Disagreement · d121d4bf-openai-3

Ignores chainId returned by Symbiosis tx; submits using src_chain which may mismatch

solo GPT-5

repo a16d2030·PR #4·reviewed 1 week ago

GPT-5 finding

Ignores chainId returned by Symbiosis tx; submits using src_chain which may mismatch

lowbughigh

symbiosis/scripts/symbiosis-swap.py:129-133
symbiosis/scripts/symbiosis-swap.py:164-169

The Symbiosis response includes tx.chainId. The script discards it and submits with the user-provided src_chain. If the API ever returns a canonical or remapped chainId differing from src_chain, submission could fail or hit the wrong network.

Recommendation

Use the chainId returned in result["tx"]["chainId"] when present, e.g., chainId = tx.get("chainId", src_chain).

Other reviewer

The other reviewer flagged nothing in this file/line range.

Why this didn't post

This finding didn't meet AntFleet's unanimous agreement threshold. Both frontier models review every PR independently; only findings they both flag with the same severity and category are posted to the PR. This one fell through.

read the methodology →

From the same review

These findings passed the unanimous gate on the same PR review. The disagreement above was filtered out; the findings below were posted.

← back to all disagreements view public receipts see unanimous findings + anatomies →

Tweet ↗