Author Topic: SKALE Network Bug Bounty [$250]  (Read 2890 times)

Angelina

  • Moderator
  • Experienced Member
  • *****
  • Posts: 357
    • View Profile
SKALE Network Bug Bounty [$250]
« on: April 26, 2023, 05:50:57 pm »
Submit bug report: https://skale.network
@SkaleNetwork

SKALE Network's
The SKALE Network Bug Bounty Program is intended for discovering potential technical vulnerabilities in the SKALE Network with the help of SKALE Network community members, especially those who specialize in global network security and Solidity smart contract security. The SKALE Network community takes the security of the network very seriously and offers this bounty program to reward those who help strengthen the network and technologies.
Program Scope
SKALE Network is a fully asynchronous binary Byzantine Fault Tolerant consensus that incorporates BLS threshold cryptography and a Trusted Execution Environment (SGX) to provide performant sidechains that are 100% Ethereum compatible. The SKALE Network is orchestrated by a set of smart contracts called SKALE Manager, deployed on Ethereum network.

There are three scopes:
SKALE Manager smart contracts.
Infrastructure: skale-consensus and libBLS.
Hardware secure crypto wallet: sgxwallet.
SKALE Manager smart contracts
For skale-manager, bugs must:
be valid attacks to allow a user to steal SKL tokens from the system.
be an attack through a Network attack vector that is more than just theoretical.
must include a POC implementation with reproducible steps. This can be a Solidity, JavaScript or Python test or list of actions that clearly shows how the bug occurs.
Examples of skale-manager vulnerabilities the SKALE Network is interested in, include:
see SWC Registry for some examples.
SKALE Manager Testnet Releases
The SKALE Network will continue with as-needed deployments of the latest versions of the smart contracts to the Rinkeby testnet.
The bug bounty program will be applicable to only one release at a time as specified in this policy. Submissions MUST indicate to which release they relate.
The current release eligible for vulnerability reports is 1.8.1. Only vulnerabilities found in this deployment can currently be submitted for a reward. See https://github.com/skalenetwork/skale-network/tree/master/releases#test-releases for testnet contract addresses and ABIs.
For testnet tokens, please reach out to SKALE Discord HackerOne Support.
Infrastructure
To qualify for a bounty, bugs must be:
Valid on the develop branch of the corresponding repository.
For skale-consensus and libBLS, the following bugs must be:
Valid for 64-bit Ubuntu machines with at least 2GB RAM.
Valid on SKALE Consensus clusters where less than 1/3 of the nodes are faulty or malicious.
Network based attack vectors (local or physical attacks only will be closed as informative or low priority)
for libBLS, excluding threshold encryption and aggregated signatures. Only threshold signatures and DKG are in scope.
SKALE Network is interested in a full range of bugs with demonstrable security risk: from those that can be proven with a simple unit test, to those that require a full cluster and complex sequence of transactions.
Examples of libBLS vulnerabilities the SKALE Network is interested in include:
insecure cryptographic functions
incomplete implementation of cryptographic algorithms
Examples of skale-consensus vulnerabilities the SKALE Network is interested in include:
memory allocation bugs
race conditions
timing attacks
information leaks
authentication bypasses
incorrect block validation
Denial of Service
lost write bugs
payloads/transactions that cause panics.
Please see the SKALE Consensus README and libBLS README for a quick-start guide to getting SKALE Consensus or libBLS running so you can start hunting for bugs. Please also see the test directory in each repository for examples of tests.
SGXWallet
To qualify for a bounty, bugs must be:
Valid for the develop branch of the corresponding repository.
Not related to any Intel SGX specific vulnerability (please review exclusions, ineligible bugs and out-of-scope carefully).
Network based attack vectors (local or physical attacks only will be closed as informative or low priority)
For sgxwallet bug submissions must satisfy following:
Valid for SGX-enabled Intel processor
Particular areas SKALE Network is interested in are:
attacks that allow 3rd party to steal funds from SGXWallet
memory consumption and memory leaks inside/outside of secure enclave
DDoS attacks
SGXWallet performance and stability
Please refer to SGX Wallet README as your starting point for deep dive in the component and your bug bounty kick off.
Program Rules
You must provide detailed reports with reproducible steps. If the report is not detailed sufficiently to reproduce the issue, the issue will not be eligible for a reward.
When duplicates occur, the program will only reward the first report that was received (provided that it can be fully reproduced).
Multiple vulnerabilities caused by one underlying issue will be awarded one bounty.
Social engineering (e.g. phishing, vishing, smishing), clickjacking and issues are prohibited.
Scanner-generated reports and "Advisory" or "Informational" reports that do not include any SKALE Network-specific testing or context are ineligible for rewards.
Website-related issues are ineligible for rewards.
Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.
Ineligible and prohibited methods
Vulnerabilities contingent on any of the following activities do not qualify for a reward in this program, and are prohibited:
Social engineering (including phishing) of SKALE Network staff or contractors.
Spamming.
Denial of service attacks on testnet, mainnet or any other live assets such as websites.
Any physical attacks against SKALE Network property, data centers, or employees.
Automated tools.
Compromising or misusing third party systems or services.
Exclusions, ineligible bugs, and out-of-scope
Vulnerabilities that assume different security assumptions from SKALE Network.
Vulnerabilities that assume different setups of various components.
Mentions of secrets, access tokens, API keys, private keys, etc. in Github, will be considered out of scope without EXPLICIT proof that they are in-use in production.
SGX-related issues and/or vulnerabilities
Game Theory and incentive mechanisms attacks.
Attacks requiring MITM or physical access to a user's device.
Security issues in third-party software.
Previously known vulnerable libraries without a working Proof of Concept.
Vulnerabilities already known to the public or to the SKALE Network core team including previous findings from another participant in the bug bounty program.
Bugs that are not reproducible.
Bugs disclosed to other parties without consent from the SKALE Network core team.
skale.network, skale.space or any other SKALE Network websites, and any website related security practices such as:
Content Security Policy (CSP) HTTP header
HTTP Public Key Pinning (HPKP)
Subresource integrity
Referrer Policies
SSL/TLS configuration
Email or DNS configurations
Site or domain configurations
Cookies missing security flags
Disclosure Policy
Upon receipt of a potential security issue, SKALE Network will make every effort to quickly resolve the issue.
Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of SKALE Network service. Only interact with accounts you own or with explicit permission of the account holder.
Provide a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.

Legal
All rights of interpretation of the Bug Bounty are reserved to SKALE Network. SKALE Network decides whether to reward a bug disclosure and how much will be rewarded. Any individual or team participant should not violate any laws and regulations during testing.
Safe Harbor
Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.
Thank you for helping keep SKALE Network and our users safe!