An orchestrator stores private keys in the keys.json file with permissions 644. That file is stored in the directory .gbt with permissions 755. So any user on the host can read private keys.
The vulnerable function is located here
To reproduce the issue just run:
gbt init
gbt keys set-ethereum-key --key 1234747479292949494949494394934934934939434323435345345345345355
gbt keys show
ls -al ./gbt
An orchestrator stores private keys in the
keys.json
file with permissions644
. That file is stored in the directory.gbt
with permissions755
. So any user on the host can read private keys.The vulnerable function is located here To reproduce the issue just run: