Rootstock Labs - HackerOne Reports
View on HackerOne8
Total Reports
1
Critical
3
High
4
Medium
0
Low
Crafted smart contract can take ~23 seconds to execute due to immense error string construction
Reported by:
guido
|
Disclosed:
Medium
Weakness: Uncontrolled Resource Consumption
DOS of RSKJ server
Reported by:
spacewasp
|
Disclosed:
High
Weakness: Uncontrolled Resource Consumption
Bounty: $5000.00
Traffic amplification attack via discovery protocol
Reported by:
luk-matczak
|
Disclosed:
Medium
Weakness: Improper Authentication - Generic
Bounty: $2000.00
DoS through PeerExplorer
Reported by:
z3t
|
Disclosed:
High
Weakness: Uncontrolled Resource Consumption
Bounty: $4000.00
JSON RPC methods for debugging enabled by default allow DoS
Reported by:
teknogeek
|
Disclosed:
Medium
Weakness: Uncontrolled Resource Consumption
Crafted smart contract can take 1.5 minutes to execute due to inefficient CODESIZE implementation
Reported by:
guido
|
Disclosed:
Medium
Weakness: Uncontrolled Resource Consumption
Crafted smart contract can take 8 minutes to execute due to bug in modexp precompile.
Reported by:
guido
|
Disclosed:
High
Weakness: Uncontrolled Resource Consumption
Attacker can add arbitrary data to the blockchain without paying gas
Reported by:
ahook
|
Disclosed:
Critical
Weakness: Deserialization of Untrusted Data