Jump Crypto, an Web3 infrastructure developer, has discovered a vulnerability in the BNB transport chain that will allow the production of an unlimited number of arbitrary tokens. This issue was privately disclosed to the BNB elite team so that the patch pack could be developed and deployed within 24 hours.
In an online article on Feb. 10, Jump Crypto also disclosed a specific report on a vulnerability discovered two days ago, which may have "caused significant financial damage."
It is reported that the BNB chain consists of two block chain technologies: the ethernet square VM virtual machine adapting to the Go-Etherum branch and the Beacon chain based on Tendermint and Cosmos SDK.
However, the Beacon chain applies the BNB branch that is hosted in GitHub, but there are a number of changes specific to BNB. Jump Crypto recently launched an extensive scientific effort to identify and fix vulnerabilities in the project through harmonious disclosure. The company stressed: "he put the cart before the horse with the upstream Cosmos SDK in these aspects, promoting people to pay more attention to checking differences."
The vulnerability will allow a network attack to build a basically unlimited number of BNB tokens based on deliberate delivery, which means that the overall target account will receive much more BNB tokens than the total number initially given by the sender. Jump Crypto noticed that:
Allowing endless creation of local assets incorrectly is one of the most serious vulnerabilities in Web3. Therefore, this finding confirms that each of us must be vigilant and work together to improve the security of all projects. "
The BNB elite team dealt with this problem based on the anti-spillover arithmetic of switching to the SDK coin category. If the coin is measured to spill over, the patch pack may cause Golang anxiety and payment failure.
BNB chain is a native block chain technology behind login password exchange Binance. Zhao Changpeng, CEO of the company, thanked the Jump Crypto team for reporting this vulnerability on Twitter:
In October 2022, the BNB chain attack was temporarily suspended after a cross-chain operation leaked the use of digital currency worth nearly $80 million. An official website post in Reddit shows that the origin of this invasion appeared on BSC Token Hub, which led to the establishment of "additional BNB".
Polkadot was launched in May 2020. In a market dominated by Bitcoin and Ethereum, it quickly established itself as the next generation blockchain. The scale and interoperability problems limit Bitcoin's ability to transfer value without the assistance of
For some newcomers to the currency circle, they are not familiar with the investment in the currency circle, and their understanding of the special currency is not very deep. Therefore, they may be at a loss in the choice of investment methods. Many inves
Lummis is a well-known crypto advocate on Capitol Hill with over $100,000 in crypto.
Several analysts argue that shrimp accumulation is good for the Bitcoin network because it makes the asset more decentralized over time.
ARK Invest filed for a spot Bitcoin ETF in collaboration with 21Shares long before BlackRock did, and its application is reportedly first in line for the SEC’s approval.
Interestingly, the price surge was on the back of increased activity from whales, as indicated by on-chain data. The increased activity led to an increased"/>
Recent market dynamics have seen Solana struggling to break above the $200 mark. A notable bearish factor among these market fundamentals is the recent"/>
DOGE, the internet's favorite memecoin, is back in the spotlight. Recent data reveals a surge in futures market activity, coupled with bullish technical"/>
The recent stratospheric rise of Bitcoin, reaching a new all-time high of $73,000, has sent ripples of excitement and trepidation through the crypto world."/>
Co-founder of Tornado Cash Roman Storm has filed a motion to dismiss the charges levied against him by the US Department of Justice (DOJ)."/>
On Thursday, March 28, a hack occurred on Prisma Finance, a decentralized lending protocol on the Ethereum network. The exploiter carted away about 3,257.7"/>
Once fully licensed in Dubai, Bybit plans to run a full-scope exchange, offering crypto lending, payments, investment and other services.
Tue, 18 Apr 2023