art_of_bug
art_of_bug

art_of_bug

We are research group with focus to expose bugs in design and implementation of blockchain projects. We only honour responsible disclosure with projects that honour responsible development.


Emercoin – Bypassing POS Temperature

28 Jul 2019 8 minute read 2 comments art_of_bug

Welcome to the next episode. Last time we discussed Emercoin's 51% attack and the related hardfork. We mentioned that there were more vulnerabilities we have discussed with Emercoin's team. Today we present one of the issues that we reported. It has...

Emercoin Hardfork Mess – Trivial 51% Attack

11 Jul 2019 12 minute read 0 comments art_of_bug

Welcome back. Last time we've talked about Particl. Since then there has been good news coming from Particl. The bugs were fixed and they are allegedly considering creating a proper bug bounty program. And we have published a post about how should a...

How to Make Good Bug Bounty

8 Jul 2019 7 minute read 6 comments art_of_bug

Most projects in cryptocurrency space don't have a bug bounty program, or their bug bounty program is deficient. We think such an approach is dangerous for most projects out there. Bitcoin is probably the only project that can afford not having a bug...

Particl – Using Spent Kernel To Split the Network

29 Jun 2019 11 minute read 8 comments art_of_bug

Welcome again. It took us a while to get back. The reasons are both simple and sad – communication with Altcoin vendors is very difficult and slow. Many Altcoins do not have any vulnerability policy in place. You have no idea who to contact and you h...

Introduction & Neblio – VerifyInputsUnspent Denial of Service

11 May 2019 6 minute read 4 comments art_of_bug

Welcome to our first blog post. We hope you will enjoy our content. Today, we start with a vulnerability in Neblio project. We made several attempts to contact the Neblio team in April, but all our attempts failed. It seemed that they just refused to...