- Topic
10k Popularity
15k Popularity
13k Popularity
6k Popularity
2k Popularity
- Pin
- Gate July 2025 Transparency Report:
Accelerating Leadership in the Global Crypto Landscape!
#GateTransparencyReport# - 📢 Gate Square Exclusive: #PUBLIC Creative Contest# Is Now Live!
Join Gate Launchpool Round 297 — PublicAI (PUBLIC) and share your post on Gate Square for a chance to win from a 4,000 $PUBLIC prize pool
🎨 Event Period
Aug 18, 2025, 10:00 – Aug 22, 2025, 16:00 (UTC)
📌 How to Participate
Post original content on Gate Square related to PublicAI (PUBLIC) or the ongoing Launchpool event
Content must be at least 100 words (analysis, tutorials, creative graphics, reviews, etc.)
Add hashtag: #PUBLIC Creative Contest#
Include screenshots of your Launchpool participation (e.g., staking record, reward - 🎉 Hey Gate Square friends! Non-stop perks and endless excitement—our hottest posting reward events are ongoing now! The more you post, the more you win. Don’t miss your exclusive goodies! 🚀
🆘 #Gate 2025 Semi-Year Community Gala# | Square Content Creator TOP 10
Only 1 day left! Your favorite creator is one vote away from TOP 10. Interact on Square to earn Votes—boost them and enter the prize draw. Prizes: iPhone 16 Pro Max, Golden Bull sculpture, Futures Vouchers!
Details 👉 https://www.gate.com/activities/community-vote
1️⃣ #Show My Alpha Points# | Share your Alpha points & gains
Post your - 💙 Gate Square #Gate Blue Challenge# 💙
Show your limitless creativity with Gate Blue!
📅 Event Period
August 11 – 20, 2025
🎯 How to Participate
1. Post your original creation (image / video / hand-drawn art / digital work, etc.) on Gate Square, incorporating Gate’s brand blue or the Gate logo.
2. Include the hashtag #Gate Blue Challenge# in your post title or content.
3. Add a short blessing or message for Gate in your content (e.g., “Wishing Gate Exchange continued success — may the blue shine forever!”).
4. Submissions must be original and comply with community guidelines. Plagiarism or re
Move language integer overflow vulnerability exposed, referencing security verification risks.
Move Language Reproduces Integer Overflow Vulnerability
Recently, a serious integer overflow vulnerability has been discovered in the Move language. This vulnerability occurs during the reference security validation step and may lead to denial of service attacks. By analyzing this vulnerability in depth, we can gain a deeper understanding of the Move language.
The Move language performs code verification before executing bytecode, which consists of four steps. This vulnerability arises in the reference_safety step. The reference_safety module is responsible for verifying the legality of reference operations, including checking for dangling references and whether mutable reference access is safe.
The verification process is conducted on a per-function basis. For each function, the basic blocks within it are first identified. A basic block is a sequence of consecutive code that may only have branches at the entry and exit points. Then, each basic block is analyzed to generate the state before and after execution, and the state is propagated to subsequent blocks.
The status includes two parts of information: locals and borrow graph. Locals record information about local variables, while the borrow graph represents the reference relationships between variables. The analysis process will continuously update this state information.
The vulnerability occurs during the state merging process. When the total number of function parameters and local variables exceeds 256, an integer overflow can occur due to using the u8 type to represent the index. This leads to erroneous merged state information, which may trigger a denial of service attack.
Although the Move language has a mechanism to check the number of local variables, it does not consider the number of parameters. This oversight has led to the emergence of vulnerabilities.
To trigger this vulnerability, an attacker can construct a looping code block that uses overflow to change the state of the block. When executed again, due to incorrect state information, accessing a non-existent variable will cause the program to crash.
This vulnerability once again illustrates that even well-designed languages can have security risks. It reminds us of the importance of code auditing and the need for more comprehensive security considerations in language design. For the Move language, adding more checks at runtime may be a direction for improvement.