From the March 2026 audit (general risk / assumption #3):
The parser supports the `using-words-from` pragma, which delegates parsing of unknown words to external sub-parser contracts. The system assumes these sub-parsers are trusted. A malicious or buggy sub-parser can return malformed bytecode that — while potentially caught by the subsequent integrity check — introduces a significant surface area for complexity and edge-case bugs during parsing.
Tracking decisions:
- Should sub-parsers run through a stricter post-parse validation (full integrity re-run on the returned bytecode, not just structural)?
- Should the trust model be documented explicitly in NatSpec on the pragma and in the integration guide?
Filing this so the trust contract is explicit. Edge cases in sub-parser output that escape integrity checking would be filed as separate vulnerability issues if discovered.
From the March 2026 audit (general risk / assumption #3):
The parser supports the `using-words-from` pragma, which delegates parsing of unknown words to external sub-parser contracts. The system assumes these sub-parsers are trusted. A malicious or buggy sub-parser can return malformed bytecode that — while potentially caught by the subsequent integrity check — introduces a significant surface area for complexity and edge-case bugs during parsing.
Tracking decisions:
Filing this so the trust contract is explicit. Edge cases in sub-parser output that escape integrity checking would be filed as separate vulnerability issues if discovered.