Bug Buster logoBug Buster

Badges

About

Bug Buster is an open source bug bounty platform for web3, powered by Cartesi.


Value Locked

$509.51

0.53%

Canonically Bridged
$509.51
Externally Bridged
$0.00
Natively Minted
$0.00

  • Tokens
  • Daily TPS
  • 30D tx count

  • Type
    Optimistic Rollup
  • Purpose
    Bug bounty
  • Sequencer failureState validationData availabilityExit windowProposer failure

    Badges

    About

    Bug Buster is an open source bug bounty platform for web3, powered by Cartesi.


    Value Locked
    Risk summary
    Risk analysis
    The L3 risks depend on the individual properties of L3 and those of the host chain combined.
    Critical contract references can be changed by an EOA which could result in the loss of all funds.
    SEQUENCER
    FAILURE
    STATE
    VALIDATION
    DATA
    AVAILABILITY
    EXIT WINDOWPROPOSER
    FAILURE
    OP Mainnet
    L2
    Self sequenceFraud proofs (INT)OnchainNoneSelf propose
    Bug Buster
    L3 • Individual
    Self sequenceNoneOnchainNoneCannot withdraw
    Bug Buster
    L3 • Combined
    Self sequenceNoneOnchainNoneCannot withdraw
    L3 combined risks
    Sequencer failureState validationData availabilityExit windowProposer failure
    L2 & L3 individual risks
    Sequencer failureState validationData availabilityExit windowProposer failure

    L3 combined risks

    Sequencer failure

    Self sequence

    In the event of a sequencer failure, users can force transactions to be included in the project’s chain by sending them to L1. There is a 12h delay on this operation.

    State validation

    None

    Currently the system permits invalid state roots. More details in project overview.

    Data availability

    Onchain

    All of the data needed for proof construction is published on the base chain, which ultimately gets published on Ethereum.

    Exit window

    None

    There is no window for users to exit in case of an unwanted regular upgrade since contracts are instantly upgradable.

    Proposer failure

    Cannot withdraw

    Only the whitelisted proposers can publish state roots on L1, so in the event of failure the withdrawals are frozen.

    Technology

    Fraud proofs are in development

    Ultimately, Cartesi DApps will use interactive fraud proofs to enforce state correctness. This feature is currently in development and the Bug Buster DApp permits invalid state roots.

    • Funds can be stolen if an invalid state root is submitted to the system by the configured Authority (CRITICAL).

    • Funds can be stolen if the DApp owner changes the consensus implementation maliciously (CRITICAL).

    1. Authority.sol#L48 - Optimism Etherscan source code, submitClaim function
    2. CartesiDApp.sol#L201 - Optimism Etherscan source code, migrateToConsensus function

    All transaction data is recorded on chain

    All executed transactions are submitted to an on chain smart contract. The execution of the rollup is based entirely on the submitted transactions, so anyone monitoring the contract can know the correct state of the rollup chain.

    1. InputBox.sol#30 - Optimism Etherscan source code, addInput function
    Operator

    The system has a centralized operator

    The operator is the only entity that can propose blocks. A live and trustworthy operator is vital to the health of the system.

    • MEV can be extracted if the operator exploits their centralized position and frontruns user transactions.

    Users can force any transaction

    Because the state of the system is based on transactions submitted on the underlying host chain and anyone can submit their transactions there it allows the users to circumvent censorship by interacting with the smart contract on the host chain directly.

    Withdrawals

    Regular exit

    The user initiates the withdrawal by submitting a regular transaction on this chain. When the block containing that transaction is finalized the funds become available for withdrawal on L1. The process of block finalization usually takes several days to complete. Finally the user submits an L1 transaction to claim the funds. This transaction requires a merkle proof.

    • Funds can be frozen if the centralized validator goes down. Users cannot produce blocks themselves and exiting the system requires new block production (CRITICAL).

    Permissions

    The system uses the following set of permissioned addresses:

    BugBuster Owner 0x7f9e…1ed3

    Owner of the Bug Buster Cartesi DApp. Can change the consensus reference and therefore steal all funds.

    Authority Owner 0xD330…1cf5

    Owner of the Authority contract - the current consensus implementation. Can make arbitrary claims about the current state of Bug Buster and steal all funds in the absence of fraud proofs.

    Smart contracts

    The system consists of the following smart contracts on the host chain (OP Mainnet):

    BugBuster 0x3FF5…7299

    CartesiDApp instance for the Bug Buster DApp, responsible for holding assets and allowing the DApp to interact with other smart contracts. This contract can store any token.

    InputBox 0x59b2…c768

    Contract that receives arbitrary blobs as inputs to Cartesi DApps.

    ERC20Portal 0x9C21…a1DB

    Contract that allows anyone to perform transfers of ERC-20 tokens to Cartesi DApps (like e.g. Bug Buster).

    Authority 0x4246…fb35

    Simple consensus model controlled by a single address, the owner.

    Contract that stores claims for Cartesi DApps.

    Value Locked is calculated based on these smart contracts and tokens:

    Generic escrow 0x3FF5…7299

    DApp Contract storing bounties funds.