Hey cryptocurrency enthusiasts,after a short break I found time again to dig some cryptocurrencies I follow (in the case of Verge not hold of course ;) ). The last time I took a look at Verge I found the miner exploiting their X17 algorithm difficulty. The lead dev chimed in and downplayed it, because there were not more coins generated than intended. This time this is different.If you remember 2018 there were news about a "bitcoin breaking bug" that was discovered and fixed before exploitation: LinkLong story short: a bug that lets you generate more coins than intended, a so called inflation bug, is one of the worse things that could happen to a cryptocurrency.Verge already was exploited several times, millions of $ worth of Verge were mined faster than intended. This still didn't affect the total emission, it "just" was faster.I do not want to go to much into technical details to keep it simple. Currently you can spent UTXOs more than once if you include them into one transaction, meaning you can generate usable outputs/Vergecurrency out of thin air. All you need to do is to mine the transaction yourself.The fix by the Bitcoin devs simply hasn't been applied to the Verge codebase. In over 18 months. For a 70.000.000$ market cap cryptocurrency.I know this info should be enough for an attacker to execute the exploit, but honestly I have warned about Verge quite often. So I did not choose to make a disclosure to the devs and let them get away with it.People need to be aware Verge is a ticking timebomb because the devs are absolute amateurs playing with users money. But also exchanges need to react to this kind of behaviour and simply delist them.-------------------If you like my Blockchain observations feel free to tip a beer:XMR: 49F7nLH6XcS8Nk3g8Y7NxtKqGw4nkKCuyamQK31owMFbF6xB8PD3PhWQYkfnq9wbi4AYYBoEYc1VXTYRQXgxVXKAJ5oMWnV BCH: bitcoincash:qrmdnsugew5zcuc7ygdxgkwyjf82x2kkfsa6thpj42
Submitted February 19, 2020 at 01:35PM
No comments:
Post a Comment