IOTA has stopped their network by turning off the coordinator and is creating a migration tool for people to use while the network is down to move their coins to new accounts. Right now the assumption is that the only people who have the seeds are legitimate owners and the hacker so that if there are conflicting claims with the migration tool the IOTA Foundation will process people using some kind of KYC mechanism.If I was the hacker I'd publish all the stolen seeds. If a multitude of people do a migration claim for each stolen seed that would cause complete chaos for IOTA and the claims process. What could stop someone from laying a claim to one seed and even doing KYC? There is nothing IOTA could do to resolve that properly.This is not the first time IOTA has swept user funds and forced them to go through a seed migration process. Perhaps they should learn they can't keep doing this but instead should take security seriously in the first place.
Submitted February 22, 2020 at 08:08PM
No comments:
Post a Comment