bug-bounty473
google371
microsoft318
facebook271
xss267
rce184
apple178
malware177
exploit165
cve122
account-takeover110
bragging-post102
phishing85
csrf85
privilege-escalation83
browser71
supply-chain69
stored-xss65
authentication-bypass64
dos64
react58
reflected-xss57
cloudflare52
reverse-engineering50
access-control48
node48
input-validation48
aws48
cross-site-scripting48
writeup47
docker46
ssrf45
smart-contract45
ethereum44
web-security43
sql-injection43
defi43
web343
oauth41
web-application41
lfi38
info-disclosure37
pentest37
race-condition37
idor35
burp-suite35
auth-bypass35
vulnerability-disclosure34
cloud34
html-injection33
0
4/10
bug-bounty
Security researcher Merkle Bonsai documents vulnerabilities found in Ocean Protocol and related blockchain projects, focusing on hybrid attacks where projects rely on modifiable on-chain data (particularly Data Description Objects/DDOs) for critical functionality.
smart-contract-vulnerability
blockchain
nft
hybrid-attack
on-chain-data-manipulation
bug-bounty
ethereum
ocean-protocol
Ocean Protocol
Oasys
Immunefi
Eco
Bandai Namco
DoubleJump.japan
Merkle Bonsai
0
4/10
bug-bounty
Collection of bug reports from Merkle Bonsai covering vulnerabilities in blockchain projects including Ocean Protocol (hybrid NFT attacks via on-chain data manipulation), Oasys L2 blockchain, and Eco's lockup contract. Demonstrates hybrid attack vectors where projects incorrectly rely on modifiable on-chain data.
smart-contract
blockchain
bug-bounty
nft
ethereum
hybrid-attack
on-chain-data-manipulation
dido
ocean-protocol
oasys
eco-lockup
immunefi
Ocean Protocol
Oasys
Eco
Merkle Bonsai
Immunefi
Bandai Namco
DoubleJump.japan
Ethereum