RSK

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
https://bounty-node.rsk.co URL medium low low high
A RSKj JSON RPC server is available for testing. You can obtain the list of JSON RPC methods supported from the rskj source code and from RSK and Ethereum documentation. You can attempt the following attacks: * Bypass the Nginx JSON RPC method blacklist/whitelist filtering. * Application level DoS: exploit the whitelisted methods to consume server's resources. * System Information disclosure (file system, private keys) * Code execution (Hint: check the object mapping capabilities of the JSON parser library and Java reflection) **Only application level DoS attacks are allowed. Do not attempt volumetric transport level attacks** Sample Request: `curl -s -X POST -H "Content-Type: application/json" -d '{"jsonrpc":"2.0","method":"web3_clientVersion", "params": {}, "id":666}' https://bounty-node.rsk.co ` The whitelisted methods are the following: ```web3_clientVersion eth_getUncleCountByBlockNumber net_version net_listening net_peerCount eth_protocolVersion eth_hashrate eth_mining eth_call eth_estimateGas eth_gasPrice eth_blockNumber eth_getBalance eth_getBlockByHash eth_getBlockByNumber eth_getBlockTransactionCountByHash eth_getBlockTransactionCountByNumber eth_getCode eth_getStorageAt eth_getTransactionByBlockHashAndIndex eth_getTransactionByBlockNumberAndIndex eth_getTransactionByHash eth_getTransactionCount eth_getTransactionReceipt eth_getUncleByBlockHashAndIndex eth_getUncleByBlockNumberAndIndex eth_getUncleCountByBlockHash eth_getUncleCountByBlockNumber eth_sendRawTransaction ``` The filtering is performed with a Nginx configuration similar to the one described in the following article: https://github.com/rsksmart/rskj/wiki/Nginx-Proxy-Server-for-JSONRPC-Calls Good luck!
https://github.com/rsksmart/rskj SOURCE_CODE high high high critical
RSKj Installation instructions: https://github.com/rsksmart/rskj/wiki Binary releases: https://github.com/rsksmart/rskj/releases Gitter channel for technical questions: https://gitter.im/rsksmart/rskj
https://github.com/rsksmart/tokenbridge SOURCE_CODE critical
The system is designed to allow to move tokens between blockchains if and only if 50% of the members approve it. Vulnerabilities that require access to a member's private key will be valid but will be considered medium risk at most # Out of scope * The private key handling and storage is out of scope. * Malicious ERC20 tokens are out of scope because there is a whitelisting process in place.

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
*.rsk.co URL none
RSK websites, infrastructure and assets are NOT part of the bounty program.
*.iovlabs.org URL none
IOV Labs websites, infrastructure and assets are NOT part of the bounty program.
*.rifos.org URL none
RIF OS websites, infrastructure and assets are NOT part of the bounty program.