Flawed mechanisms cause major issues in DEXs and Voting – Explained by Philip Daian @Devcon4
Zcash developers reported finding and fixing a serious error in the cryptocurrency code, with the help of which attackers could potentially endlessly create new coins.
Although the startup only spoke about the vulnerability on Tuesday, it was revealed back in March 2018, but did not disclose this information so as not to attract too much attention from hackers. Since the error was in the zk-SNARKs encryption protocol itself, which provides a high degree of user privacy, the fraudster’s actions could not be traced. The adjustments were made in conjunction with the Sapling network update activated in October.
Another reason for hiding was the use of this encryption protocol by other projects such as Horizen and Komodo. Therefore, after finding its solution, the developers informed their colleagues about the threat and the way to eliminate it. After they have verified that the problem no longer relevant, reported it officially.
The startup team says that users have nothing to worry about, as the loophole was very complex and could be understood by very few technicians with advanced knowledge of cryptography. Therefore, the developers do not think that the cryptocurrency was at risk..
In order to avoid such situations, Ethereum core decided to postpone the activation of the new algorithm. mining before the completion of the audit by third-party auditors.
text: Ivan Malicheno, photo: Shutterstock