Open darshanraju opened 2 years ago
How?
its in plaintext and its emmited from an event https://github.com/morphware/service/blob/4cbf23da52415bdec078f69deb69862e5ffcfe38/contracts/JobFactory.sol#L232
But how would knowing the magnet link bring down the torrenting client on the data scientists machine?
I have no idea, haven't looked into it. I'm thinking this may be a possible attack vector.
I think primary attack vector is bad actors winning auctions or being pseudo-randomly selected as validators and seeding bad files, like worms or viruses, to validators or data scientists; which is why I keep crowing about namespace isolation
A bad actor may act maliciously with the magnet URI's. Possibly bring down the torrenting client on the data scientists machine.