art_of_bug
art_of_bug

art_of_bug

We are research group with focus to expose bugs in design and implementation of blockchain projects. We only honour responsible disclosure with projects that honour responsible development.


Syscoin – Unhandled Exception in RLP Constructor

16 Feb 2020 10 minute read 0 comments art_of_bug

Nice to see you again. Today we are back to Syscoin. Previously we have published two submissions to the bounty related to the implementation of Sysethereum bridge. Today we present a vulnerability that we found before working on the mentioned bounty...

Neblio – Orphans Memory Leak

19 Jan 2020 4 minute read 4 comments art_of_bug

Welcome again. This is probably the last time we write about Neblio. We could create new and new reports because its code is incredibly buggy, but it makes no sense given the attitude of the Neblio development team. So, just to prove the point, here...

Qtum (fixed) & NavCoin (not fixed) – Direct Block Propagation mapBlockIndex DoS

26 Dec 2019 8 minute read 0 comments art_of_bug

Welcome to the next episode. In September we have published NavCoin – Bypassing Header Spam Protection, which was a denial of service attack against the header spam filter in NavCoin. As far as we know, this issue has not been fixed in NavCoin yet. A...

Syscoin – Invalid Middle Block In Sysethereum Superblock

27 Nov 2019 7 minute read 3 comments art_of_bug

Welcome back. Today we are back to Syscoin. Previously we have published two submissions to the bounty related to the implementation of the  Sysethereum bridge. Today we present another vulnerability that we found later in the Sysethereum bridge impl...

Neblio – Instant Node Crash Using VerifyInputsUnspent

31 Oct 2019 5 minute read 1 comment art_of_bug

Welcome back. Last time we explained how Neblio's attempt to fix the DoS vulnerability we reported many months ago did not actually work and that it only addressed our specific exploit implementation. We explained how to perform this attack against t...

Neblio – VerifyInputsUnspent Still Not Fixed

13 Oct 2019 4 minute read 0 comments art_of_bug

Welcome. Remember our very first post?  Recall that we didn't like the way Neblio team (not)communicated. We published a vulnerability in their code and waited for the reaction. At first it seemed like they acknowledged the problem with poor communic...

Qtum – setStakeSeen Mistake

29 Sep 2019 7 minute read 0 comments art_of_bug

Welcome back. Today we open Qtum. We started to participate in Qtum's bug bounty program many months ago and we already submitted several findings there, all of which have been accepted. Today we present one of the vulnerabilities that have been fixe...

NavCoin – Bypassing Header Spam Protection

14 Sep 2019 6 minute read 5 comments art_of_bug

Welcome back. Today we will talk about NavCoin. We start with a little rant as we sometimes do when we feel things could have gone better. Then we disclose an unpatched vulnerability in NavCoin Core which was caused by copying and pasting the code fr...

Syscoin Hack Ethereum Bridge Bounty 2 - Superblocks Future Time Bug

28 Aug 2019 4 minute read 0 comments art_of_bug

Nice to see you again. Last time we have described our first submission to the hack the Syscoin's Ethereum bridge bounty (do follow this link also to find information about Syscoin Ethereum bridge, some understanding of it is useful to be able to gra...

Syscoin Hack Ethereum Bridge Bounty - The Cut Off Problem

14 Aug 2019 16 minute read 2 comments art_of_bug

Welcome back. Hacking production chains a.k.a. mainnets is the most fun, but when incentives allow, exploring testnets can be fun too. The following is our first submission to the hack the Syscoin's Ethereum bridge bounty (do follow this link also to...