ Fuel Network 32537 - \[Smart Contract - Low\] Different data types can be used when initializing an array which can lead to incorrect values in variables in smart contracts and the Rust SDK](/fuel-network-or-attackathon/attackathon-_-fuel-network-32537-smart-contract-low-different-data-types-can-be-used-when-initializi.md)
* [Attackathon \_ Fuel Network 32548 - \[Smart Contract - Low\] Uncaught Integer Overflow During AbstractInstructionSet Constant Folding](/fuel-network-or-attackathon/attackathon-_-fuel-network-32548-smart-contract-low-uncaught-integer-overflow-during-abstractinstruc.md)
* [Attackathon \_ Fuel Network 32612 - \[Smart Contract - Low\] Lack of slot hashing at adminsw can cause storage collision](/fuel-network-or-attackathon/attackathon-_-fuel-network-32612-smart-contract-low-lack-of-slot-hashing-at-adminsw-can-cause-storag.md)
* [Attackathon \_ Fuel Network 32673 - \[Smart Contract - Low\] Missing array length check for non constant evaluable index](/fuel-network-or-attackathon/attackathon-_-fuel-network-32673-smart-contract-low-missing-array-length-check-for-non-constant-eval.md)
* [Attackathon \_ Fuel Network 32703 - \[Smart Contract - Low\] Unexpected variable shadowing during ir generation](/fuel-network-or-attackathon/attackathon-_-fuel-network-32703-smart-contract-low-unexpected-variable-shadowing-during-ir-generati.md)
* [Attackathon \_ Fuel Network 32728 - \[Smart Contract - Low\] Incorrect literal type inference](/fuel-network-or-attackathon/attackathon-_-fuel-network-32728-smart-contract-low-incorrect-literal-type-inference.md)
* [Attackathon \_ Fuel Network 32730 - \[Smart Contract - Low\] The Sway compiler currently disallows read access to storage when the call is made within the fallback function](/fuel-network-or-attackathon/attackathon-_-fuel-network-32730-smart-contract-low-the-sway-compiler-currently-disallows-read-acces.md)
* [Attackathon \_ Fuel Network 32786 - \[Smart Contract - Low\] incorrect set of i bits to which it should be bits](/fuel-network-or-attackathon/attackathon-_-fuel-network-32786-smart-contract-low-incorrect-set-of-i-bits-to-which-it-should-be-bi.md)
* [Attackathon \_ Fuel Network 32812 - \[Smart Contract - Low\] Sway-libSRC- Buffer overflow in swap\_configurables allows for verifying arbitrary codeconfig loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32812-smart-contract-low-sway-libsrc-buffer-overflow-in-swap_configurable.md)
* [Attackathon \_ Fuel Network 32849 - \[Smart Contract - Low\] Insufficient array construction element type check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32849-smart-contract-low-insufficient-array-construction-element-type-che.md)
* [Attackathon \_ Fuel Network 32854 - \[Smart Contract - Low\] Sway-libstd-libcompiler Storage collision between admin lib storage map variables leads to admin takeover loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32854-smart-contract-low-sway-libstd-libcompiler-storage-collision-betwee.md)
* [Attackathon \_ Fuel Network 32859 - \[Smart Contract - Low\] Incorrect argument pointer creation](/fuel-network-or-attackathon/attackathon-_-fuel-network-32859-smart-contract-low-incorrect-argument-pointer-creation.md)
* [Attackathon \_ Fuel Network 32979 - \[Smart Contract - Low\] operations with StorageVec incorrectly revert due to the type size](/fuel-network-or-attackathon/attackathon-_-fuel-network-32979-smart-contract-low-operations-with-storagevec-incorrectly-revert-du.md)
* [Attackathon \_ Fuel Network 33045 - \[Smart Contract - Low\] Compiler Dead Code Elimination inconsistently removes arithmetic checks leading to missing assertions likely loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-33045-smart-contract-low-compiler-dead-code-elimination-inconsistently-re.md)
* [Attackathon \_ Fuel Network 33239 - \[Smart Contract - Low\] Incorrect Implementation of IFP Min Functions](/fuel-network-or-attackathon/attackathon-_-fuel-network-33239-smart-contract-low-incorrect-implementation-of-ifp-min-functions.md)
* [Attackathon \_ Fuel Network 33295 - \[Smart Contract - Low\] Bug in array decoding can lead to critical security vulnerabilities in protocols built on Fuel](/fuel-network-or-attackathon/attackathon-_-fuel-network-33295-smart-contract-low-bug-in-array-decoding-can-lead-to-critical-secur.md)
* [Attackathon \_ Fuel Network 33346 - \[Blockchain\_DLT - Low\] Incorrect error handling when executing block can cause network shutdown by hanging the poa service of network nodes halting block production](/fuel-network-or-attackathon/attackathon-_-fuel-network-33346-blockchain_dlt-low-incorrect-error-handling-when-executing-block-ca.md)
* [Attackathon \_ Fuel Network 33433 - \[Smart Contract - Low\] Self-append in Bytes data structure causes memory corruption leading to potential DOS attacks](/fuel-network-or-attackathon/attackathon-_-fuel-network-33433-smart-contract-low-self-append-in-bytes-data-structure-causes-memor.md)
Insight
* [Attackathon \_ Fuel Network 32276 - \[Smart Contract - Insight\] wrong implementation in gt and lt functions in IFP libs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32276-smart-contract-insight-wrong-implementation-in-gt-and-lt-functions.md)
* [Attackathon \_ Fuel Network 32291 - \[Blockchain\_DLT - Insight\] Profiling is incorrect for dependent gas costs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32291-blockchain_dlt-insight-profiling-is-incorrect-for-dependent-gas-cos.md)
* [Attackathon \_ Fuel Network 32314 - \[Smart Contract - Insight\] Missing \_disableInitializers in FuelERCGatewayV contract](/fuel-network-or-attackathon/attackathon-_-fuel-network-32314-smart-contract-insight-missing-_disableinitializers-in-fuelercgatew.md)
* [Attackathon \_ Fuel Network 32378 - \[Smart Contract - Insight\] Missing Zero-Check for Recipient Address in withdraw Function](/fuel-network-or-attackathon/attackathon-_-fuel-network-32378-smart-contract-insight-missing-zero-check-for-recipient-address-in.md)
* [Attackathon \_ Fuel Network 32412 - \[Smart Contract - Insight\] the IFP divide functions does not have check to](/fuel-network-or-attackathon/attackathon-_-fuel-network-32412-smart-contract-insight-the-ifp-divide-functions-does-not-have-check.md)
* [Attackathon \_ Fuel Network 32536 - \[Smart Contract - Insight\] The control flow graph is incorrectly constructed for the return path analysis which leads to an incorrect return path analysis](/fuel-network-or-attackathon/attackathon-_-fuel-network-32536-smart-contract-insight-the-control-flow-graph-is-incorrectly-constr.md)
* [Attackathon \_ Fuel Network 32695 - \[Blockchain\_DLT - Insight\] increasing processing for public nodes with rpc](/fuel-network-or-attackathon/attackathon-_-fuel-network-32695-blockchain_dlt-insight-increasing-processing-for-public-nodes-with.md)
* [Attackathon \_ Fuel Network 32835 - \[Smart Contract - Insight\] sway compiler doesnt prevent function selector collisions](/fuel-network-or-attackathon/attackathon-_-fuel-network-32835-smart-contract-insight-sway-compiler-doesnt-prevent-function-select.md)
* [Attackathon \_ Fuel Network 32860 - \[Blockchain\_DLT - Insight\] Resource Abuse CCP instruction is loading the contract into memory before charging GAS](/fuel-network-or-attackathon/attackathon-_-fuel-network-32860-blockchain_dlt-insight-resource-abuse-ccp-instruction-is-loading-th.md)
* [Attackathon \_ Fuel Network 32924 - \[Smart Contract - Insight\] sways legacy storage namespacing is broken and leads to collisions](/fuel-network-or-attackathon/attackathon-_-fuel-network-32924-smart-contract-insight-sways-legacy-storage-namespacing-is-broken-a.md)
* [Attackathon \_ Fuel Network 32935 - \[Smart Contract - Insight\] Insufficient trait duplication check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32935-smart-contract-insight-insufficient-trait-duplication-check.md)
* [Attackathon \_ Fuel Network 32937 - \[Smart Contract - Insight\] Fallback function can be directly called with arguments as a named function](/fuel-network-or-attackathon/attackathon-_-fuel-network-32937-smart-contract-insight-fallback-function-can-be-directly-called-wit.md)
* [Attackathon \_ Fuel Network 32938 - \[Smart Contract - Insight\] Insufficient declaration shadowing check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32938-smart-contract-insight-insufficient-declaration-shadowing-check.md)
* [Attackathon \_ Fuel Network 32978 - \[Blockchain\_DLT - Insight\] isolating the node from the networkcausing OOM by resource exhaust](/fuel-network-or-attackathon/attackathon-_-fuel-network-32978-blockchain_dlt-insight-isolating-the-node-from-the-networkcausing-o.md)
* [Attackathon \_ Fuel Network 32987 - \[Blockchain\_DLT - Insight\] Sending a message with ETH and data to the FuelMessagePortal does not increase the balance on the L and users can not move the funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32987-blockchain_dlt-insight-sending-a-message-with-eth-and-data-to-the-f.md)
* [Attackathon \_ Fuel Network 33101 - \[Smart Contract - Insight\] Associated functions that were implemented for tuples or arrays cannot be called](/fuel-network-or-attackathon/attackathon-_-fuel-network-33101-smart-contract-insight-associated-functions-that-were-implemented-f.md)
* [Attackathon \_ Fuel Network 33139 - \[Smart Contract - Insight\] Unreachable panic in sway compiler when parsing malicious cfg in contract](/fuel-network-or-attackathon/attackathon-_-fuel-network-33139-smart-contract-insight-unreachable-panic-in-sway-compiler-when-pars.md)
* [Attackathon \_ Fuel Network 33140 - \[Smart Contract - Insight\] Sway compiler crash when compile malicious contract with error const](/fuel-network-or-attackathon/attackathon-_-fuel-network-33140-smart-contract-insight-sway-compiler-crash-when-compile-malicious-c.md)
* [Attackathon \_ Fuel Network 33171 - \[Smart Contract - Insight\] panic on unwrapping in decl\_to\_type\_info](/fuel-network-or-attackathon/attackathon-_-fuel-network-33171-smart-contract-insight-panic-on-unwrapping-in-decl_to_type_info.md)
* [Attackathon \_ Fuel Network 33172 - \[Smart Contract - Insight\] OOB in type\_check\_analyze of ImplTrait](/fuel-network-or-attackathon/attackathon-_-fuel-network-33172-smart-contract-insight-oob-in-type_check_analyze-of-impltrait.md)
* [Attackathon \_ Fuel Network 33181 - \[Smart Contract - Insight\] users messages might encode incorrect data when they call deposit function on L erc bridge before the assetIssuerID is set](/fuel-network-or-attackathon/attackathon-_-fuel-network-33181-smart-contract-insight-users-messages-might-encode-incorrect-data-w.md)
* [Attackathon \_ Fuel Network 33191 - \[Smart Contract - Insight\] Sway Formatting Behaves Differently Based On Architecture Of The Machine](/fuel-network-or-attackathon/attackathon-_-fuel-network-33191-smart-contract-insight-sway-formatting-behaves-differently-based-on.md)
* [Attackathon \_ Fuel Network 33203 - \[Smart Contract - Insight\] function inlining doesnt consider asm blocks instr count which leads to bloating contract size](/fuel-network-or-attackathon/attackathon-_-fuel-network-33203-smart-contract-insight-function-inlining-doesnt-consider-asm-blocks.md)
* [Attackathon \_ Fuel Network 33207 - \[Smart Contract - Insight\] users created message when withdrawing from L-L is not possible to execute on L if the assetIssuerID got changed](/fuel-network-or-attackathon/attackathon-_-fuel-network-33207-smart-contract-insight-users-created-message-when-withdrawing-from.md)
* [Attackathon \_ Fuel Network 33240 - \[Smart Contract - Insight\] Incorrect Bitness in IFP Types](/fuel-network-or-attackathon/attackathon-_-fuel-network-33240-smart-contract-insight-incorrect-bitness-in-ifp-types.md)
* [Attackathon \_ Fuel Network 33286 - \[Smart Contract - Insight\] panic on unwrapping in type\_check\_trait\_implementation](/fuel-network-or-attackathon/attackathon-_-fuel-network-33286-smart-contract-insight-panic-on-unwrapping-in-type_check_trait_impl.md)
* [Attackathon \_ Fuel Network 33401 - \[Smart Contract - Insight\] insight compiler crash - trait dummy method was not properly replaced](/fuel-network-or-attackathon/attackathon-_-fuel-network-33401-smart-contract-insight-insight-compiler-crash-trait-dummy-method-wa.md)
* [Attackathon \_ Fuel Network 33407 - \[Smart Contract - Insight\] Missing Zero-Check for to Address in withdraw Function](/fuel-network-or-attackathon/attackathon-_-fuel-network-33407-smart-contract-insight-missing-zero-check-for-to-address-in-withdra.md)
* [Attackathon \_ Fuel Network 33444 - \[Smart Contract - Insight\] Sway compiler crash for access out-of-bound memory in intrinsic function arguments check during semantic analysis](/fuel-network-or-attackathon/attackathon-_-fuel-network-33444-smart-contract-insight-sway-compiler-crash-for-access-out-of-bound.md)
* [Attackathon \_ Fuel Network 33450 - \[Blockchain\_DLT - Insight\] fuel\_gas\_price\_algorithm AlgorithmV may panic](/fuel-network-or-attackathon/attackathon-_-fuel-network-33450-blockchain_dlt-insight-fuel_gas_price_algorithm-algorithmv-may-pani.md)
* [Attackathon \_ Fuel Network 33487 - \[Smart Contract - Insight\] Flags Do Not Affect Types Less Than u](/fuel-network-or-attackathon/attackathon-_-fuel-network-33487-smart-contract-insight-flags-do-not-affect-types-less-than-u.md)
## Reports by Type
[Smart Contract](#smart-contract) | [Blockchain/DLT](#blockchain-dlt) | [Websites and Applications](#websites-and-applications)
Smart Contract
* [Attackathon \_ Fuel Network 32269 - \[Smart Contract - High\] Incorrect fuel dce optimization register usage tracking](/fuel-network-or-attackathon/attackathon-_-fuel-network-32269-smart-contract-high-incorrect-fuel-dce-optimization-register-usage.md)
* [Attackathon \_ Fuel Network 32270 - \[Smart Contract - Low\] Inappropriate fuel dce on side affects](/fuel-network-or-attackathon/attackathon-_-fuel-network-32270-smart-contract-low-inappropriate-fuel-dce-on-side-affects.md)
* [Attackathon \_ Fuel Network 32275 - \[Smart Contract - Medium\] Various Sway Libs Bugs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32275-smart-contract-medium-various-sway-libs-bugs.md)
* [Attackathon \_ Fuel Network 32276 - \[Smart Contract - Insight\] wrong implementation in gt and lt functions in IFP libs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32276-smart-contract-insight-wrong-implementation-in-gt-and-lt-functions.md)
* [Attackathon \_ Fuel Network 32302 - \[Smart Contract - Low\] Src ContractConfigurables hash collision](/fuel-network-or-attackathon/attackathon-_-fuel-network-32302-smart-contract-low-src-contractconfigurables-hash-collision.md)
* [Attackathon \_ Fuel Network 32314 - \[Smart Contract - Insight\] Missing \_disableInitializers in FuelERCGatewayV contract](/fuel-network-or-attackathon/attackathon-_-fuel-network-32314-smart-contract-insight-missing-_disableinitializers-in-fuelercgatew.md)
* [Attackathon \_ Fuel Network 32378 - \[Smart Contract - Insight\] Missing Zero-Check for Recipient Address in withdraw Function](/fuel-network-or-attackathon/attackathon-_-fuel-network-32378-smart-contract-insight-missing-zero-check-for-recipient-address-in.md)
* [Attackathon \_ Fuel Network 32388 - \[Smart Contract - Low\] Buffer overflow in EncodeBufferAppend intrinsic](/fuel-network-or-attackathon/attackathon-_-fuel-network-32388-smart-contract-low-buffer-overflow-in-encodebufferappend-intrinsic.md)
* [Attackathon \_ Fuel Network 32390 - \[Smart Contract - Low\] Unchecked Virtual Immediate Construction Overflows Value Range](/fuel-network-or-attackathon/attackathon-_-fuel-network-32390-smart-contract-low-unchecked-virtual-immediate-construction-overflo.md)
* [Attackathon \_ Fuel Network 32412 - \[Smart Contract - Insight\] the IFP divide functions does not have check to](/fuel-network-or-attackathon/attackathon-_-fuel-network-32412-smart-contract-insight-the-ifp-divide-functions-does-not-have-check.md)
* [Attackathon \_ Fuel Network 32438 - \[Smart Contract - Low\] Unhandled Bailout During AbstractInstructionSet Constant Folding Pass](/fuel-network-or-attackathon/attackathon-_-fuel-network-32438-smart-contract-low-unhandled-bailout-during-abstractinstructionset.md)
* [Attackathon \_ Fuel Network 32439 - \[Smart Contract - Low\] Missing Alignment Check During AbstractInstructionSet Constant Folding Pass](/fuel-network-or-attackathon/attackathon-_-fuel-network-32439-smart-contract-low-missing-alignment-check-during-abstractinstructi.md)
* [Attackathon \_ Fuel Network 32453 - \[Smart Contract - Low\] Unhandled Side Effect During AbstractInstructionSet Constant Folding](/fuel-network-or-attackathon/attackathon-_-fuel-network-32453-smart-contract-low-unhandled-side-effect-during-abstractinstruction.md)
* [Attackathon \_ Fuel Network 32491 - \[Smart Contract - Low\] Incorrect PushA PopA Mask Calculation](/fuel-network-or-attackathon/attackathon-_-fuel-network-32491-smart-contract-low-incorrect-pusha-popa-mask-calculation.md)
* [Attackathon \_ Fuel Network 32536 - \[Smart Contract - Insight\] The control flow graph is incorrectly constructed for the return path analysis which leads to an incorrect return path analysis](/fuel-network-or-attackathon/attackathon-_-fuel-network-32536-smart-contract-insight-the-control-flow-graph-is-incorrectly-constr.md)
* [Attackathon \_ Fuel Network 32537 - \[Smart Contract - Low\] Different data types can be used when initializing an array which can lead to incorrect values in variables in smart contracts and the Rust SDK](/fuel-network-or-attackathon/attackathon-_-fuel-network-32537-smart-contract-low-different-data-types-can-be-used-when-initializi.md)
* [Attackathon \_ Fuel Network 32548 - \[Smart Contract - Low\] Uncaught Integer Overflow During AbstractInstructionSet Constant Folding](/fuel-network-or-attackathon/attackathon-_-fuel-network-32548-smart-contract-low-uncaught-integer-overflow-during-abstractinstruc.md)
* [Attackathon \_ Fuel Network 32612 - \[Smart Contract - Low\] Lack of slot hashing at adminsw can cause storage collision](/fuel-network-or-attackathon/attackathon-_-fuel-network-32612-smart-contract-low-lack-of-slot-hashing-at-adminsw-can-cause-storag.md)
* [Attackathon \_ Fuel Network 32673 - \[Smart Contract - Low\] Missing array length check for non constant evaluable index](/fuel-network-or-attackathon/attackathon-_-fuel-network-32673-smart-contract-low-missing-array-length-check-for-non-constant-eval.md)
* [Attackathon \_ Fuel Network 32696 - \[Smart Contract - High\] incorrect setting of non\_negative value in ceil function in all IFP libs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32696-smart-contract-high-incorrect-setting-of-non_negative-value-in-ceil.md)
* [Attackathon \_ Fuel Network 32700 - \[Smart Contract - High\] double increasing underlying value in ceil function can lead to sendunsend more amounts tofrom users when its called](/fuel-network-or-attackathon/attackathon-_-fuel-network-32700-smart-contract-high-double-increasing-underlying-value-in-ceil-func.md)
* [Attackathon \_ Fuel Network 32703 - \[Smart Contract - Low\] Unexpected variable shadowing during ir generation](/fuel-network-or-attackathon/attackathon-_-fuel-network-32703-smart-contract-low-unexpected-variable-shadowing-during-ir-generati.md)
* [Attackathon \_ Fuel Network 32706 - \[Smart Contract - High\] the function subtract in signed libs like Isw did not handle the case when selfvalue is smaller than othervalue value correctly](/fuel-network-or-attackathon/attackathon-_-fuel-network-32706-smart-contract-high-the-function-subtract-in-signed-libs-like-isw-d.md)
* [Attackathon \_ Fuel Network 32728 - \[Smart Contract - Low\] Incorrect literal type inference](/fuel-network-or-attackathon/attackathon-_-fuel-network-32728-smart-contract-low-incorrect-literal-type-inference.md)
* [Attackathon \_ Fuel Network 32730 - \[Smart Contract - Low\] The Sway compiler currently disallows read access to storage when the call is made within the fallback function](/fuel-network-or-attackathon/attackathon-_-fuel-network-32730-smart-contract-low-the-sway-compiler-currently-disallows-read-acces.md)
* [Attackathon \_ Fuel Network 32786 - \[Smart Contract - Low\] incorrect set of i bits to which it should be bits](/fuel-network-or-attackathon/attackathon-_-fuel-network-32786-smart-contract-low-incorrect-set-of-i-bits-to-which-it-should-be-bi.md)
* [Attackathon \_ Fuel Network 32812 - \[Smart Contract - Low\] Sway-libSRC- Buffer overflow in swap\_configurables allows for verifying arbitrary codeconfig loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32812-smart-contract-low-sway-libsrc-buffer-overflow-in-swap_configurable.md)
* [Attackathon \_ Fuel Network 32835 - \[Smart Contract - Insight\] sway compiler doesnt prevent function selector collisions](/fuel-network-or-attackathon/attackathon-_-fuel-network-32835-smart-contract-insight-sway-compiler-doesnt-prevent-function-select.md)
* [Attackathon \_ Fuel Network 32849 - \[Smart Contract - Low\] Insufficient array construction element type check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32849-smart-contract-low-insufficient-array-construction-element-type-che.md)
* [Attackathon \_ Fuel Network 32854 - \[Smart Contract - Low\] Sway-libstd-libcompiler Storage collision between admin lib storage map variables leads to admin takeover loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32854-smart-contract-low-sway-libstd-libcompiler-storage-collision-betwee.md)
* [Attackathon \_ Fuel Network 32859 - \[Smart Contract - Low\] Incorrect argument pointer creation](/fuel-network-or-attackathon/attackathon-_-fuel-network-32859-smart-contract-low-incorrect-argument-pointer-creation.md)
* [Attackathon \_ Fuel Network 32872 - \[Smart Contract - High\] Incorrect load\_store\_to\_memcopy optimization](/fuel-network-or-attackathon/attackathon-_-fuel-network-32872-smart-contract-high-incorrect-load_store_to_memcopy-optimization.md)
* [Attackathon \_ Fuel Network 32884 - \[Smart Contract - Medium\] Compilerstd-lib storage collison between variables and StorageMap allows hidden backdoors likely loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32884-smart-contract-medium-compilerstd-lib-storage-collison-between-vari.md)
* [Attackathon \_ Fuel Network 32886 - \[Smart Contract - Medium\] Incorrect function purity check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32886-smart-contract-medium-incorrect-function-purity-check.md)
* [Attackathon \_ Fuel Network 32924 - \[Smart Contract - Insight\] sways legacy storage namespacing is broken and leads to collisions](/fuel-network-or-attackathon/attackathon-_-fuel-network-32924-smart-contract-insight-sways-legacy-storage-namespacing-is-broken-a.md)
* [Attackathon \_ Fuel Network 32935 - \[Smart Contract - Insight\] Insufficient trait duplication check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32935-smart-contract-insight-insufficient-trait-duplication-check.md)
* [Attackathon \_ Fuel Network 32937 - \[Smart Contract - Insight\] Fallback function can be directly called with arguments as a named function](/fuel-network-or-attackathon/attackathon-_-fuel-network-32937-smart-contract-insight-fallback-function-can-be-directly-called-wit.md)
* [Attackathon \_ Fuel Network 32938 - \[Smart Contract - Insight\] Insufficient declaration shadowing check](/fuel-network-or-attackathon/attackathon-_-fuel-network-32938-smart-contract-insight-insufficient-declaration-shadowing-check.md)
* [Attackathon \_ Fuel Network 32973 - \[Smart Contract - Medium\] Impl block dependency overwriting](/fuel-network-or-attackathon/attackathon-_-fuel-network-32973-smart-contract-medium-impl-block-dependency-overwriting.md)
* [Attackathon \_ Fuel Network 32979 - \[Smart Contract - Low\] operations with StorageVec incorrectly revert due to the type size](/fuel-network-or-attackathon/attackathon-_-fuel-network-32979-smart-contract-low-operations-with-storagevec-incorrectly-revert-du.md)
* [Attackathon \_ Fuel Network 33039 - \[Smart Contract - High\] The subtraction function is not correctly implemented for signed integers which can lead to incorrect values being calculated](/fuel-network-or-attackathon/attackathon-_-fuel-network-33039-smart-contract-high-the-subtraction-function-is-not-correctly-imple.md)
* [Attackathon \_ Fuel Network 33045 - \[Smart Contract - Low\] Compiler Dead Code Elimination inconsistently removes arithmetic checks leading to missing assertions likely loss of funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-33045-smart-contract-low-compiler-dead-code-elimination-inconsistently-re.md)
* [Attackathon \_ Fuel Network 33101 - \[Smart Contract - Insight\] Associated functions that were implemented for tuples or arrays cannot be called](/fuel-network-or-attackathon/attackathon-_-fuel-network-33101-smart-contract-insight-associated-functions-that-were-implemented-f.md)
* [Attackathon \_ Fuel Network 33139 - \[Smart Contract - Insight\] Unreachable panic in sway compiler when parsing malicious cfg in contract](/fuel-network-or-attackathon/attackathon-_-fuel-network-33139-smart-contract-insight-unreachable-panic-in-sway-compiler-when-pars.md)
* [Attackathon \_ Fuel Network 33140 - \[Smart Contract - Insight\] Sway compiler crash when compile malicious contract with error const](/fuel-network-or-attackathon/attackathon-_-fuel-network-33140-smart-contract-insight-sway-compiler-crash-when-compile-malicious-c.md)
* [Attackathon \_ Fuel Network 33168 - \[Smart Contract - High\] Incorrect Sign Determination In Multiply Divide Operations within IFP Implementations](/fuel-network-or-attackathon/attackathon-_-fuel-network-33168-smart-contract-high-incorrect-sign-determination-in-multiply-divide.md)
* [Attackathon \_ Fuel Network 33170 - \[Smart Contract - Medium\] UFP Exp In Sway-lib Logic Vulnerability](/fuel-network-or-attackathon/attackathon-_-fuel-network-33170-smart-contract-medium-ufp-exp-in-sway-lib-logic-vulnerability.md)
* [Attackathon \_ Fuel Network 33171 - \[Smart Contract - Insight\] panic on unwrapping in decl\_to\_type\_info](/fuel-network-or-attackathon/attackathon-_-fuel-network-33171-smart-contract-insight-panic-on-unwrapping-in-decl_to_type_info.md)
* [Attackathon \_ Fuel Network 33172 - \[Smart Contract - Insight\] OOB in type\_check\_analyze of ImplTrait](/fuel-network-or-attackathon/attackathon-_-fuel-network-33172-smart-contract-insight-oob-in-type_check_analyze-of-impltrait.md)
* [Attackathon \_ Fuel Network 33175 - \[Smart Contract - High\] Sway-lib Subtract i Logic Vulnerability](/fuel-network-or-attackathon/attackathon-_-fuel-network-33175-smart-contract-high-sway-lib-subtract-i-logic-vulnerability.md)
* [Attackathon \_ Fuel Network 33181 - \[Smart Contract - Insight\] users messages might encode incorrect data when they call deposit function on L erc bridge before the assetIssuerID is set](/fuel-network-or-attackathon/attackathon-_-fuel-network-33181-smart-contract-insight-users-messages-might-encode-incorrect-data-w.md)
* [Attackathon \_ Fuel Network 33186 - \[Smart Contract - Medium\] \_compute\_bytecode\_root goes to an infinite loop when bytecode is empty](/fuel-network-or-attackathon/attackathon-_-fuel-network-33186-smart-contract-medium-_compute_bytecode_root-goes-to-an-infinite-lo.md)
* [Attackathon \_ Fuel Network 33191 - \[Smart Contract - Insight\] Sway Formatting Behaves Differently Based On Architecture Of The Machine](/fuel-network-or-attackathon/attackathon-_-fuel-network-33191-smart-contract-insight-sway-formatting-behaves-differently-based-on.md)
* [Attackathon \_ Fuel Network 33195 - \[Smart Contract - High\] Incorrect Calculations in Subtraction Functions for Signed Integers](/fuel-network-or-attackathon/attackathon-_-fuel-network-33195-smart-contract-high-incorrect-calculations-in-subtraction-functions.md)
* [Attackathon \_ Fuel Network 33203 - \[Smart Contract - Insight\] function inlining doesnt consider asm blocks instr count which leads to bloating contract size](/fuel-network-or-attackathon/attackathon-_-fuel-network-33203-smart-contract-insight-function-inlining-doesnt-consider-asm-blocks.md)
* [Attackathon \_ Fuel Network 33207 - \[Smart Contract - Insight\] users created message when withdrawing from L-L is not possible to execute on L if the assetIssuerID got changed](/fuel-network-or-attackathon/attackathon-_-fuel-network-33207-smart-contract-insight-users-created-message-when-withdrawing-from.md)
* [Attackathon \_ Fuel Network 33227 - \[Smart Contract - High\] Lack of overflow protection in the pow functions for unsigned integers can lead to a loss of coins when calculating coin amounts](/fuel-network-or-attackathon/attackathon-_-fuel-network-33227-smart-contract-high-lack-of-overflow-protection-in-the-pow-function.md)
* [Attackathon \_ Fuel Network 33233 - \[Smart Contract - Medium\] Incorrect Implementation of Unsigned -bit Fixed Point Fractional Function](/fuel-network-or-attackathon/attackathon-_-fuel-network-33233-smart-contract-medium-incorrect-implementation-of-unsigned-bit-fixe.md)
* [Attackathon \_ Fuel Network 33239 - \[Smart Contract - Low\] Incorrect Implementation of IFP Min Functions](/fuel-network-or-attackathon/attackathon-_-fuel-network-33239-smart-contract-low-incorrect-implementation-of-ifp-min-functions.md)
* [Attackathon \_ Fuel Network 33240 - \[Smart Contract - Insight\] Incorrect Bitness in IFP Types](/fuel-network-or-attackathon/attackathon-_-fuel-network-33240-smart-contract-insight-incorrect-bitness-in-ifp-types.md)
* [Attackathon \_ Fuel Network 33242 - \[Smart Contract - High\] Incorrect Implementation of IFP Multiply and Divide Functions](/fuel-network-or-attackathon/attackathon-_-fuel-network-33242-smart-contract-high-incorrect-implementation-of-ifp-multiply-and-di.md)
* [Attackathon \_ Fuel Network 33248 - \[Smart Contract - High\] Incorrect Implementation of IFP Floor and Ceil Functions](/fuel-network-or-attackathon/attackathon-_-fuel-network-33248-smart-contract-high-incorrect-implementation-of-ifp-floor-and-ceil.md)
* [Attackathon \_ Fuel Network 33267 - \[Smart Contract - High\] Bug in Multiply and Divide function](/fuel-network-or-attackathon/attackathon-_-fuel-network-33267-smart-contract-high-bug-in-multiply-and-divide-function.md)
* [Attackathon \_ Fuel Network 33286 - \[Smart Contract - Insight\] panic on unwrapping in type\_check\_trait\_implementation](/fuel-network-or-attackathon/attackathon-_-fuel-network-33286-smart-contract-insight-panic-on-unwrapping-in-type_check_trait_impl.md)
* [Attackathon \_ Fuel Network 33295 - \[Smart Contract - Low\] Bug in array decoding can lead to critical security vulnerabilities in protocols built on Fuel](/fuel-network-or-attackathon/attackathon-_-fuel-network-33295-smart-contract-low-bug-in-array-decoding-can-lead-to-critical-secur.md)
* [Attackathon \_ Fuel Network 33302 - \[Smart Contract - Medium\] Exp function does not work correctly](/fuel-network-or-attackathon/attackathon-_-fuel-network-33302-smart-contract-medium-exp-function-does-not-work-correctly.md)
* [Attackathon \_ Fuel Network 33303 - \[Smart Contract - Medium\] Incorrect sign change](/fuel-network-or-attackathon/attackathon-_-fuel-network-33303-smart-contract-medium-incorrect-sign-change.md)
* [Attackathon \_ Fuel Network 33331 - \[Smart Contract - High\] Overflow in Types Less Than u](/fuel-network-or-attackathon/attackathon-_-fuel-network-33331-smart-contract-high-overflow-in-types-less-than-u.md)
* [Attackathon \_ Fuel Network 33351 - \[Smart Contract - Critical\] ABI supertraits methods are available externally](/fuel-network-or-attackathon/attackathon-_-fuel-network-33351-smart-contract-critical-abi-supertraits-methods-are-available-exter.md)
* [Attackathon \_ Fuel Network 33401 - \[Smart Contract - Insight\] insight compiler crash - trait dummy method was not properly replaced](/fuel-network-or-attackathon/attackathon-_-fuel-network-33401-smart-contract-insight-insight-compiler-crash-trait-dummy-method-wa.md)
* [Attackathon \_ Fuel Network 33407 - \[Smart Contract - Insight\] Missing Zero-Check for to Address in withdraw Function](/fuel-network-or-attackathon/attackathon-_-fuel-network-33407-smart-contract-insight-missing-zero-check-for-to-address-in-withdra.md)
* [Attackathon \_ Fuel Network 33433 - \[Smart Contract - Low\] Self-append in Bytes data structure causes memory corruption leading to potential DOS attacks](/fuel-network-or-attackathon/attackathon-_-fuel-network-33433-smart-contract-low-self-append-in-bytes-data-structure-causes-memor.md)
* [Attackathon \_ Fuel Network 33444 - \[Smart Contract - Insight\] Sway compiler crash for access out-of-bound memory in intrinsic function arguments check during semantic analysis](/fuel-network-or-attackathon/attackathon-_-fuel-network-33444-smart-contract-insight-sway-compiler-crash-for-access-out-of-bound.md)
* [Attackathon \_ Fuel Network 33451 - \[Smart Contract - Medium\] Incorrect code size estimation can bypass protocol security checks leading to loss of user funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-33451-smart-contract-medium-incorrect-code-size-estimation-can-bypass-pro.md)
* [Attackathon \_ Fuel Network 33487 - \[Smart Contract - Insight\] Flags Do Not Affect Types Less Than u](/fuel-network-or-attackathon/attackathon-_-fuel-network-33487-smart-contract-insight-flags-do-not-affect-types-less-than-u.md)
* [Attackathon \_ Fuel Network 33488 - \[Smart Contract - Medium\] Insecure implementation of StorageMap could lead to unintended storage overwrite](/fuel-network-or-attackathon/attackathon-_-fuel-network-33488-smart-contract-medium-insecure-implementation-of-storagemap-could-l.md)
* [Attackathon \_ Fuel Network 33519 - \[Smart Contract - Critical\] Silent Stack overflow on variables between cross-contract calls](/fuel-network-or-attackathon/attackathon-_-fuel-network-33519-smart-contract-critical-silent-stack-overflow-on-variables-between.md)
Blockchain/DLT
* [Attackathon \_ Fuel Network 32271 - \[Blockchain\_DLT - Medium\] Incorrect state range access helper](/fuel-network-or-attackathon/attackathon-_-fuel-network-32271-blockchain_dlt-medium-incorrect-state-range-access-helper.md)
* [Attackathon \_ Fuel Network 32291 - \[Blockchain\_DLT - Insight\] Profiling is incorrect for dependent gas costs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32291-blockchain_dlt-insight-profiling-is-incorrect-for-dependent-gas-cos.md)
* [Attackathon \_ Fuel Network 32465 - \[Blockchain\_DLT - High\] Abuse of CCP instruction to do cheap memory clears](/fuel-network-or-attackathon/attackathon-_-fuel-network-32465-blockchain_dlt-high-abuse-of-ccp-instruction-to-do-cheap-memory-cle.md)
* [Attackathon \_ Fuel Network 32486 - \[Blockchain\_DLT - Medium\] Public RPC node craches via GraphQL API](/fuel-network-or-attackathon/attackathon-_-fuel-network-32486-blockchain_dlt-medium-public-rpc-node-craches-via-graphql-api.md)
* [Attackathon \_ Fuel Network 32628 - \[Blockchain\_DLT - Medium\] A GraphQL query crashes core process](/fuel-network-or-attackathon/attackathon-_-fuel-network-32628-blockchain_dlt-medium-a-graphql-query-crashes-core-process.md)
* [Attackathon \_ Fuel Network 32695 - \[Blockchain\_DLT - Insight\] increasing processing for public nodes with rpc](/fuel-network-or-attackathon/attackathon-_-fuel-network-32695-blockchain_dlt-insight-increasing-processing-for-public-nodes-with.md)
* [Attackathon \_ Fuel Network 32768 - \[Blockchain\_DLT - Medium\] WDCM and WQCM doesnt respect the fuel-specs](/fuel-network-or-attackathon/attackathon-_-fuel-network-32768-blockchain_dlt-medium-wdcm-and-wqcm-doesnt-respect-the-fuel-specs.md)
* [Attackathon \_ Fuel Network 32825 - \[Blockchain\_DLT - High\] Consensus between -bit and -bit system can fail for LDC opcode](/fuel-network-or-attackathon/attackathon-_-fuel-network-32825-blockchain_dlt-high-consensus-between-bit-and-bit-system-can-fail-f.md)
* [Attackathon \_ Fuel Network 32860 - \[Blockchain\_DLT - Insight\] Resource Abuse CCP instruction is loading the contract into memory before charging GAS](/fuel-network-or-attackathon/attackathon-_-fuel-network-32860-blockchain_dlt-insight-resource-abuse-ccp-instruction-is-loading-th.md)
* [Attackathon \_ Fuel Network 32965 - \[Blockchain\_DLT - Critical\] Messages to L included even on reverts allows theft from bridge](/fuel-network-or-attackathon/attackathon-_-fuel-network-32965-blockchain_dlt-critical-messages-to-l-included-even-on-reverts-allo.md)
* [Attackathon \_ Fuel Network 32978 - \[Blockchain\_DLT - Insight\] isolating the node from the networkcausing OOM by resource exhaust](/fuel-network-or-attackathon/attackathon-_-fuel-network-32978-blockchain_dlt-insight-isolating-the-node-from-the-networkcausing-o.md)
* [Attackathon \_ Fuel Network 32987 - \[Blockchain\_DLT - Insight\] Sending a message with ETH and data to the FuelMessagePortal does not increase the balance on the L and users can not move the funds](/fuel-network-or-attackathon/attackathon-_-fuel-network-32987-blockchain_dlt-insight-sending-a-message-with-eth-and-data-to-the-f.md)
* [Attackathon \_ Fuel Network 33193 - \[Blockchain\_DLT - Medium\] Fuel SDKs ABI Decoder Behaves Differently Based On Architecture Of The Machine](/fuel-network-or-attackathon/attackathon-_-fuel-network-33193-blockchain_dlt-medium-fuel-sdks-abi-decoder-behaves-differently-bas.md)
* [Attackathon \_ Fuel Network 33346 - \[Blockchain\_DLT - Low\] Incorrect error handling when executing block can cause network shutdown by hanging the poa service of network nodes halting block production](/fuel-network-or-attackathon/attackathon-_-fuel-network-33346-blockchain_dlt-low-incorrect-error-handling-when-executing-block-ca.md)
* [Attackathon \_ Fuel Network 33360 - \[Blockchain\_DLT - Medium\] The typescript SDK has no awareness of to-be-spent transactions causing some transactions to fail or silently get pruned as they are funded with already used UTXOs](/fuel-network-or-attackathon/attackathon-_-fuel-network-33360-blockchain_dlt-medium-the-typescript-sdk-has-no-awareness-of-to-be.md)
* [Attackathon \_ Fuel Network 33450 - \[Blockchain\_DLT - Insight\] fuel\_gas\_price\_algorithm AlgorithmV may panic](/fuel-network-or-attackathon/attackathon-_-fuel-network-33450-blockchain_dlt-insight-fuel_gas_price_algorithm-algorithmv-may-pani.md)
Websites and Applications
* [Attackathon \_ Fuel Network 32327 - \[Websites and Applications - Low\] REVISED Malicious Downtime via missing Input Validation on Fuel Wallet Browser Extension Backend GraphQL server](/fuel-network-or-attackathon/attackathon-_-fuel-network-32327-websites-and-applications-low-revised-malicious-downtime-via-missin.md)
* [Attackathon \_ Fuel Network 32459 - \[Websites and Applications - Low\] URGENT WEB funds drained using URL path based manipulation and injection an attacker can spoof domains on any important web dapp API call as legitimate domains](/fuel-network-or-attackathon/attackathon-_-fuel-network-32459-websites-and-applications-low-urgent-web-funds-drained-using-url-pa.md)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://reports.immunefi.com/fuel-network-or-attackathon.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.