Active Boosts

Shardeum Core III

Reports by Severity

Critical

  • #39979 [BC-Critical] Total network shutdown via fixDeserializedWrappedEVMAccount call through binary_repair_oos_accounts endpoint

  • #40007 [BC-Critical] Drain node staking account due to improper validation of SetCertTime internal transaction

  • #39191 [BC-Critical] JoinRoute: Attacker reachable input serialization

  • #39465 [BC-Critical] Lack of authorization on InitClaimReward transaction allows attacker to prevent all nodes from being rewarded

  • #39511 [BC-Critical] Malicious node can drain balance of other node's nominator evm address

  • #40000 [BC-Critical] Improper input validation in fixDeserializedWrappedEVMAccount leads to DOS and total network shutdown

  • #39973 [BC-Critical] Standard node rewarding flow can be blocked

  • #40005 [BC-Critical] Removal of node out of network via remove by app gossip and signature duplications

  • #39994 [BC-Critical] Tricking nodes into signing nearly-arbitrary data

  • #39355 [BC-Critical] Tricking Legit node to sign their own apoptosis request payload

  • #39812 [BC-Critical] Bypass `SetCertTime` transaction signature check #1

  • #39507 [BC-Critical] Insufficient validation on ClaimReward transaction allows attacker to claim an inflated reward OR prevent all nodes from being rewarded

  • #39364 [BC-Critical] Trusting heavily on "appData" enables infinite SHM duplication through double-spend exploit

  • #39875 [BC-Critical] Lack of validation of node deactivation time in `ClaimRewards` allows to steal rewards

  • #39675 [BC-Critical] Reward Exploitation via Unvalidated Node Status in "initRewardTX"

  • #39678 [BC-Critical] Bypass certificate signing validation by double counting signatures due to capitalization

  • #39679 [BC-Critical] Bypass certificate signing validation by double counting signatures due to ignored suffixes

  • #39791 [BC-Critical] Filling the queue with "setCertTime" stop the network from processing new transactions

  • #39813 [BC-Critical] Bypass `SetCertTime` transaction signature check #2

  • #39838 [BC-Critical] Bypass certificate signing validation by double counting signatures due to signature malleability

  • #39871 [BC-Critical] Lack of consensus voting in best cycle calculation allows a malicious validator to fake cycle data and crash all nodes

  • #39876 [BC-Critical] Receiving rewards multiple times for the same period

  • #39885 [BC-Critical] Signature forgery on behalf of network nodes using binary_sign_app_data endpoint

  • #39921 [BC-Critical] accountDeserializer isn't type safe

  • #39873 [BC-Critical] Lack of validation of node activation time in `InitRewardTimes` allows to steal rewards

  • #39811 [BC-Critical] Inducing large memory allocation via /join endpoint

High

  • #39149 [BC-High] EIP-2930 transactions with 20k-address overload the nodes and force the network into "safety" mode

Medium

  • #39395 [BC-Medium] got.get without response limit

  • #39850 [BC-Medium] Bypass TransferFromSecureAccount transaction validations

  • #39913 [BC-Medium] No rate Limiting in resource-intensive endpoint

Insight

  • #39752 [BC-Insight] There is an issue related to incorrect version parsing and comparison logic lead to incorrect node validation,

  • #39463 [BC-Insight] `multiSendWithHeader` and `sendWithHeader` have JSON injection vulnerability

  • #39027 [BC-Insight] Abusive Join request handler node

  • #39882 [BC-Insight] Data unsubscribe same node replay

  • #39164 [BC-Insight] Service point exhaustion

  • #39103 [BC-Insight] Unchecked data size in "getStakeTxBlobFromEVMTx()" can use lots of CPU resources

Reports by Type

Blockchain/DLT

  • #39979 [BC-Critical] Total network shutdown via fixDeserializedWrappedEVMAccount call through binary_repair_oos_accounts endpoint

  • #40007 [BC-Critical] Drain node staking account due to improper validation of SetCertTime internal transaction

  • #39191 [BC-Critical] JoinRoute: Attacker reachable input serialization

  • #39752 [BC-Insight] There is an issue related to incorrect version parsing and comparison logic lead to incorrect node validation,

  • #39395 [BC-Medium] got.get without response limit

  • #39465 [BC-Critical] Lack of authorization on InitClaimReward transaction allows attacker to prevent all nodes from being rewarded

  • #39463 [BC-Insight] `multiSendWithHeader` and `sendWithHeader` have JSON injection vulnerability

  • #39511 [BC-Critical] Malicious node can drain balance of other node's nominator evm address

  • #40000 [BC-Critical] Improper input validation in fixDeserializedWrappedEVMAccount leads to DOS and total network shutdown

  • #39973 [BC-Critical] Standard node rewarding flow can be blocked

  • #40005 [BC-Critical] Removal of node out of network via remove by app gossip and signature duplications

  • #39994 [BC-Critical] Tricking nodes into signing nearly-arbitrary data

  • #39355 [BC-Critical] Tricking Legit node to sign their own apoptosis request payload

  • #39812 [BC-Critical] Bypass `SetCertTime` transaction signature check #1

  • #39507 [BC-Critical] Insufficient validation on ClaimReward transaction allows attacker to claim an inflated reward OR prevent all nodes from being rewarded

  • #39364 [BC-Critical] Trusting heavily on "appData" enables infinite SHM duplication through double-spend exploit

  • #39850 [BC-Medium] Bypass TransferFromSecureAccount transaction validations

  • #39149 [BC-High] EIP-2930 transactions with 20k-address overload the nodes and force the network into "safety" mode

  • #39027 [BC-Insight] Abusive Join request handler node

  • #39882 [BC-Insight] Data unsubscribe same node replay

  • #39875 [BC-Critical] Lack of validation of node deactivation time in `ClaimRewards` allows to steal rewards

  • #39164 [BC-Insight] Service point exhaustion

  • #39675 [BC-Critical] Reward Exploitation via Unvalidated Node Status in "initRewardTX"

  • #39678 [BC-Critical] Bypass certificate signing validation by double counting signatures due to capitalization

  • #39679 [BC-Critical] Bypass certificate signing validation by double counting signatures due to ignored suffixes

  • #39791 [BC-Critical] Filling the queue with "setCertTime" stop the network from processing new transactions

  • #39103 [BC-Insight] Unchecked data size in "getStakeTxBlobFromEVMTx()" can use lots of CPU resources

  • #39813 [BC-Critical] Bypass `SetCertTime` transaction signature check #2

  • #39838 [BC-Critical] Bypass certificate signing validation by double counting signatures due to signature malleability

  • #39871 [BC-Critical] Lack of consensus voting in best cycle calculation allows a malicious validator to fake cycle data and crash all nodes

  • #39876 [BC-Critical] Receiving rewards multiple times for the same period

  • #39885 [BC-Critical] Signature forgery on behalf of network nodes using binary_sign_app_data endpoint

  • #39913 [BC-Medium] No rate Limiting in resource-intensive endpoint

  • #39921 [BC-Critical] accountDeserializer isn't type safe

  • #39873 [BC-Critical] Lack of validation of node activation time in `InitRewardTimes` allows to steal rewards

  • #39811 [BC-Critical] Inducing large memory allocation via /join endpoint

Previous#39820 [W&A-Medium] Blocking all users from interacting with particular contracts/protocols via JSON-RPC serverNext#39873 [BC-Critical] Lack of validation of node activation time in `InitRewardTimes` allows to steal rewards

Was this helpful?