BitShares Forum
Main => General Discussion => Topic started by: pgbit on February 22, 2014, 08:34:33 pm
-
1. The vulnerability that recently affected Counterparty, could this affect other second gen. cryptocurrencies like MSC NXT BTS?
2. In any such event that can occur, is it best to previously define groundrules for best clarity?
Working these out afterwards creates lots of forum flack, moreso if rules are less well defined. For example, can trade rollbacks occur?
-
1. The vulnerability that recently affected Counterparty, could this affect other second gen. cryptocurrencies like MSC NXT BTS?
2. In any such event that can occur, is it best to previously define groundrules for best clarity?
Working these out afterwards creates lots of forum flack, moreso if rules are less well defined. For example, can trade rollbacks occur?
For my sake could you please describe the vulnerability that affected Counterparty?
I agree, this should be laid out as clearly as possible... though the best laid plans of mice and men...
-
https://bitcointalk.org/index.php?topic=395761.4340
35k XCP was pinched from an exchange. See the link though, apparently it was Counterparty flaw that is now fixed.
-
I included a question for the bug in a post here https://bitcointalk.org/index.php?topic=395761.msg5306839#msg5306839
lets see if there is an answer...
-
I included a question for the bug in a post here https://bitcointalk.org/index.php?topic=395761.msg5306839#msg5306839
lets see if there is an answer...
The hacker communicated the details of the critical issue in the Counterparty protocol which exploited a multisignature bug, this info is on p2 of the pdf referenced in busoni's post:
https://bitcointalk.org/index.php?topic=490025.0 (https://bitcointalk.org/index.php?topic=490025.0)
"you can create a send-xcp request like this: create a multisignature output which sends 0.1 btc to three public keys, one of them is the key from which you want to send the xcp and the other ones are some random wallets from brainwallet.org. when this multisig output is 2 of 3 you need only 2 private keys to sign it. using this output you can send the send-xcp command to the network and which ever key was first in the multisig output is charged the outgoing xcp."