have recently discovered and patched a highly dangerous
vulnerability in the most secretive way that could have allowed an
attacker to coin an infinite number of Zcash (ZEC).
Yes, infinite… like a never-ending source of money.
Launched in October 2016, Zcash is a privacy-oriented
cryptocurrency that claims to be more anonymous than Bitcoin, as
the sender, recipient, and value of transactions remain hidden.
In a blog post published today, the Zerocoin Electric Coin
Company—the startup behind Zcash—revealed that one of its
employees, Ariel Gabizon, discovered the vulnerability in its code
on 1st March 2018, the night prior to his talk at the Financial
Cryptography conference almost a year ago.
Gabizon contacted Sean Bowe, a Zcash Company’s cryptographer,
immediately after discovering the counterfeiting vulnerability, as
dubbed by the team, and the team decided to keep the flaw secret in
order to avoid the risk of attackers exploiting it.
According to the company, only four Zcash employees were aware
of the issue before a fix was covertly included in the Zcash
network on 28th October 2018.
Besides this, since “discovering this vulnerability would have
required a high level of technical and cryptographic sophistication
that very few people possess,” the company believes that no one
else was aware of this flaw and that no counterfeiting occurred in
Zcash.
Now, the Zcash team detailed all about the vulnerability on its
official
site[1] to inform the broader
public, which if exploited, would have allowed an attacker to print
an infinite amount of Zcash tokens.
Details of the Catastrophic Zcash Vulnerability
According to the team, the counterfeiting vulnerability resided in
the variant of zk-SNARKs—an implementation of zero-knowledge
cryptography Zcash uses to encrypt and shield the
transactions—which has independently been implemented by other
projects.
Both Komodo blockchains and Horizen (previously known as
ZenCash) suffered from the same issue and reportedly fixed it on
their platforms after being notified by the Zcash team back in
mid-November 2018 via an encrypted email.
The vulnerability was the result of a “parameter setup
algorithm” that allowed “a cheating prover to circumvent a
consistency check” and thereby transformed “the proof of one
statement into a valid-looking proof of a different
statement.”
Anyone with access to the multi-party computation (MPC) ceremony
transcript, which is used to set up the privacy features for Zcash,
would have been able to create false proofs, granting them the
ability to create an unlimited amount of shielded coins.
Though the developers found no evidence of counterfeiting
occurred in Zcash, they confirmed that the vulnerability had
existed for years.
“The vulnerability had existed for years but was undiscovered by
numerous expert cryptographers, scientists, third-party auditors,
and third-party engineering teams who initiated new projects based
upon the Zcash code,” the company writes.
counterfeited Zcash in the past, there’s no way to find out.
However, the Zcash Company argued that it “studied the blockchain
for evidence of exploitation: An attack might leave a specific kind
of footprint. We found no such footprint.”
Fixes for this vulnerability were implemented in the Zcash
Sapling network upgrade in October 2018, and some, including former
NSA whistleblower Edward
Snowden[2], have applauded the
team’s handling of the flaw.
References
- ^
official site
(z.cash) - ^
Edward Snowden
(twitter.com)
Read more http://feedproxy.google.com/~r/TheHackersNews/~3/Quf5Qqk6DbY/zcash-cryptocurrency-hack.html