The Microraiden bug bounty has been running for over one month. Now that version 0.2.0 has been released, this post serves as an update of the bounty’s progress and clarifies on the duration as well as next steps.

Issues discovered

We received many reports but only two of them lead to code changes and one of those two lead to some considerable rework of the way we sign transactions.

Issue 1: Closing signature should not be a signature of a hash

The first report and the one that was the most helpful came from Sergio Demian Lerner. The way we were handling closing_sig was suboptimal. The closing_sig was a signature of the hash of balance_msg_sig. But that is not safe, as an ECDSA signature cannot replace a hash digest of a message. It does not provide non-repudiation if messages can be chosen before the signer’s private key. It is possible to construct a private key that will have the same signature for two specific messages.

After further investigation, we discovered that in our case, there was no possibility of using the exploit as presented in the above linked paper due to Ethereum’s ECDSA using v to differentiate between the possible curve points for the same signature.

Regardless of that, we documented the issue here and pushed code changes for it here. For a more detailed analysis look at the github issues.

Sergio is going to be rewarded with $4,999 worth of RDN for this find as it almost qualifies as an issue that could put user funds at risk.

Issue 2: Missing overflow check

The second report came from Phil. He spotted that for a high value of challenge_period and a block number decades into the future, an addition overflow could happen during channel settlement.

This scenario is highly unlikely and did not apply to the current contract as the challenge period was only 500. Regardless, we added the missing overflow check.

Phil is going to be rewarded with $1,000 worth of RDN for this find, even though it does not affect the deployed contract but lead to a code change.

The bounty is extended by at least 2 weeks

At the time of writing, the bug bounty is still active and we appreciate you having a look at all the changes that have been introduced between versions 0.1.0 and 0.2.0. Whenever you submit an exploit, always provide code demonstrating your findings. Don’t miss the chance to earn some RDN according to the rules of the bounty.

This bounty will close once there are no issues found within two weeks. Then the bounties will be paid.

Happy hunting!

The Raiden project is led by brainbot labs Est.