View Proposal

Help developers fix security holes in NavCoin core


Help developers fix security holes in NavCoin core

d01fac8f243b54e5d90c9a72005b2adfa6aaefaf0e0e6a05d44d33779d894178
NPXxJ6XAE12dhw99VwsdiYWydmXJ6JskX1
17905 days
25.000 NAV
1276    9273
rejected

Vote Commands for NavCoin Core Wallet and NavPi

If you are using NavCoin Core Wallet or NavPi and want to vote for this proposal, you should open "Debug Window" in "Help" menu and paste these commands for voting.

  • proposalvote d01fac8f243b54e5d90c9a72005b2adfa6aaefaf0e0e6a05d44d33779d894178 yes
  • proposalvote d01fac8f243b54e5d90c9a72005b2adfa6aaefaf0e0e6a05d44d33779d894178 no

Title

Help developers fix security holes in NavCoin core

Web Site

https://www.publish0x.com/art-of-bug

Contact




We have identified multiple vulnerabilities in NavCoin Core. In this proposal we offer help to NavCoin developers to understand vulnerability #1 and implement a proper fix. This vulnerability allows an attacker to crash any node the attacker can connect to at very low cost.

We propose two milestones:



  1. We have identified multiple vulnerabilities in NavCoin Core. In this proposal we offer help to NavCoin developers to understand vulnerability #1 and implement a proper fix. This vulnerability allows an attacker to crash any node the attacker can connect to at very low cost.

    We propose two milestones:

    1. 50% when the developers confirm the vulnerability.
    2. 50% when the fix is merged to the master branch.

    We have a proven track record, which you can verify on our blog: https://www.publish0x.com/art-of-bug . For example, recently we have helped Emercoin developers to fix multiple bugs in their core wallet. One of the bugs allowed an attacker to perform 51% attack with very low cost and was in their code base for more than 2 years. You can find more details about this bug in our blog post.

    If this proposal is successful, we will create more proposals in the future for other issues we discovered.

Blog Entries


No blog posts.