One of the Good Ones - Exploit Identification
Description
Contribute high-risk vulnerabilities or high-risk signature methods on major protocols which can be used for exploits such as phishing or loss of user assets.
Use GoPlus API's to detect or monitor high risk vulnerabilities on major Defi protocols or NFT projects. Is there anything out there, large or small, that deserves the limelight?
Acceptance criteria
A README or other document demonstrating your work.
Please show a steady commit trail and thought process e.g. sketches, discussion, issues on how you arrived at the project.
List any challenges or benefits you encountered in the security researcher experience.
Rewards
- 1: 2000 USD
- 2: 2000 USD
Resources
- Token Security API: https://gopluslabs.io/#token_detection
- https://gopluslabs.io/#token_detection
- Malicious Address API: https://gopluslabs.io/#aml_api
- https://gopluslabs.io/#aml_api
- NFT Security API: https://gopluslabs.io/#nft_detection
- https://gopluslabs.io/#nft_detection
- Approval Security API: https://gopluslabs.io/#approval_security
- https://gopluslabs.io/#approval_security
- dApp Security Info API: https://gopluslabs.io/#dapp_security
- https://gopluslabs.io/#dapp_security
- Signature Data Decode API: https://gopluslabs.io/#signature_api
- https://gopluslabs.io/#signature_api
- Real-Time Monitoring: https://gopluslabs.io/#real_time
- https://gopluslabs.io/#real_time
- Signature Data Decode API: https://gopluslabs.io/#signature_api Real-Time Monitoring: https://gopluslabs.io/#real_time GoPlus JavaScript API: https://github.com/GoPlusSecurity/goplus-sdk-js
- https://gopluslabs.io/#signature_api Real-Time Monitoring: https://gopluslabs.io/#real_time GoPlus JavaScript API: https://github.com/GoPlusSecurity/goplus-sdk-js
- GoPlus Go API: https://github.com/GoPlusSecurity/goplus-sdk-go
- https://github.com/GoPlusSecurity/goplus-sdk-go
- Security API Doc: https://docs.gopluslabs.io/
- https://docs.gopluslabs.io/
- [Vulnerability Example]: Uniswap Beneficiary Tampering: https://etherscan.io/tx/0x9de544bde5027d90fed3717c0db12ae9090aef9f471a7bff6a914359a72f56d4
- https://etherscan.io/tx/0x9de544bde5027d90fed3717c0db12ae9090aef9f471a7bff6a914359a72f56d4
- [Vulnerability Example]: Opensea 0-Price Pending Order: https://etherscan.io/tx/0xd82484e970a1a0a065f4e710da84990df5cee35e2305fcf88db44271a24c5ceb
- https://etherscan.io/tx/0xd82484e970a1a0a065f4e710da84990df5cee35e2305fcf88db44271a24c5ceb