GenLayer/Incident Response Playbook
Bradbury · chain 4221
Living security advisory · v2026.05.13

Eight failure modes of Intelligent Contracts, proven on-chain.

A field reference for engineers writing GenLayer Intelligent Contracts. Each module pairs a vulnerable contract with its patched twin and links the real Bradbury testnet transactions that demonstrate the bug failing and the fix succeeding. No theoretical exploits — every claim resolves to a finalized receipt.

Browse incidents →Take combined quiz
Network
Bradbury testnet
Chain ID
4221
Contracts deployed
16 · all ACCEPTED
RPC endpoint
rpc-bradbury.genlayer.com

Incidents · 01 – 08

8 modules · 16 questions
M.01

URL Rot

The Disappearing Oracle
ATTACK

Hardcode a URL. Site goes down or changes anti-bot policy. Contract fails forever.

Read incident
FIX

Domain whitelisting + fallback list. Maintain multiple oracle endpoints.

Read incident
M.02

Prompt Injection

The Trojan Prompt
ATTACK

User input contains hidden instructions that hijack the LLM output.

Read incident
FIX

Input sanitization + greyboxing pre-filters. Never pass raw user input directly to the LLM prompt.

Read incident
M.03

API Key Leakage

The Transparent Secret
ATTACK

Hardcode OPENAI_API_KEY in contract. Validators can read it.

Read incident
FIX

Never put secrets in contracts. Use proxy patterns or off-chain pre-processing.

Read incident
M.04

Wrong Equivalence

The Precision Trap
ATTACK

Use strict_eq for live ETH price. Validators get slightly different numbers. Consensus fails.

Read incident
FIX

Use custom equivalence with tolerance ranges for volatile data.

Read incident
M.05

Missing Access Control

The Open Door
ATTACK

@gl.public.write method has no owner check. Anyone can drain state.

Read incident
FIX

require_sender(self._owner) or role-based access control.

Read incident
M.06

Cloudflare Block

The Invisible Wall
ATTACK

Target URL is behind Cloudflare. web.render() returns challenge page, not content.

Read incident
FIX

Pre-verify URLs with Intelligent Crawler. Maintain on-chain URL health registry.

Read incident
M.07

Biased Prompt

The Loaded Question
ATTACK

Author embeds a hardcoded answer in the system prompt, so the LLM ignores the actual review content.

Read incident
FIX

Deterministic lexicon pre-classifier gates the LLM. When the lexicon is decisive, no LLM call is made and prompt bias has no path to the verdict.

Read incident
M.08

URL Spoofing

The Fake Source
ATTACK

Malicious actor spins up a fake news site clone to feed false data.

Read incident
FIX

Domain whitelisting as mutable state, not static code. Community governance for domain additions.

Read incident

How to read this playbook

01 · Read

Open an incident

Each module page describes the failure mode in plain language and shows the vulnerable code beside the patched code.

02 · Verify

Follow the receipts

Two transaction-link buttons take you to Bradbury Explorer — the failing call and the succeeding call, each with execution result inline.

03 · Check

Answer the quiz

Two questions per incident lock once committed. The combined quiz aggregates all 16 for a final score.