Note: This issue documents a vulnerability that was originally reported privately as the repository security advisory GHSA-fc72-qqqp-cjgr by @pbeza.
Root Cause
The KMS onboard service exposes a GET /finish endpoint that triggers shutdown.notify() with zero authentication. Any network-reachable caller can invoke this endpoint to shut down the onboard service, preventing new CVMs from bootstrapping their keys.
Attack Path
- Attacker discovers the KMS onboard service endpoint
- Attacker sends
GET /finish — no authentication required
- The onboard service shuts down via
shutdown.notify()
- New CVMs cannot bootstrap because the onboard service is unavailable
- If the onboard service is critical to KMS initialization, this could prevent the entire KMS from becoming operational
Impact
Denial of service against the KMS bootstrapping process. New CVMs cannot obtain their initial keys and certificates. For MPC, this prevents new nodes from joining the threshold signing protocol. If the KMS is in the middle of initial setup, the /finish call prematurely terminates the bootstrap process.
Suggested Fix
Require authentication for the /finish endpoint:
#[get("/finish")]
async fn finish(admin_token: AdminToken, shutdown: &State<Notify>) -> &'static str {
shutdown.notify_one();
"OK"
}
Alternatively, restrict /finish to localhost-only access via network-level controls.
Note: This finding was reported automatically as part of an AI/Claude-driven internal audit by the NEAR One MPC team. It has not been manually verified by a human to confirm whether it constitutes an actual security issue.
Root Cause
The KMS onboard service exposes a
GET /finishendpoint that triggersshutdown.notify()with zero authentication. Any network-reachable caller can invoke this endpoint to shut down the onboard service, preventing new CVMs from bootstrapping their keys.Attack Path
GET /finish— no authentication requiredshutdown.notify()Impact
Denial of service against the KMS bootstrapping process. New CVMs cannot obtain their initial keys and certificates. For MPC, this prevents new nodes from joining the threshold signing protocol. If the KMS is in the middle of initial setup, the
/finishcall prematurely terminates the bootstrap process.Suggested Fix
Require authentication for the
/finishendpoint:Alternatively, restrict
/finishto localhost-only access via network-level controls.