Sluice is a prototype running on Casper testnet. Only the main branch is
supported. Do not use it to custody value on mainnet.
| Version | Supported |
|---|---|
main |
Yes |
| Older tags | No |
Do not open a public issue for security reports.
Use GitHub's private vulnerability reporting:
- Go to https://github.com/UnityNodes/Sluice/security/advisories/new
- Describe the issue, the impact, and how to reproduce it.
- Include the commit hash you tested against.
We aim to acknowledge a report within 72 hours and to ship a fix or a mitigation plan within 14 days. We will credit you in the advisory unless you ask us not to.
In scope:
- The matcher service (
matcher/), including the predicate engine, the webhook dispatcher, and the HTTP API. - The hosted MCP server (
mcp/). - The
SubscriptionRegistrycontract (contract/). - The example agents (
examples/).
Out of scope:
- Findings that require a compromised operator machine or a leaked private key.
- Denial of service against the public testnet demo instance.
- Vulnerabilities in Casper node software, CSPR.cloud, or the x402 facilitator. Report those to their maintainers.
The honest limits of this build are documented in
docs/HONEST_LIMITS.md. Behaviour listed there is
known and intentional, not a vulnerability.
- Webhook URLs are validated against SSRF (private and link-local ranges are rejected, and the resolved IP is pinned for the request).
- Webhook bodies are HMAC-signed, and deliveries carry an idempotency key.
- Predicate regexes are length-capped and screened for catastrophic backtracking.
- The HTTP API rate-limits writes per client IP.
- Dependencies are monitored by Dependabot, and every push runs CodeQL and
npm audit --audit-level=high.