• Latest
Monero Reports on Resolving Fake XMR Minting Bugs a Month After Fix

Monero Reports on Resolving Fake XMR Minting Bugs a Month After Fix

July 15, 2019
ygg sea surpasses 10,000 scholarships in just six months of launch

YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch

May 6, 2022
mintable launches industry changing gas free minting service on ethereum

Mintable Launches Industry Changing Gas Free Minting Service on Ethereum

May 1, 2022
5 projects enabling smart contract development on bitcoin

5 Projects Enabling Smart Contract Development on Bitcoin

April 29, 2022
bitcoin atm installed in mexico's senate building

Bitcoin ATM installed in Mexico’s Senate Building

April 27, 2022
cross chain services play a crucial role in facilitating continued adoption of defi applications

Cross-Chain Services Play a Crucial Role in Facilitating Continued Adoption of DeFi Applications

April 26, 2022
justin sun launches usdd, integrating the blockchain world and the real world with the decentralized stablecoin

Justin Sun Launches USDD, Integrating the Blockchain World and the Real World with the Decentralized Stablecoin

April 25, 2022
nfts: the next musical revolution

NFTs: The Next Musical Revolution

April 24, 2022
things you should know before investing in nfts

Things You Should Know Before Investing in NFTs

April 24, 2022
what are wrapped tokens?

What Are Wrapped Tokens?

April 23, 2022
what is the future of ethereum (eth)?

What is the future of Ethereum (ETH)?

April 22, 2022
green gaming

Everything You Need to Know About Play-to-Earn on Algorand in 2022

April 21, 2022
$ape going bananas as rumors of upcoming land sale of bayc metaverse gather momentum

$APE Going Bananas As Rumors of Upcoming Land Sale of BAYC Metaverse Gather Momentum

April 21, 2022
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
CoinNewsDaily
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
No Result
View All Result
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
No Result
View All Result
CoinNewsDaily
No Result
View All Result
Home Litecoin

Monero Reports on Resolving Fake XMR Minting Bugs a Month After Fix

coinnewsdaily by coinnewsdaily
July 15, 2019
in Litecoin
0
Monero Reports on Resolving Fake XMR Minting Bugs a Month After Fix
189
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter

Related articles

Bitcoin Will Overtake Gold’s MarketCap in 9 years, Says Bobby Lee |

Sell or hodl? How to prepare for the end of the bull run, Part 2

April 10, 2022
How to prepare for the end of the bull run, Part 1: Timing

How to prepare for the end of the bull run, Part 1: Timing

April 3, 2022

Cryptocurrency is so far on the cutting edge that it almost defines it, yet some are finding out the hard way that it’s even sharper than anticipated. The frightening reveal of nine security bugs through HackerOne internet security platform that had affected Monero (XMR) in recent months — ranging from the insignificant and solved to the malicious and live — was a big wake-up call for blockchain enthusiasts. Five of these vulnerabilities constituted a dire DDoS risk (one of that was labeled critica)l, but eight of the bugs are now fixed, including the most severe one discovered.

The big deal with a faux XMR

On June 3, a blockchain developer on HackerOne announced the discovery of a severe exploit in Monero that had granted hackers the ability to “create” fake XMR and send them to exchanges. The report stated:

“By mining a specially crafted block that still passes daemon verification, an attacker can create a miner transaction that appears to the wallet to include sum of XMR picked by the attacker. It is our belief that this can be exploited to steal money from exchanges.”

Though the fake XMR bug is one among a list of issues with Monero — and the biggest losers are exchanges rather than traders or investors — it demonstrates that even the most private and security-centric coins can be compromised. This is nothing less than a very visible threat to the entire ecosystem. Cryptocurrency is absolutely worthless if it fails to deliver on its most foundational promise of security and transparency. With (currently) limited functionality for cryptocurrencies in comparison to fiat money, if coins concede on their primary advantage, then what’s the point? CEO of the exchange Codex, Serge Vasylchuk, told Cointelegraph:

“Most of the vulnerabilities were disclosed few months ago, yet were only now fixed. While Monero developers are doing great work, they cannot guarantee no new coins were minted by deceiving an exchange. If such an attack would occur, it might’ve taken a long time until the exchange would’ve noticed it, unless their security mechanisms are advanced enough to scan its cold wallet storage and compare it with account deposits very quickly.”

Especially for Monero — a self-proclaimed privacy and security coin — these failings may seem unforgivable. They raise significant doubts about the idea that cryptocurrencies are generally infallible and put greater onus on exchanges to complete regular audits and be more selective in the tokens they list. This concept wasn’t as judiciously considered before now, but with the latest problems in Monero, we may see an industry-wide effort to clean up shop. The sheer number of issues revealed simultaneously by Monero, even if most had already been fixed, shows the desperate efforts that projects make to close gaps soon after they appear.

Monero bugs tear down the curtains on crypto

Another issue that has been exposed by Monero is that crypto is highly susceptible to the domino effect, given how the newest solutions are often stacks of first-iteration blockchain software. The other critical issue reported on HackerOne was one affecting all tokens using the CryptoLive application layer, and not just Monero. A CryptoLive bug that led to DDoS susceptibility would affect all projects, cryptocurrency exchanges on which these coins appear and investors as well. This illustrates the idea that crypto is anything but airtight, and that its close-knit ecosystem may instead be ripe for contagion.

However, there’s somewhat of a silver lining to these recent events: There was no report of these bugs appearing elsewhere — and the fact that Monero brought it to the community’s attention willingly does mean a lot — and a progressive angle that capably addresses the potential domino effect. By being historically public (rather than muddying the waters) about the issues in their software, Monero has effectively warned others in the space about potential predicaments and shows that it’s committed to its users. It also harkens to last year when a Monero wallet bug was revealed by the company and immediately solved alongside a public statement warning of crypto’s risks and novelty.

Regarding this, Charles Guillemet, the chief security officer at hardware wallet Ledger,, told Cointelegraph in a conversation that transparency increases the trust one can have in these blockchains. On the other hand, a disclosure putting users at risk would be irresponsible.

No company that was only interested in capital, or in being the “first-mover” rather than a blockchain leader, would publish that their issues are “again an effective reminder that cryptocurrency and the corresponding software are still in its infancy and thus quite prone to (critical) bugs,” like Monero did in a recent blog post.

Another concern that arises from this whole XMR situation is the bug repayment issue. Are bug bounties a sufficient method for raising security issues in the blockchain space, or does Monero’s handling of its own issues demonstrate the need for a better or more prompt solution? Guillemet has also commented to Cointelegraph regarding this:

“Bounty programs are an excellent way to incentive security researchers to behave responsibly. It becomes problematic when companies / organizations use bounties to outsource their security work. Bounties shall not replace red teaming, secure development and third party audits by recognized labs. A common mistake consists in thinking that open source and bounty program guarantees security. It’s clearly wrong and we have seen many examples of this.”

Monero merely the latest

The other major hacks occurring in the crypto industry help put Monero’s troubles in context, and when zooming out, one quickly realizes that the technology may not be ready for the mainstream as it exists now. If a decentralized app or platform on the scale of many that are popular today — Facebook Messenger, WeChat, Airbnb — were to be hacked in the way that Monero was, it would be an international crisis in the same league as Cambridge Analytica or beyond. Frankly, the size of some crypto hacks should make us grateful that digital tokens aren’t a bigger part of how the world works at this point in time.

Earlier this year, the monthly count for vulnerabilities in major blockchain platforms and projects climbed to 43, with issues found in Coinbase, Brave, Tendermint, Ledger and others. At present the white-hat hacker crowd and internal developers are the majority of sweat equity being invested into bug fixes, with tens of thousands given out each month by projects that put bounties on their biggest glitches. 

Regulators are undoubtedly struggling with the overwhelming and precarious pyramid of projects they’ve been tasked to organize, but it must happen (even with a restricting one-size-fits-all set of regulations) before a project with code that resembles swiss cheese is allowed to handle vast public data and funds. Charles Guillemet, believes that, “Monero is not the first example and won’t be the last one unfortunately.” He continued by clarifying the steps such platforms need to undertake in order to protect themselves from such situations: “Red teaming, independent third party audit, peer review of scientific articles. New cryptographic protocols need time to be reviewed and assessed.”

Binance Chain — and its supported initial exchange offering platform, the Binance Launchpad — relies on Tendermint, for example, but what would happen to the nascent projects being nurtured by Binance if a nasty exploit were to fester too long? The consequences beg no guessing. Though Monero has demonstrated the ascent to mainstream may take longer than imagined, it also showed us the safest path up the mountain, and that’s one where blockchain projects support one another rather than racing to the finish line.



Credit: Source link

Tags: Litecoin
Share76Tweet47
Previous Post

Bitcoin Pullback Is Healthy, Fewer Searches Аre Good

Next Post

Member of Former Royal Family Speaks Out Against Crypto Regulation

coinnewsdaily

coinnewsdaily

CoinNewsDaily.com is an online Crypto Coin News Website that aims to provide latest trendy news from market and around the world.

Related Posts

Bitcoin Will Overtake Gold’s MarketCap in 9 years, Says Bobby Lee |
Bitcoin

Sell or hodl? How to prepare for the end of the bull run, Part 2

April 10, 2022
How to prepare for the end of the bull run, Part 1: Timing
Bitcoin

How to prepare for the end of the bull run, Part 1: Timing

April 3, 2022
Bull or bear market, creators are diving headfirst into crypto
Alt Coin

Bull or bear market, creators are diving headfirst into crypto

April 2, 2022
crypto listing and delisting announcements: week 9
Alt Coin

Crypto Listing and Delisting Announcements: Week 9

February 28, 2022
unstable markets how to invest in cryptocurrency
Alt Coin

How to invest in cryptocurrency when the market is uncertain, explained

December 21, 2021
be your own banker secrets
Alt Coin

Bitcoin and Crypto Wallet Hygiene 101

November 22, 2021
Load More
Next Post
Member of Former Royal Family Speaks Out Against Crypto Regulation

Member of Former Royal Family Speaks Out Against Crypto Regulation

Categories

  • Alt Coin
  • Bitcoin
  • Business
  • Ethereum
  • ICO
  • Litecoin
  • Mining
  • NFT
  • Ripple
  • Tech
  • Trading

What New here?

  • YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch
  • Mintable Launches Industry Changing Gas Free Minting Service on Ethereum
  • 5 Projects Enabling Smart Contract Development on Bitcoin

Subscribe to Get More!

Loading
  • About Us
  • Contact Us
  • Privacy & Policy

© 2018-2021 CoinNewsDaily.com by CoinNewsDaily Inc. Crafted with Love by iFtiDev

No Result
View All Result
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining

© 2018-2021 CoinNewsDaily.com by CoinNewsDaily Inc. Crafted with Love by iFtiDev

  • bitcoinBitcoin(BTC)$21,456.001.39%
  • ethereumEthereum(ETH)$1,231.652.75%
  • tetherTether(USDT)$1.00-0.11%
  • binancecoinBNB(BNB)$241.492.97%
  • rippleXRP(XRP)$0.3684031.67%
  • cardanoCardano(ADA)$0.515.26%
  • SolanaSolana(SOL)$40.931.45%
  • dogecoinDogecoin(DOGE)$0.07464112.30%
  • polkadotPolkadot(DOT)$8.284.04%
  • Shiba InuShiba Inu(SHIB)$0.0000125.18%
  • daiDai(DAI)$1.00-0.06%
  • tronTRON(TRX)$0.0649060.73%
  • leo-tokenLEO Token(LEO)$5.89-0.49%
  • matic-networkPolygon(MATIC)$0.603.88%
  • litecoinLitecoin(LTC)$58.686.06%
  • FTXFTX(FTT)$28.082.10%
  • chainlinkChainlink(LINK)$7.213.99%
  • OKBOKB(OKB)$12.953.10%
  • CronosCronos(CRO)$0.1296833.73%
  • stellarStellar(XLM)$0.1254540.63%
  • cosmosCosmos Hub(ATOM)$8.514.12%
  • algorandAlgorand(ALGO)$0.3503012.95%
  • moneroMonero(XMR)$130.456.05%
  • bitcoin-cashBitcoin Cash(BCH)$117.083.79%
  • ethereum-classicEthereum Classic(ETC)$16.512.59%
  • vechainVeChain(VET)$0.0258953.97%
  • Internet ComputerInternet Computer(ICP)$6.120.53%
  • theta-tokenTheta Network(THETA)$1.442.87%
  • tezosTezos(XTZ)$1.565.20%
  • filecoinFilecoin(FIL)$6.184.11%
  • ElrondElrond(EGLD)$60.96-0.33%
  • bitcoin-cash-svBitcoin SV(BSV)$63.511.37%
  • eosEOS(EOS)$1.023.42%
  • AaveAave(AAVE)$70.220.14%
  • makerMaker(MKR)$1,068.604.90%
  • paxos-standardPax Dollar(USDP)$1.000.07%
  • zcashZcash(ZEC)$68.754.12%
  • iotaIOTA(MIOTA)$0.3027522.55%
  • huobi-tokenHuobi(HT)$5.43-1.16%
  • zilliqaZilliqa(ZIL)$0.0486420.55%
  • neoNEO(NEO)$9.914.43%
  • havvenSynthetix Network(SNX)$2.912.92%
  • wavesWaves(WAVES)$6.32-0.32%
  • basic-attention-tokenBasic Attention(BAT)$0.4179940.90%
  • dashDash(DASH)$52.233.23%
  • PancakeSwapPancakeSwap(CAKE)$3.434.60%
  • KusamaKusama(KSM)$57.073.86%
  • nemNEM(XEM)$0.0438884.56%
  • CompoundCompound(COMP)$54.0710.27%
  • Elrond ERDElrond ERD(ERD)$0.0259290.00%
  • qtumQtum(QTUM)$3.123.34%
  • ethlendAave [OLD](LEND)$4.103.48%
  • bitcoin-goldBitcoin Gold(BTG)$17.822.64%
  • omisegoOMG Network(OMG)$2.043.18%
  • golemGolem(GLM)$0.2488371.47%
  • SushiSushi(SUSHI)$1.251.89%
  • yearn-financeyearn.finance(YFI)$6,984.233.24%
  • ontologyOntology(ONT)$0.2463262.41%
  • umaUMA(UMA)$2.875.84%
  • digibyteDigiByte(DGB)$0.0110804.50%
  • UniswapUniswap(UNI)$2.4438.80%
Posting....