You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The goal of this bounty is to compromise the Actor security model. Convex depends on a security model such that the only code that should be executed in the Actor's context is code deployed or permitted to be executed by the Actor itself.
Requirements:
Must show the ability to execute arbitrary CVM code in the Actor's security context (i.e. using the *address* of the Actor, such as transfering coins away from the Actor's Account)
May be demonstrated with any Actor deployed on the test network (you may deploy your own)
Must not exploit a flaw in the Actor's code (e.g. creating an Actor which calls eval on untrusted user input) - this would be considered a flaw in the Actor implementation rather than the CVM security model.
The text was updated successfully, but these errors were encountered:
The goal of this bounty is to compromise the Actor security model. Convex depends on a security model such that the only code that should be executed in the Actor's context is code deployed or permitted to be executed by the Actor itself.
Requirements:
*address*of the Actor, such as transfering coins away from the Actor's Account)evalon untrusted user input) - this would be considered a flaw in the Actor implementation rather than the CVM security model.The text was updated successfully, but these errors were encountered: