Author Topic: Re: the XCP multisignature issue  (Read 1877 times)

0 Members and 1 Guest are viewing this topic.

Offline pgbit

  • Sr. Member
  • ****
  • Posts: 241
    • View Profile
I included a question for the bug in a post here https://bitcointalk.org/index.php?topic=395761.msg5306839#msg5306839
lets see if there is an answer...
The hacker communicated the details of the critical issue in the Counterparty protocol which exploited a multisignature bug, this info is on p2 of the pdf referenced in busoni's post:
https://bitcointalk.org/index.php?topic=490025.0

"you can create a send-xcp request like this: create a multisignature output which sends 0.1 btc to three public keys, one of them is the key from which you want to send the xcp and the other ones are some random wallets from brainwallet.org. when this multisig output is 2 of 3 you need only 2 private keys to sign it. using this output you can send the send-xcp command to the network and which ever key was first in the multisig output is charged the outgoing xcp."

Offline santaclause102

  • Hero Member
  • *****
  • Posts: 2486
    • View Profile
I included a question for the bug in a post here https://bitcointalk.org/index.php?topic=395761.msg5306839#msg5306839
lets see if there is an answer...

Offline pgbit

  • Sr. Member
  • ****
  • Posts: 241
    • View Profile
https://bitcointalk.org/index.php?topic=395761.4340

35k XCP was pinched from an exchange. See the link though, apparently it was Counterparty flaw that is now fixed.

Offline bytemaster

1. The vulnerability that recently affected Counterparty, could this affect other second gen. cryptocurrencies like MSC NXT BTS?

2. In any such event that can occur, is it best to previously define groundrules for best clarity?
Working these out afterwards creates lots of forum flack, moreso if rules are less well defined. For example, can trade rollbacks occur?

For my sake could you please describe the vulnerability that affected Counterparty?   

I agree, this should be laid out as clearly as possible... though the best laid plans of mice and men...
For the latest updates checkout my blog: http://bytemaster.bitshares.org
Anything said on these forums does not constitute an intent to create a legal obligation or contract between myself and anyone else.   These are merely my opinions and I reserve the right to change them at any time.

Offline pgbit

  • Sr. Member
  • ****
  • Posts: 241
    • View Profile
1. The vulnerability that recently affected Counterparty, could this affect other second gen. cryptocurrencies like MSC NXT BTS?

2. In any such event that can occur, is it best to previously define groundrules for best clarity?
Working these out afterwards creates lots of forum flack, moreso if rules are less well defined. For example, can trade rollbacks occur?
« Last Edit: February 27, 2014, 10:03:02 am by pgbit »