Hall of Fame

Discovered a critical vulnerability in the Sprout value-commitment validation logic of zcashd. The flaw allowed an attacker to craft a malicious Sprout transaction that bypassed the balance check, potentially enabling unlimited counterfeiting of shielded ZEC. The researcher used AI-assisted static analysis to identify the unchecked fChecked flag in the consensus path and provided a working proof-of-concept along with a responsible disclosure timeline.

Identified missing email authentication records (DMARC, SPF, MX) on bountyzcash.org. Without these records, an attacker could spoof emails from addresses such as triage@bountyzcash.org, particularly risky during the 90-day disclosure embargo when researchers hold undisclosed vulnerabilities. Also flagged parked nameservers (dns-parking.com) as a domain hijack vector. Remediated with v=spf1 -all and p=reject DMARC policy. Bounty paid directly by Michae2xl (site owner).