StarkNet is a validity rollup based on zk-STARK proofs. It operates as an L2 network over Ethereum, enabling any dApp to achieve scale for its computation – without compromising Ethereum's composability and security.
| Target | Type | Severity |
|---|---|---|
https://github.com/starkware-libs/sequencer/tree/main-v0.14.2/crates/apollo_starknet_os_program/src/cairo/starkware/starknet/core/os Copy Blockchain/DLT Starknet OS | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/starknet/solidity Copy Blockchain/DLT StarkNet L1 Core Contracts | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/solidity/libraries Copy Blockchain/DLT StarkNet L1 Core Contracts Libraries | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/solidity/interfaces Copy Blockchain/DLT StarkNet L1 Core Contracts Interfaces | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/solidity/components Copy Blockchain/DLT Starknet L1 Core Contract components | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/usort.cairo Copy Blockchain/DLT Cairo - usort.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/uint256.cairo Copy Blockchain/DLT Cairo - uint256.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/squash_dict.cairo Copy Blockchain/DLT Cairo - squash_dict.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/small_merkle_tree.cairo Copy Blockchain/DLT Cairo - small_merkle_tree.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/signature.cairo Copy Blockchain/DLT Cairo - signature.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/set.cairo Copy Blockchain/DLT Cairo - set.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/serialize.cairo Copy Blockchain/DLT Cairo - serialize.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/segments.cairo Copy Blockchain/DLT Cairo - segments.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/registers.cairo Copy Blockchain/DLT Cairo - registers.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/pow.cairo Copy Blockchain/DLT Cairo - pow.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/patricia.cairo Copy Blockchain/DLT Cairo - patricia.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/merkle_update.cairo Copy Blockchain/DLT Cairo - merkle_update.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/merkle_multi_update.cairo Copy Blockchain/DLT Cairo - merkle_multi_update.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/memset.cairo Copy Blockchain/DLT Cairo - memset.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/memcpy.cairo Copy Blockchain/DLT Cairo - memcpy.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/math_cmp.cairo Copy Blockchain/DLT Cairo - math_cmp.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/math.cairo Copy Blockchain/DLT Cairo - math.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/keccak.cairo Copy Blockchain/DLT Cairo - keccak.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/invoke.cairo Copy Blockchain/DLT Cairo - invoke.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/hash_state.cairo Copy Blockchain/DLT Cairo - hash_state.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/hash_chain.cairo Copy Blockchain/DLT Cairo - hash_chain.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/hash.cairo Copy Blockchain/DLT Cairo - hash.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/find_element.cairo Copy Blockchain/DLT Cairo - find_element.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/ec_point.cairo Copy Blockchain/DLT Cairo - ec_point.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/ec.cairo Copy Blockchain/DLT Cairo - ec.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/dict_access.cairo Copy Blockchain/DLT Cairo - dict_access.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/dict.cairo Copy Blockchain/DLT Cairo - dict.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/default_dict.cairo Copy Blockchain/DLT Cairo - default_dict.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/cairo_builtins.cairo Copy Blockchain/DLT Cairo - cairo_builtins.cairo | Protocol | High |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/bool.cairo Copy Blockchain/DLT Cairo - bool.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/bitwise.cairo Copy Blockchain/DLT Cairo - bitwise.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/alloc.cairo Copy Blockchain/DLT Cairo - alloc.cairo | Protocol | Critical |
https://github.com/starkware-libs/sequencer/tree/main-v0.14.2/crates/apollo_starknet_os_program/src/cairo/starkware/starknet/core/os Copy Blockchain/DLT Starknet OS | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/starknet/solidity Copy Blockchain/DLT StarkNet L1 Core Contracts | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/solidity/libraries Copy Blockchain/DLT StarkNet L1 Core Contracts Libraries | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/solidity/interfaces Copy Blockchain/DLT StarkNet L1 Core Contracts Interfaces | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/tree/master/src/starkware/solidity/components Copy Blockchain/DLT Starknet L1 Core Contract components | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/usort.cairo Copy Blockchain/DLT Cairo - usort.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/uint256.cairo Copy Blockchain/DLT Cairo - uint256.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/squash_dict.cairo Copy Blockchain/DLT Cairo - squash_dict.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/small_merkle_tree.cairo Copy Blockchain/DLT Cairo - small_merkle_tree.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/signature.cairo Copy Blockchain/DLT Cairo - signature.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/set.cairo Copy Blockchain/DLT Cairo - set.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/serialize.cairo Copy Blockchain/DLT Cairo - serialize.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/segments.cairo Copy Blockchain/DLT Cairo - segments.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/registers.cairo Copy Blockchain/DLT Cairo - registers.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/pow.cairo Copy Blockchain/DLT Cairo - pow.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/patricia.cairo Copy Blockchain/DLT Cairo - patricia.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/merkle_update.cairo Copy Blockchain/DLT Cairo - merkle_update.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/merkle_multi_update.cairo Copy Blockchain/DLT Cairo - merkle_multi_update.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/memset.cairo Copy Blockchain/DLT Cairo - memset.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/memcpy.cairo Copy Blockchain/DLT Cairo - memcpy.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/math_cmp.cairo Copy Blockchain/DLT Cairo - math_cmp.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/math.cairo Copy Blockchain/DLT Cairo - math.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/keccak.cairo Copy Blockchain/DLT Cairo - keccak.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/invoke.cairo Copy Blockchain/DLT Cairo - invoke.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/hash_state.cairo Copy Blockchain/DLT Cairo - hash_state.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/hash_chain.cairo Copy Blockchain/DLT Cairo - hash_chain.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/hash.cairo Copy Blockchain/DLT Cairo - hash.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/find_element.cairo Copy Blockchain/DLT Cairo - find_element.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/ec_point.cairo Copy Blockchain/DLT Cairo - ec_point.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/ec.cairo Copy Blockchain/DLT Cairo - ec.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/dict_access.cairo Copy Blockchain/DLT Cairo - dict_access.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/dict.cairo Copy Blockchain/DLT Cairo - dict.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/default_dict.cairo Copy Blockchain/DLT Cairo - default_dict.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/cairo_builtins.cairo Copy Blockchain/DLT Cairo - cairo_builtins.cairo | Protocol | High |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/bool.cairo Copy Blockchain/DLT Cairo - bool.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/bitwise.cairo Copy Blockchain/DLT Cairo - bitwise.cairo | Protocol | Critical |
https://github.com/starkware-libs/cairo-lang/blob/master/src/starkware/cairo/common/alloc.cairo Copy Blockchain/DLT Cairo - alloc.cairo | Protocol | Critical |
Blockchain/DLT Starknet OS
Blockchain/DLT StarkNet L1 Core Contracts
Blockchain/DLT StarkNet L1 Core Contracts Libraries
Blockchain/DLT StarkNet L1 Core Contracts Interfaces
Blockchain/DLT Starknet L1 Core Contract components
Blockchain/DLT Cairo - usort.cairo
Blockchain/DLT Cairo - uint256.cairo
Blockchain/DLT Cairo - squash_dict.cairo
Blockchain/DLT Cairo - small_merkle_tree.cairo
Blockchain/DLT Cairo - signature.cairo
Blockchain/DLT Cairo - set.cairo
Blockchain/DLT Cairo - serialize.cairo
Blockchain/DLT Cairo - segments.cairo
Blockchain/DLT Cairo - registers.cairo
Blockchain/DLT Cairo - pow.cairo
Blockchain/DLT Cairo - patricia.cairo
Blockchain/DLT Cairo - merkle_update.cairo
Blockchain/DLT Cairo - merkle_multi_update.cairo
Blockchain/DLT Cairo - memset.cairo
Blockchain/DLT Cairo - memcpy.cairo
Blockchain/DLT Cairo - math_cmp.cairo
Blockchain/DLT Cairo - math.cairo
Blockchain/DLT Cairo - keccak.cairo
Blockchain/DLT Cairo - invoke.cairo
Blockchain/DLT Cairo - hash_state.cairo
Blockchain/DLT Cairo - hash_chain.cairo
Blockchain/DLT Cairo - hash.cairo
Blockchain/DLT Cairo - find_element.cairo
Blockchain/DLT Cairo - ec_point.cairo
Blockchain/DLT Cairo - ec.cairo
Blockchain/DLT Cairo - dict_access.cairo
Blockchain/DLT Cairo - dict.cairo
Blockchain/DLT Cairo - default_dict.cairo
Blockchain/DLT Cairo - cairo_builtins.cairo
Blockchain/DLT Cairo - bool.cairo
Blockchain/DLT Cairo - bitwise.cairo
Blockchain/DLT Cairo - alloc.cairo
Blockchain/DLT Starknet OS
Blockchain/DLT StarkNet L1 Core Contracts
Blockchain/DLT StarkNet L1 Core Contracts Libraries
Blockchain/DLT StarkNet L1 Core Contracts Interfaces
Blockchain/DLT Starknet L1 Core Contract components
Blockchain/DLT Cairo - usort.cairo
Blockchain/DLT Cairo - uint256.cairo
Blockchain/DLT Cairo - squash_dict.cairo
Blockchain/DLT Cairo - small_merkle_tree.cairo
Blockchain/DLT Cairo - signature.cairo
Blockchain/DLT Cairo - set.cairo
Blockchain/DLT Cairo - serialize.cairo
Blockchain/DLT Cairo - segments.cairo
Blockchain/DLT Cairo - registers.cairo
Blockchain/DLT Cairo - pow.cairo
Blockchain/DLT Cairo - patricia.cairo
Blockchain/DLT Cairo - merkle_update.cairo
Blockchain/DLT Cairo - merkle_multi_update.cairo
Blockchain/DLT Cairo - memset.cairo
Blockchain/DLT Cairo - memcpy.cairo
Blockchain/DLT Cairo - math_cmp.cairo
Blockchain/DLT Cairo - math.cairo
Blockchain/DLT Cairo - keccak.cairo
Blockchain/DLT Cairo - invoke.cairo
Blockchain/DLT Cairo - hash_state.cairo
Blockchain/DLT Cairo - hash_chain.cairo
Blockchain/DLT Cairo - hash.cairo
Blockchain/DLT Cairo - find_element.cairo
Blockchain/DLT Cairo - ec_point.cairo
Blockchain/DLT Cairo - ec.cairo
Blockchain/DLT Cairo - dict_access.cairo
Blockchain/DLT Cairo - dict.cairo
Blockchain/DLT Cairo - default_dict.cairo
Blockchain/DLT Cairo - cairo_builtins.cairo
Blockchain/DLT Cairo - bool.cairo
Blockchain/DLT Cairo - bitwise.cairo
Blockchain/DLT Cairo - alloc.cairo
StarkNet is a validity rollup based on zk-STARK proofs. It operates as an L2 network over Ethereum, enabling any dApp to achieve scale for its computation – without compromising Ethereum's composability and security.
StarkNet is currently still in “alpha” stage. For more information about StarkNet, please visit https://starknet.io/ and https://docs.starknet.io/.
Critical: Max: $250,000 Min: $15,000
High: $10,000
Reward amount is 10% of the funds directly affected, capped at the maximum critical reward of: $250,000 Minimum reward to discourage security researchers from withholding a bug report: $15,000
The reward is dependent on the ratio between the funds at risk, which includes all affected projects on top of the respective blockchain/DLT, and the market cap according to the average between CoinMarketCap.com and CoinGecko.com, calculated at the time the bug report is submitted.
Researchers are not permitted to submit the same vulnerability report simultaneously on multiple platforms. Violation of this rule will result in the blocking of the researcher's account.
We are happy to thank everyone who submits valid reports which help us improve the security. However, only those that meet the following eligibility requirements may receive a monetary reward: