monero-oxide-logo

monero-oxide

monero-oxide is a collection of Rust libraries to work with the Monero protocol.

Blockchain
Rust
Maximum Bounty
$100,000
Live Since
09 September 2025
Last Updated
21 October 2025
  • PoC Required

Select the category you'd like to explore

Assets in Scope

Target
Type
Blockchain/DLT - monero-oxide
Added on
9 September 2025

Impacts in Scope

For the "Undocumented panic reachable from a public API" impact, we are officially considering Rust panics. We cannot prevent an operating system which decides to terminate a program using our library. We will, however, consider out-of-memory issues (and similar) if they're reasonably posited as a Denial of Service. The fact any function allocates, and therefore can exceed the program's allowed memory usage, will not automatically be considered as a valid submission. Notable overhead for the amount of memory allocated as a factor of the amount of memory legitimately present must be demonstrated.

Roughly stated, the academic definition of incorrect is an algorithm whose honest execution will not have the expected result. The roughly-stated academic definition of incomplete is an algorithm which claims to work with a set of cases yet actually only works for a subset. This is distinct from unsoundness, where a verifier should be convinced a correct proof is correct yet is convinced by an incorrect proof, and zero-knowledge, where an algorithm which shouldn't reveal any additional information about the secrets does in fact do so. Our occassional (as appropriate within the Monero protocol) support for points which have a term from a small-order subgroup will not inherently be considered incorrect or incomplete unless such effects actually descend from this property.

Severity
Critical
Title

Unintended, undocumented recovery of private spend keys (or private spend key shares)

Severity
Critical
Title

Signing of unintended messages

Severity
Critical
Title

Reportedly received funds which weren’t actually received

Severity
Critical
Title

Ability to forge proofs present with only the default features

Severity
High
Title

Incorrect/incomplete (in the academic sense) cryptographic formulae within a verifier's callstack

Severity
High
Title

Incompatibilities with the targeted Monero consensus protocol which would require reimplementing notable sections of monero-oxide

Severity
Medium
Title

Undocumented fingerprints in created transactions, when compared to the targeted version of Monero’s wallet2

Severity
Low
Title

Incompatibilities with the targeted Monero wallet protocol which would require reimplementing notable sections of monero-oxide

Severity
Low
Title

Incorrect/incomplete (in the academic sense) cryptographic formulae within a prover's callstack

Severity
Low
Title

Non-constant-time implementation with regards to secret data

Severity
Low
Title

Undocumented panic reachable from a public API

Out of scope

Default Out of Scope and rules

Blockchain/DLT specific

  • Incorrect data supplied by third party oracles
    • Not to exclude oracle manipulation/flash loan attacks
  • Impacts requiring basic economic and governance attacks (e.g. 51% attack)
  • Lack of liquidity impacts
  • Impacts from Sybil attacks
  • Impacts involving centralization risks

All categories

  • Impacts requiring attacks that the reporter has already exploited themselves, leading to damage
  • Impacts caused by attacks requiring access to leaked keys/credentials
  • Impacts caused by attacks requiring access to privileged addresses (including, but not limited to: governance and strategist contracts) without additional modifications to the privileges attributed
  • Impacts relying on attacks involving the depegging of an external stablecoin where the attacker does not directly cause the depegging due to a bug in code
  • Mentions of secrets, access tokens, API keys, private keys, etc. in Github will be considered out of scope without proof that they are in-use in production
  • Best practice recommendations
  • Feature requests
  • Impacts on test files and configuration files unless stated otherwise in the bug bounty program
  • Impacts requiring phishing or other social engineering attacks against project's employees and/or customers