Re: [ANN][XCN] Cryptonite - NEW Thread | 1st mini-blockchain coin | SECURITY UPDATE!
1) It looks like the attacker spent most of the smaller outputs and left the massive outputs alone, the latest version should block those massive balances but I calculated they were able to get away with around 260 million XCN from the smaller outputs.
2) I also want to make it clear this bug has nothing to do with the mini-blockchain technology, the bug in the code was pretty obvious and quite easy to fix just by making some signed integers unsigned. Look at the latest changes on pallas's github to see exactly what we did to prevent this happening again.
1) 260ml is much. Even at 100satishi price.2) I also want to make it clear this bug has nothing to do with the mini-blockchain technology, the bug in the code was pretty obvious and quite easy to fix just by making some signed integers unsigned. Look at the latest changes on pallas's github to see exactly what we did to prevent this happening again.
2) It's not a good sign that "obvious" bugs are corrected with such price.
1) as we said, that's the ceiling and we don't know how much of those funds are really accessible by the hacker, the real amount may be much less.
2) it's obvious when you know what it is :-) bitfreak had to create a blockchain analysis tool from scratch to detect the problematic blocks, then we had to find which bug in the code permitted such wrong blocks/transactions, then we had to fix it, then we had to make a tool to create raw transactions on testnet to see if the hole was in fact closed, etc. etc.