Subnet 2, the next stage in cryptographically verified efficient and intelligent networks. By leveraging incentive design, Subnet 2 optimizes the generation of zero knowledge and verified compute across verticals such as zkML, zkRollups, training, model distillation and much more.
PoC Required
KYC required
Arbitration enabled
Assets in Scope
No results found.
Please adjust your search.
Impacts in Scope
Only the following impacts are accepted within the Program. All other impacts are not considered as in-scope, even if they affect something in the assets in scope table.
Retrieve sensitive data/files from a running server, such as: /etc/shadow database passwords blockchain keys (this does not include non-sensitive environment variables, open source code, or usernames)
Taking state-modifying authenticated actions (with or without blockchain state interaction) on behalf of other users without any interaction by that user, such as: Changing registration information Commenting Voting Making trades Withdrawals, etc.
Generating a false ZK proof that the verify algorithm deems as correct (breaking protocol soundness) leading to loss of funds
Execute arbitrary system commands
Taking down the application/website
Subdomain takeover with already-connected wallet interaction
Direct theft of user funds
Injection of malicious HTML or XSS through metadata
Injecting/modifying the static content on the target application without JavaScript (persistent), such as: HTML injection without JavaScript Replacing existing text with arbitrary text Arbitrary file uploads, etc
Changing sensitive details of other users (including modifying browser local storage) without already-connected wallet interaction and with up to one click of user interaction, such as: Email Password of the victim etc.
Improperly disclosing confidential user information, such as: Email address Phone number Physical address, etc.
Subdomain takeover without already-connected wallet interaction