|
const attesterPrivateKey = "0xdbda1821b80551c9d65939329250298aa3472ba22feea921c0cf5d620ea67b97"; |
A private key is hardcoded directly into the source code, which violates secure coding best practices and introduces a potential security risk.
Impact
CWE-798: Use of Hard-coded Credentials
Credential Leakage: Possibility of unauthorized access if the key is ever valid
Exploitability: Low to Critical depending on where the key is reused
Reputation Risk: Publishing secrets publicly sets a poor precedent for secure development
sui-cctp/scripts/sui-scripts/helpers.ts
Line 220 in f4789ac
A private key is hardcoded directly into the source code, which violates secure coding best practices and introduces a potential security risk.
Impact
CWE-798: Use of Hard-coded Credentials
Credential Leakage: Possibility of unauthorized access if the key is ever valid
Exploitability: Low to Critical depending on where the key is reused
Reputation Risk: Publishing secrets publicly sets a poor precedent for secure development