Possible Security volnurability when sending REST walletnotfiy

Doichain / dapp

Doichan dApp - a Meteor.js implementation of the "Doichain Atomic Double-Opt-In" Protocol

https://www.doichain.org

MIT License

6 stars 6 forks source link

Possible Security volnurability when sending REST walletnotfiy #87

Closed silkroadnomad closed 5 years ago

silkroadnomad commented 5 years ago

if a transaction is received by the doichain node, it is forwarded to /api/v1/walletnotify?tx=...

Here an attacker could claim another transaction should be processed. Even tho it doesn't belong to bob's responsibility.

How harmful this could be for Bob is not fully clear, but it shouldn't be possible.

https://github.com/Doichain/dapp/blob/master/server/api/rest/imports/confirm.js#L41

Please see https://bounties.doichain.org/ how to apply for Doichain bounties.

silkroadnomad commented 5 years ago

if a transaction enters a dApp either through blocknotify or walletnotify before processing this transaction we check if the Doichain address the transaction was send belongs to the private key of the dApps wallet.