Cosmos icon Cosmos HackerOne

Target Policy
https://hackerone.com/cosmos?type=team
Structured Scope
  • Asset Identifier
    Asset Type
    Max Severity
  • ibc-go Relayer

    The ibc-go relayer is a Golang implementation of an Interblockchain Communication (IBC) relayer maintained by Strangelove Labs. A relayer process monitors for updates on open paths between sets of IBC enabled chains and submits these updates in the form of specific message types to the counterparty chain. Clients are then used to track and verify the consensus state.
    In addition to relaying packets, this relayer can open paths across chains, thus creating clients, connections and channels.



    The [documentation for this relayer](https://github.com/cosmos/relayer?tab=readme-ov-file#table-of-contents) and a [demo](https://github.com/cosmos/relayer/blob/main/examples/README.md) for setting up a development environment are available. Additional information on how IBC works can be found [here](https://ibc.cosmos.network/main).

    ## In-Scope Repositories

    [https://github.com/cosmos/relayer](https://github.com/cosmos/relayer) 

    OTHER
    critical
  • https://github.com/tendermint/tendermint
    SOURCE_CODE
    critical
  • Hermes

    Hermes is a Rust implementation of an Inter-Blockchain Communication (IBC) relayer that is developed and maintained by Informal Systems. It provides a CLI to relay packets between Cosmos SDK chains, exposes [Prometheus](https://prometheus.io/) metrics and offers a REST API.

    The [documentation for Hermes](https://hermes.informal.systems/) includes a [guide for installation](https://hermes.informal.systems/quick-start/installation.html) and [several tutorials](https://hermes.informal.systems/tutorials/local-chains/index.html) that will help you get started with security testing in a local environment. 

    ## In-Scope Repositories

    
This component of the Interchain Stack comprises primarily of 6 crates: 

    * [ibc-relayer](https://crates.io/crates/ibc-relayer) provides an implementation of an IBC relayer, as a *library*.
    * [ibc-relayer-cli](https://crates.io/crates/ibc-relayer-cli) is a CLI (a wrapper over the ibc-relayer library), comprising the [hermes](https://hermes.informal.systems/) binary.
    * [ibc-chain-registry](https://crates.io/crates/ibc-chain-registry) provides functions to fetch data from the [chain registry](https://github.com/cosmos/chain-registry) and automatically generate chain configuration for Hermes.
    * [ibc-telemetry](https://crates.io/crates/ibc-telemetry) is a library for use in the Hermes CLI, for gathering telemetry data and exposing that in a Prometheus endpoint.
    * [ibc-relayer-rest](https://crates.io/crates/ibc-telemetry) is a library for use in the Hermes CLI, for exposing a REST API to inspect the state of the relayer.
    * [ibc-test-framework](https://crates.io/crates/ibc-test-framework) provides the infrastructure and framework for writing end-to-end (E2E) tests that include the spawning of the relayer together with Cosmos full nodes.

    OTHER
    critical
  • Packet Forward Middleware

    Packet Forward Middleware (PFM) is an IBC middleware module built for Cosmos blockchains that routes incoming IBC packets from a source chain to a destination chain.

    This [diagram](https://github.com/cosmos/ibc-apps/tree/main/middleware/packet-forward-middleware%23sequence-diagrams) and [integration guide](https://github.com/cosmos/ibc-apps/blob/main/middleware/packet-forward-middleware/docs/integration.md) will help you get acquainted with the code.

    ## In-Scope Repositories

    * [https://github.com/cosmos/ibc-apps/tree/main/middleware/packet-forward-middleware/packetforward](https://github.com/cosmos/ibc-apps/tree/main/middleware/packet-forward-middleware/packetforward)

    ## LTS Policy

    The Strangelove Team maintains a [Support Policy](https://docs.google.com/document/d/1I50F_rvp7oPnn6UuKwUdulZvBtMnePoRXtBhrYWMjkE/edit?usp=sharing) for this component.

    OTHER
    critical
  • ibc-go

    The Inter-Blockchain Communication Protocol (IBC) allows blockchains to talk to each other. The protocol realizes this interoperability by specifying a set of data structures, abstractions, and semantics that can be implemented by any distributed ledger that satisfies a small set of requirements. 

    To learn more about IBC and its components, visit the [documentation site](https://ibc.cosmos.network/main/ibc/overview).


    ## In-Scope Repositories

    * [https://github.com/cosmos/ibc-go/tree/main](https://github.com/cosmos/ibc-go/tree/main)

    ### IBC Core
    * [02-client](https://github.com/cosmos/ibc-go/tree/main/modules/core/02-client)
    * [03-connection](https://github.com/cosmos/ibc-go/tree/main/modules/core/03-connection)
    * [04-channel](https://github.com/cosmos/ibc-go/tree/main/modules/core/04-channel)
    * [05-port](https://github.com/cosmos/ibc-go/tree/main/modules/core/05-port)
    * [23-commitment](https://github.com/cosmos/ibc-go/tree/main/modules/core/23-commitment)
    * [24-host](https://github.com/cosmos/ibc-go/tree/main/modules/core/24-host)

    ### Application Modules
    * [Transfer](https://github.com/cosmos/ibc-go/tree/main/modules/apps/transfer)
    * [27-interchain-accounts](https://github.com/cosmos/ibc-go/tree/main/modules/apps/27-interchain-accounts)

    ### Light Clients
    * [06–solomachine](https://github.com/cosmos/ibc-go/tree/main/modules/light-clients/06-solomachine)
    * [07-tendermint](https://github.com/cosmos/ibc-go/tree/main/modules/light-clients/07-tendermint)
    * [09-localhost](https://github.com/cosmos/ibc-go/tree/main/modules/light-clients/09-localhost)
    * [08-wasm] (https://github.com/cosmos/ibc-go/tree/main/modules/light-clients/08-wasm)

    ### Middleware Modules
    * [29-fee](https://github.com/cosmos/ibc-go/tree/main/modules/apps/29-fee)
    * [Callbacks](https://github.com/cosmos/ibc-go/tree/main/modules/apps/callbacks)

    ## LTS Policy

    The ibc-go team has implemented a [Stable Release Policy](https://github.com/cosmos/ibc-go/blob/main/RELEASES.md%23stable-release-policy) that covers the protocol and components it maintains.

    OTHER
    critical
  • CosmWasm

    CosmWasm is a smart contract platform that focuses on security, performance and interoperability by Confio GMBH. It is the only smart contracting platform for public blockchains with significant adoption outside of the EVM.

    For documentation about the platform and a Getting Started guide, please see https://www.cosmwasm.com/build

    ## In-scope Repositories

    * Execution environment
    * [cosmwasm](https://github.com/CosmWasm/cosmwasm)
    * [wasmvm](https://github.com/CosmWasm/wasmvm)
    * [wasmd](https://github.com/CosmWasm/wasmd)
    * Standard library dependencies
    * [serde-json-wasm](https://github.com/CosmWasm/serde-json-wasm)
    * Libraries for building contracts
    * [cw-plus](https://github.com/CosmWasm/cw-plus)
    * [cw-storage-plus](https://github.com/CosmWasm/cw-storage-plus)
    * [cw-utils](https://github.com/CosmWasm/cw-utils)
    * Build tools
    * [rust-optimizer](https://github.com/CosmWasm/rust-optimizer)

    OTHER
    critical
  • IBC Go Relayer

    The ibc-go relayer is a Golang implementation of an Interblockchain Communication (IBC) relayer maintained by Strangelove Labs. A relayer process monitors for updates on open paths between sets of IBC enabled chains and submits these updates in the form of specific message types to the counterparty chain. Clients are then used to track and verify the consensus state.
    In addition to relaying packets, this relayer can open paths across chains, thus creating clients, connections and channels.



    The [documentation for this relayer](https://github.com/cosmos/relayer?tab=readme-ov-file#table-of-contents) and a [demo](https://github.com/cosmos/relayer/blob/main/examples/README.md) for setting up a development environment are available. Additional information on how IBC works can be found [here](https://ibc.cosmos.network/main).

    ## In-Scope Repositories

    [https://github.com/cosmos/relayer](https://github.com/cosmos/relayer) 

    OTHER
    critical
  • Hermes Relayer

    Hermes is a Rust implementation of an Inter-Blockchain Communication (IBC) relayer that is developed and maintained by Informal Systems. It provides a CLI to relay packets between Cosmos SDK chains, exposes [Prometheus](https://prometheus.io/) metrics and offers a REST API.

    The [documentation for Hermes](https://hermes.informal.systems/) includes a [guide for installation](https://hermes.informal.systems/quick-start/installation.html) and [several tutorials](https://hermes.informal.systems/tutorials/local-chains/index.html) that will help you get started with security testing in a local environment. 

    ## In-Scope Repositories

    
This component of the Interchain Stack comprises primarily of 6 crates: 

    * [ibc-relayer](https://crates.io/crates/ibc-relayer) provides an implementation of an IBC relayer, as a *library*.
    * [ibc-relayer-cli](https://crates.io/crates/ibc-relayer-cli) is a CLI (a wrapper over the ibc-relayer library), comprising the [hermes](https://hermes.informal.systems/) binary.
    * [ibc-chain-registry](https://crates.io/crates/ibc-chain-registry) provides functions to fetch data from the [chain registry](https://github.com/cosmos/chain-registry) and automatically generate chain configuration for Hermes.
    * [ibc-telemetry](https://crates.io/crates/ibc-telemetry) is a library for use in the Hermes CLI, for gathering telemetry data and exposing that in a Prometheus endpoint.
    * [ibc-relayer-rest](https://crates.io/crates/ibc-telemetry) is a library for use in the Hermes CLI, for exposing a REST API to inspect the state of the relayer.
    * [ibc-test-framework](https://crates.io/crates/ibc-test-framework) provides the infrastructure and framework for writing end-to-end (E2E) tests that include the spawning of the relayer together with Cosmos full nodes.

    OTHER
    critical
  • Solidity IBC Eureka
    OTHER
    critical
  • Cosmos SDK

    The Cosmos SDK is an open-source framework for building multi-asset public Proof-of-Stake (PoS) blockchains, like the Cosmos Hub, as well as permissioned Proof-of-Authority (PoA) blockchains. SDK-based blockchains are built out of composable [modules](https://docs.cosmos.network/main/build/building-modules/intro), most of which are open-source and readily available for any developers to use.

To get started, learn more about the [architecture of a Cosmos SDK application](https://docs.cosmos.network/main/learn/intro/sdk-app-architecture), or how to build application-specific blockchain from scratch with the [Cosmos SDK Tutorial](https://cosmos.network/docs/tutorial).

    ## In-Scope Repositories
    * [cosmossdk](https://github.com/cosmos/cosmos-sdk)

    ### Core packages
    * [baseapp](https://github.com/cosmos/cosmos-sdk/tree/main/baseapp)
    * [crypto](https://github.com/cosmos/cosmos-sdk/tree/main/crypto)
    * [types](https://github.com/cosmos/cosmos-sdk/tree/main/types)
    * [store](https://github.com/cosmos/cosmos-sdk/tree/main/store)

    ### Modules
    * [x/auth](https://github.com/cosmos/cosmos-sdk/tree/main/x/auth)
    * [x/bank](https://github.com/cosmos/cosmos-sdk/tree/main/x/bank)
    * [x/staking](https://github.com/cosmos/cosmos-sdk/tree/main/x/staking)
    * [x/slashing](https://github.com/cosmos/cosmos-sdk/tree/main/x/slashing)
    * [x/evidence](https://github.com/cosmos/cosmos-sdk/tree/main/x/evidence)
    * [x/distribution](https://github.com/cosmos/cosmos-sdk/tree/main/x/distribution)
    * [x/mint](https://github.com/cosmos/cosmos-sdk/tree/main/x/mint)

    We are interested in bugs in other modules, however the above are most likely to have significant vulnerabilities, due to the complexity/nuance involved. We also recommend reading the [specification](https://github.com/cosmos/cosmos-sdk/blob/main/docs/building-modules/README.md) of each module before digging into the code.

    OTHER
    critical
  • https://github.com/cosmos/ibc-go

    In scope:

    ### IBC Core

    - [`02-client`](https://github.com/cosmos/ibc-go/tree/main/modules/core/02-client)
    - [`03-connection`](https://github.com/cosmos/ibc-go/tree/main/modules/core/03-connection)
    - [`04-channel`](https://github.com/cosmos/ibc-go/tree/main/modules/core/04-channel)
    - [`05-port`](https://github.com/cosmos/ibc-go/tree/main/modules/core/05-port)
    - [`23-commitment`](https://github.com/cosmos/ibc-go/tree/main/modules/core/23-commitment)
    - [`24-host`](https://github.com/cosmos/ibc-go/tree/main/modules/core/24-host)

    ### IBC Applications

    - [`transfer`](https://github.com/cosmos/ibc-go/tree/main/modules/apps/transfer)

    ### Light Clients

    - [`07-tendermint`](https://github.com/cosmos/ibc-go/tree/main/modules/light-clients/07-tendermint)

    SOURCE_CODE
    critical
  • https://github.com/iqlusioninc/signatory

    Restricted to the ed25519 provider sub-crates like dalek-ed25519 and ring.

    SOURCE_CODE
    critical
  • https://github.com/cosmos/gaia

    The following is a list of examples of the kinds of vulnerabilities that we’re most interested in. It is not exhaustive: there are other kinds of issues we may also be interested in!

    * Injection exploits
    * Privilege escalation
    * IBC
    * Inter-module interactions
    * Network channel attacks
    * Replay attacks

    SOURCE_CODE
    critical
  • https://github.com/iqlusioninc/yubihsm.rs

    The bug bounty is restricted to the ed25519 pubkey and signing paths.

    SOURCE_CODE
    critical
  • https://github.com/CosmWasm/cosmwasm

    The following repositories from CosmWasm are in scope of this program.

    * Execution environment
    * [cosmwasm](https://github.com/CosmWasm/cosmwasm)
    * [wasmvm](https://github.com/CosmWasm/wasmvm)
    * [wasmd](https://github.com/CosmWasm/wasmd)
    * Standard library dependencies
    * [serde-json-wasm](https://github.com/CosmWasm/serde-json-wasm)
    * Libraries for building contracts
    * [cw-plus](https://github.com/CosmWasm/cw-plus)
    * [cw-storage-plus](https://github.com/CosmWasm/cw-storage-plus)
    * [cw-utils](https://github.com/CosmWasm/cw-utils)
    * Build tools
    * [rust-optimizer](https://github.com/CosmWasm/rust-optimizer)

    SOURCE_CODE
    critical
  • https://github.com/cosmos/cosmos-sdk

    ### Core packages

    * [`/baseapp`](https://github.com/cosmos/cosmos-sdk/tree/main/baseapp)
    * [`/crypto`](https://github.com/cosmos/cosmos-sdk/tree/main/crypto)
    * [`/types`](https://github.com/cosmos/cosmos-sdk/tree/main/types)
    * [`/store`](https://github.com/cosmos/cosmos-sdk/tree/main/store)

    ### Modules

    * [`x/auth`](https://github.com/cosmos/cosmos-sdk/tree/main/x/auth)
    * [`x/bank`](https://github.com/cosmos/cosmos-sdk/tree/main/x/bank)
    * [`x/staking`](https://github.com/cosmos/cosmos-sdk/tree/main/x/staking)
    * [`x/slashing`](https://github.com/cosmos/cosmos-sdk/tree/main/x/slashing)
    * [`x/evidence`](https://github.com/cosmos/cosmos-sdk/tree/main/x/evidence)
    * [`x/distribution`](https://github.com/cosmos/cosmos-sdk/tree/main/x/distribution)
    * [`x/mint`](https://github.com/cosmos/cosmos-sdk/tree/main/x/mint)

    We are interested in bugs in other modules, however the above are most likely to
    have significant vulnerabilities, due to the complexity/nuance involved. We
    also recommend reading the [specification](https://github.com/cosmos/cosmos-sdk/blob/main/docs/building-modules/README.md) of each module before digging into
    the code.

    SOURCE_CODE
    critical
  • Horcrux

    Horcrux is a [multi-party-computation \(MPC\)](https://en.wikipedia.org/wiki/Secure_multi-party_computation) signing service for CometBFT nodes built and maintained by Strangelove Labs. It provides high-availability key management for Cosmos validator operations, and mitigates the risk of double signing transactions.

    This documentation and set of guides will help you get started with learning about Horcrux:

    ### Guides:
    * [PFC-Validator example shell script](https://github.com/PFC-Validator/horcrux-container/blob/main/launch-all.sh)
    * [PFC-Validator Kubernetes Cluster yaml configs](https://github.com/PFC-Validator/PFC-Cluster/tree/main/manifests/cosmos/pisco)
    * [Lavender.Five Ansible Cluster automation](https://github.com/LavenderFive/horcrux-ansible)

    ### Diagrams:
    * [https://user-images.githubusercontent.com/6722152/157145772-8557b4b5-a0cc-4073-8834-86afda1900fc.png](https://user-images.githubusercontent.com/6722152/157145772-8557b4b5-a0cc-4073-8834-86afda1900fc.png)

    ## In-Scope Repositories
    * [https://github.com/strangelove-ventures/horcrux](https://github.com/strangelove-ventures/horcrux) 

    ## LTS Policy

    The Strangelove Labs team maintains a dedicated [Horcrux Support Policy](https://docs.google.com/document/d/1XrrOfigfoDuJUp04b_4BMvoDvgQwTQGutXVio5cAfAE/edit?usp=sharing). 

    OTHER
    critical
  • https://github.com/cometbft/cometbft-db
    SOURCE_CODE
    critical
  • https://github.com/cometbft/cometbft
    SOURCE_CODE
    critical
  • https://github.com/iqlusioninc/tmkms
    SOURCE_CODE
    critical
  • https://github.com/iqlusioninc/crates/tree/main/signatory

    Restricted to the ed25519 provider sub-crates like dalek-ed25519 and ring.

    SOURCE_CODE
    critical
  • https://github.com/cosmos/iavl

    The `iaviewer` application itself is not in-scope for the bug bounty program, unless there is an underlying bug in the `iavl` library that can be exploited through the application or other applications using the `iavl` library.

    SOURCE_CODE
    critical
  • https://github.com/cosmos/ics23
    SOURCE_CODE
    critical
  • https://github.com/cosmos/ledger-cosmos

    We are looking for security vulnerabilities that, when exploited, can make a person lose their fund, access to their private key or otherwise impact them _on the production system_, in this case, a public Ledger device.

    SOURCE_CODE
    critical
  • CometBFT

    CometBFT is a blockchain application platform; it provides the equivalent of a web-server, database, and supporting libraries for blockchain applications written in any programming language. CometBFT implements Byzantine Fault Tolerant (BFT) State Machine Replication (SMR) for arbitrary deterministic, finite state machines.

    For more background, see the [CometBFT docs site](https://docs.cometbft.com/v0.38/). To get started quickly with an example application, see the [quick start guide](https://docs.cometbft.com/v0.38/guides/quick-start).

    ## In-Scope Repositories
    * [cometbft](https://github.com/cometbft/cometbft)
    * [cometbft-db](https://github.com/cometbft/cometbft-db)

    ## LTS Policy

    Bugs present in the latest released versions of the v0.34, v0.37 and v0.38 series are eligible for bounty. Bugs present in pre-releases of new versions are also eligible.

    OTHER
    critical
Tech Stack
Last Finished Scan:
Scan Name
Fleet
Finished
State
auto-dnsenum-threaded
allsubs
1 week, 6 days ago
Finished
auto-dnsenum-threaded
  • Fleet: allsubs
  • Duration: 2.85 Minutes
  • Finished: 1 week, 6 days ago