Skip to content

feat(sn60): add ultrahighsuper-20260708-01 bitsec miner submission#87

Open
ultrahighsuper wants to merge 1 commit into
Autovara:mainfrom
ultrahighsuper:submission/sn60-ultrahighsuper-20260708-01
Open

feat(sn60): add ultrahighsuper-20260708-01 bitsec miner submission#87
ultrahighsuper wants to merge 1 commit into
Autovara:mainfrom
ultrahighsuper:submission/sn60-ultrahighsuper-20260708-01

Conversation

@ultrahighsuper

Copy link
Copy Markdown

Submission: sn60__bitsec / miner

Single self-contained bundle under submissions/sn60__bitsec/miner/ultrahighsuper-20260708-01/. No files outside the submission are touched.

Approach — category-guided triage + function-validated deep audit

Built for the per-problem budget (3 model calls / 24k output tokens):

  1. Risk-ranked discovery — parses the project's own contracts (skips test/mock/example/dependency dirs), extracts contract & function names and a per-file risk profile, and spends the budget on the highest-risk files.
  2. Taxonomy-guided triage (1 call) — ranks the riskiest files against the SN60 vulnerability taxonomy and surfaces obvious findings.
  3. Deep audit (≤2 calls) — reads the top files in full, line-numbered, and returns concrete high/critical findings as JSON. reasoning.exclude keeps reasoning out of the output budget; calls stop on HTTP 429.
  4. Function-validated normalization — every finding must map to a real parsed file+function, severity must be high/critical, and the description is rebuilt into a self-contained explanation (mechanism + impact). Findings are deduped and capped so precision (the tie-breaker) stays high.

The report is non-empty by construction: if inference is unavailable, a small set of conservative pattern findings is returned instead of an empty no-op.

Validation

kata submission validatevalid. Passes static screening (incl. the no-op-agent check), bundle static policy (no forbidden env/provider/secret tokens, no sampling overrides, no benchmark-leak tokens), and the runtime screening-report shape check (severity, description length, source-location hint). Self-contained agent.py within file/size limits.

@carlos4s carlos4s added the kata:pending Kata screened this PR: waiting for the next competition round. label Jul 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

kata:pending Kata screened this PR: waiting for the next competition round.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants