CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

GHSA-382c-vx95-w3p5: Gittensory: Missing contributor-scoped access control on profile endpoint and MCP tool leaks miner financial data

mediumCVSS 6.5
Summary GET /v1/contributors/:login/profile and the gittensory_get_contributor_profile MCP tool skip the contributor-scoped access check that every sibling endpoint enforces. Any authenticated session/API/MCP token holder can read any contributor's profile; for confirmed Gittensor miners that exposes alphaPerDay, taoPerDay, usdPerDay (and the hotkey on the REST path). Authenticated cross-contributor disclosure, CWE-284 / IDOR. Details In src/api/routes.ts the profile handler returns buildContributorProfile(...) with no requireContributorAccess call. Every sibling (/decision-pack, /repos/:owner/:repo/decision, etc.) gates and 403s on a cross-contributor request — the profile route is the only omission. buildContributorProfile (src/signals/engine.ts) embeds hotkey and the three *PerDay fields for any confirmed miner. The MCP tool getContributorProfile (src/mcp/server.ts) also omits requireContributorAccess. Its redactSensitiveForMcp filter only strips keys matching hotkey|coldkey|wallet|private_key|privateKey|mnemonic, so the hotkey is dropped but alphaPerDay/taoPerDay/usdPerDay pass through. The codebase treats these as secret everywhere else — decision-pack.ts destructures the hotkey out before serving, and three sanitizers scrub hotkey/wallet from AI/comment output — which is why this is an oversight, not by-design. Exposure: REST → hotkey + 3 financial fields; MCP → 3 financial fields (hotkey redacted). PoC 1. Get any valid session/API/MCP token. 2. Pick a target login that is a confirmed miner. 3. GET /v1/contributors/{target}/profile → 200 with gittensor.hotkey, alphaPerDay, taoPerDay, usdPerDay. 4. GET /v1/contributors/{target}/decision-pack (same token) → 403, proving the missing gate. 5. MCP gittensory_get_contributor_profile with {target} → result includes the three *PerDay fields. Impact Any token holder can enumerate other miners' daily TAO/alpha/USD revenue (plus hotkey via REST) without authorization. All miners with snapshot data are affected.

Details

Source
GitHub Security Advisories (INTL · database · site)
Severity
medium — CVSS 6.5
Published
2026-07-09
Last updated
2026-07-09
Exploitation
Not in CISA KEV at last sync

Original advisory: https://github.com/advisories/GHSA-382c-vx95-w3p5

More from GitHub Security Advisories