Trail of Bits
Audit Open Original ↗

Subspace Farmer

Type

Security review

Client

Subspace Network

Date

2022-09

Domain

Blockchain

Effort

2 wks

Section

Ethereum/EVM

Trail of Bits's security review of Subspace Network (Sep 2022) identified 9 issues: 1 high, 2 medium, 4 low, and 2 informational.

Findings · 9

  1. 1 Desktop application configuration file stored in group writable file Low
  2. 2 Insucient validation of users’ reward addresses Low
  3. 3 Improper error handling Low
  4. 4 Flawed regex in the Tauri configuration Medium
  5. 5 Insucient privilege separation between the front end and back end Medium
  6. 6 Vulnerable dependencies High
  7. 7 Broken error reporting link Low
  8. 8 Side eects are triggered regardless of disk_farms validity Informational
  9. 9 Network configuration path construction is duplicated Informational

Findings extracted from the published report PDF. See the full report below for details and remediation.

Related