Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Epic: Validate messages received over JSON RPC interfaces #9455

Closed
PhilWindle opened this issue Oct 27, 2024 · 0 comments · Fixed by #9672
Closed

Epic: Validate messages received over JSON RPC interfaces #9455

PhilWindle opened this issue Oct 27, 2024 · 0 comments · Fixed by #9672
Labels
A-security Area: Relates to security. Something is insecure. T-epic team-alpha
Milestone
TestNet

Comments

@PhilWindle
Copy link
Collaborator

As it stands, all messages received by components over JSON-RPC interfaces are assumned to be valid. i.e. they are correctly formed with the appropriate fields and data types. This is an easy griefing vector and a validation step should be introduced to protect these endpoints.
@PhilWindle PhilWindle added this to the TestNet milestone Oct 27, 2024
@PhilWindle PhilWindle added this to A3 Oct 27, 2024
@github-project-automation github-project-automation bot moved this to Todo in A3 Oct 27, 2024
@PhilWindle PhilWindle removed the status in A3 Oct 27, 2024
@PhilWindle PhilWindle moved this to Todo in A3 Oct 27, 2024
@spalladino spalladino mentioned this issue Oct 28, 2024
Closed
@spalladino spalladino added the A-security Area: Relates to security. Something is insecure. label Oct 28, 2024
@spalladino spalladino mentioned this issue Oct 30, 2024
Closed
@spalladino spalladino mentioned this issue Nov 8, 2024
Merged
@github-project-automation github-project-automation bot moved this from Todo to Done in A3 Nov 10, 2024
@github-project-automation github-project-automation bot moved this from Todo to Done in A3 Nov 10, 2024
@AztecBot AztecBot mentioned this issue Nov 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-security Area: Relates to security. Something is insecure. T-epic team-alpha
Projects
A3
Archived in project
Milestone
TestNet
Development

Successfully merging a pull request may close this issue.

chore: Validate RPC inputs AztecProtocol/aztec-packages
3 participants
@spalladino @iAmMichaelConnor @PhilWindle