Security context

What an agent needs to avoid regressing past fixes and find the next vuln in this repo.

ChainSafe/forest
main @ 2b7d1c2
64
Fixes
0
CVEs
CRITICAL
Peak severity
Highlights
Denial of Service: 34 prior fixes. Scrutinize any change in this area.
vm/interpreter/src/default_runtime.rs: most-fixed (4 issues). Treat as high-risk during review.
46 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns

The bug types that recur here, drawn from past fixes, not open vulnerabilities.

Auth Bypass: RPC endpoints lacked appropriate authorization checks on sensitive administrative write methods. This was addressed by introducing explicit JWT permission levels and validation checks on HTTP and WebSocket RPC handlers.
Denial of Service: CPU-intensive RLE+ bitfield decoding and serialization of large bitfields can trigger out-of-bounds panics, integer overflows, or excessive execution times. Mitigation required introducing lazy validation, explicit size constraints, and overflow checks.
Auth Bypass: The VM interpreter suffered from state leakage on nested calls where actor validation logic could be bypassed, in addition to incorrect consensus fault verification flow logic.