Report Date
September 11, 2023
Status
Closed
Payout
api keys leaked through source code
‣
BIC Response
This is not a valid bug report because none of the API keys used by the Beanstalk UI are sensitive and they are all known to be viewable by looking at the source code. The report also falsely claims the Impact as "Taking state-modifying authenticated actions (with or without blockchain state interaction) on behalf of other users without any interaction by that user, such as voting in governance", none of which can be done with access to the API keys.
Due to these reasons, we are closing the submission and no reward will be issued.