关键漏洞信息 1. TimeLock Encryption Vulnerability Issue: The previously allowed decryption of ciphertexts without forcing the decryption function to recompute the puzzle before learning the plaintext. Fix: The decryption process has been updated to require recomputation of the puzzle, mitigating front-running. 2. VDF Verification Vulnerability Issue: The function was verifying Wosolowski proofs before performing expensive VDF evaluations during decryption. Fix: The decryption now withholds Wosolowski outputs from ciphertexts, ensuring the decryptor must recompute the puzzle. 3. Legacy RNG Vulnerability Issue: The legacy commit-reveal RNG was still available, which could potentially be problematic in a decentralized setting. Fix: The now models a BLS-style DKG, eliminating single points of failure. 4. Misconfiguration Vulnerability Issue: There was a lack of explicit overflow guards and stake-domain assertions in fixed-point operations. Fix: All relevant operations now include explicit overflow guards and stake-domain assertions to fail loudly in the event of misconfiguration. 5. Race Condition Vulnerability Issue: The system was sensitive to non-determinism due to floating-point operations, which could lead to race conditions. Fix: All payouts are now in fixed-point with all sensitive material handled through CSPRNGs and zeroized buffers. ``` This summarizes the changes made in the commit related to security and mitigating front-running, ensuring all sensitive material is securely handled.