BTC: $3,946.75 -1.70%
ETH: $134.02 -1.95%
XRP: $0.30229 -2.14%
MARKETCAP: $137,132,551,373
24H VOL: $32,664,215,700
BTC: 51%

Two Important Monero Bugs Have Come To Light

Monero on Drive

Following a rather hectic disclosure process, an exchange-deposit bug found in the official Monero wallet has been patched and revealed to the public. Monero developers quickly fixed the vulnerability after one bugfinder went rogue and leaked the issue on Sunday. A patch has now been released, and the problem is under control—just in time for a second bug to arise.

First Bug Affects Exchanges

The first bug affects exchanges and other similar services, meaning that users do not need to worry. Lead developer Riccardo Spagni has also commented that the bug does not affect the Monero blockchain at all: “This is not a consensus bug, there is no double spend, it does not allow coins to be created out of thin air.”

Instead, the bug affects services that receive Monero deposits. Basically, transaction amounts are represented in two different ways, and prior to the patch, an attacker would have been able to misrepresent a deposit’s true value. The original bug concerned Coinbase, but other exchanges like Kraken have also responded by temporarily disabling Monero.

Disclosure Drama

It is important to keep security vulnerabilities secret until they are fixed so that potential attackers do not get a chance to exploit those bugs. Monero has tangled with the complexities of disclosure in the past—generally, the community deduces that a bug has been found whenever exchanges suddenly suspend Monero activity.

This bug was different: After it was disclosed privately on HackerOne, it was soon deliberately leaked on Medium. The leaker defended his actions by claiming that the Monero community has a “history of toxic behaviour” toward security researchers. Of course, that statement is unlikely to win over anyone who values Monero’s security.

Although there has been no fallout, there is one unsettling detail: According to some developers, it is suspicious that both the private disclosure and the public leak took place at about the same time. This has led some to believe that the leaker previously informed other individuals of the bug, which is obviously a major security problem.

Second Bug Affects Users

There is also a second, unrelated Monero bug that may pose a far greater risk to general users. An error in the Ledger Nano S could be causing users to lose their funds. This bug is particularly dangerous, since it does not involve an attack, but an all-around technical error. Ledger is currently warning users not to use the Nano S Monero app.

These issues are arising at an inopportune time: Monero’s upcoming hard fork is set to be executed at the end of this week. The upgrade will primarily provide ASIC resistance, thereby ensuring that users with basic systems are able to continue mining Monero at a profit. Fortunately, the hard fork seems to be on track in spite of the above issues.

Join the NEW Unhashed Telegram or Follow Unhashed on Twitter for the Latest Cryptocurrency News Updates!

Bitcoin Bitcoin $3,946.75 -1.70%
Ethereum Ethereum $134.02 -1.95%
XRP XRP $0.30 -2.14%
Litecoin Litecoin $59.34 -0.96%
EOS EOS $3.65 +0.00%

Subscribe for the latest cryptocurrency news

Please enter a valid email address.
Something went wrong. Please check your entries and try again.

More Crypto News

Best Tether Wallets in 2019

January 14, 2019

Tether (USDT), the world’s most popular stablecoin, is designed to give users the stability of…

The 5 Best Stellar Wallets In 2019

January 3, 2019

Stellar and its XLM token were first launched in 2014 by Ripple co-founder Jed McCaleb.…

Best Bitcoin Cash Wallets in 2019: Picking a Bitcoin Cash Wallet for Your Needs

December 6, 2018

Bitcoin Cash (BCH), the controversial project forked from the original Bitcoin client, is now the…

Subscribe for the latest cryptocurrency news

Please enter a valid email address.
Something went wrong. Please check your entries and try again.
Scroll Up