fix: Blind-signing gate is bypassed for single-byte calldata 0x00 transactions

[Donjon-Cerberus]

Summary

Automated security fix for Blind-signing gate is bypassed for single-byte calldata 0x00 transactions (High).

CWE: CWE-CWE-285
OWASP: A01:2021-Broken Access Control
Fix Confidence: high

What Changed

Removed the special-case in process_data() that treated a single-byte calldata payload of 0x00 as if no calldata were present. Non-empty calldata now preserves the dataPresent state set earlier by custom_processor(), so blind-signing checks still apply for 0x00 calldata while true zero-length data fields remain unaffected.

Verification Checklist

• Review the code change
• Run tests to verify no regression
• Verify the vulnerability is addressed — already verified by Cerberus Sentinel

---

Created by Cerberus Merlin

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 55.02%. Comparing base (b9b3a4b) to head (e82514c).

Additional details and impacted files

@@           Coverage Diff            @@
##           develop     #983   +/-   ##
========================================
  Coverage    55.02%   55.02%           
========================================
  Files           16       16           
  Lines         1592     1592           
  Branches       201      201           
========================================
  Hits           876      876           
  Misses         712      712           
  Partials         4        4           

Flag	Coverage Δ
unittests	55.02% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.