forked from cosmos/cosmos-sdk
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* update SECURITY.md * add comment on bug report * format
- Loading branch information
Showing
2 changed files
with
51 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,29 +1,52 @@ | ||
# Security | ||
|
||
As part of our [Coordinated Vulnerability Disclosure | ||
Policy](https://tendermint.com/security), we operate a bug bounty. | ||
See the policy for more details on submissions and rewards. | ||
> **IMPORTANT**: If you find a security issue, you can contact our team directly at | ||
[email protected], or report it to our [bug bounty program](https://hackerone.com/tendermint) on HackerOne. *DO NOT* open a public issue on the repository. | ||
|
||
The following is a list of examples of the kinds of bugs we're most interested in for | ||
the Cosmos SDK. See [here](https://github.com/tendermint/tendermint/blob/master/SECURITY.md) for vulnerabilities we are interested in for Tendermint, and lower-level libraries, e.g. IAVL. | ||
## Bug Bounty | ||
|
||
## Modules | ||
- x/staking | ||
- x/slashing | ||
- x/types | ||
- x/gov | ||
As part of our [Coordinated Vulnerability Disclosure Policy](https://tendermint.com/security), we operate a | ||
[bug bounty program](https://hackerone.com/tendermint) with Hacker One. | ||
|
||
We are interested in bugs in other modules, however the above are most likely to have | ||
significant vulnerabilities, due to the complexity / nuance involved | ||
See the policy linked above for more details on submissions and rewards and read | ||
this [blog post](https://blog.cosmos.network/bug-bounty-program-for-tendermint-cosmos-833c67693586) for the program scope. | ||
|
||
## How we process Tx parameters | ||
- Integer operations on tx parameters, especially sdk.Int / sdk.Uint | ||
- Gas calculation & parameter choices | ||
- Tx signature verification (code in x/auth/ante.go) | ||
- Possible Node DoS vectors. (Perhaps due to Gas weighting / non constant timing) | ||
The following is a list of examples of the kinds of bugs we're most interested | ||
in for the Cosmos SDK. See [here](https://github.com/tendermint/tendermint/blob/master/SECURITY.md) for vulnerabilities we are interested | ||
in for Tendermint and other lower-level libraries (eg. [IAVL](https://github.com/tendermint/iavl)). | ||
|
||
### Core packages | ||
|
||
- [`/baseapp`](https://github.com/cosmos/cosmos-sdk/tree/master/baseapp) | ||
- [`/crypto`](https://github.com/cosmos/cosmos-sdk/tree/master/crypto) | ||
- [`/types`](https://github.com/cosmos/cosmos-sdk/tree/master/types) | ||
- [`/store`](https://github.com/cosmos/cosmos-sdk/tree/master/store) | ||
|
||
### Modules | ||
|
||
- [`x/auth`](https://github.com/cosmos/cosmos-sdk/tree/master/x/auth) | ||
- [`x/bank`](https://github.com/cosmos/cosmos-sdk/tree/master/x/bank) | ||
- [`x/staking`](https://github.com/cosmos/cosmos-sdk/tree/master/x/staking) | ||
- [`x/slashing`](https://github.com/cosmos/cosmos-sdk/tree/master/x/slashing) | ||
- [`x/evidence`](https://github.com/cosmos/cosmos-sdk/tree/master/x/evidence) | ||
- [`x/distribution`](https://github.com/cosmos/cosmos-sdk/tree/master/x/distribution) | ||
- [`x/supply`](https://github.com/cosmos/cosmos-sdk/tree/master/x/supply) | ||
- [`x/ibc`](https://github.com/cosmos/cosmos-sdk/tree/ibc-alpha/x/ibc) (currently in alpha mode) | ||
|
||
We are interested in bugs in other modules, however the above are most likely to | ||
have significant vulnerabilities, due to the complexity / nuance involved. We | ||
also recommend you to read the [specification](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules/README.md) of each module before digging into | ||
the code. | ||
|
||
### How we process Tx parameters | ||
|
||
- Integer operations on tx parameters, especially `sdk.Int` / `sdk.Dec` | ||
- Gas calculation & parameter choices | ||
- Tx signature verification (see [`x/auth/ante`](https://github.com/cosmos/cosmos-sdk/tree/master/x/auth/ante)) | ||
- Possible Node DoS vectors (perhaps due to gas weighting / non constant timing) | ||
|
||
### Handling private keys | ||
|
||
## Handling private keys | ||
- HD key derivation, local and Ledger, and all key-management functionality | ||
- Side-channel attack vectors with our implementations | ||
- e.g. key exfiltration based on time or memory-access patterns when decrypting privkey | ||
|