Alipay Prepares to Launch China CBDC, - Media

Media reports that Alipay will take an active role in supporting the Central Bank's planned initiative and have 5 related patents
24 March 2020   267

From February 21 to March 17, the Chinese payment company Alipay has submitted five patents related to the digital currency of the central bank. This is reported by 8btc. Alipay, as an independent company, will take an active role in supporting the Central Bank's planned initiative.

On February 21, the company filed a patent application for CBDC Transaction Implementation and Electronic Equipment. According to the document, Alipay can take part in the second order emission on a par with commercial banks.

The document assumes that the central bank's digital payment system (DC / EP) by itself will not be based on the blockchain, but will use tracking systems with its elements.

Issued DC / EP operators can be combined using central bank equipment. Also, the central bank will install primary encryption devices on the side of each operator.

On February 25, a patent was published on the subject of account management: “Devices and methods for controlling digital currency accounts”.

One of the characteristics of CBDC will be “end-to-end surveillance.” In the current conditions, it is difficult for banks to quickly stop illegal activities. CBDC will allow you to agree on rules for restricting accounts and exclude them from economic activity as directed by the supervisor.

On February 28, Alipay published a patent under the heading “Methods and electronic devices for digital wallets.” It describes the many types of digital wallets endowed with diverse functionality.

On March 17, a patent was submitted under the heading "The method of anonymous transactions based on digital currency." It talks about the principles for creating a temporary password for anonymous transactions. Although identification by real name is not provided in this case, the user still has to somehow identify himself, for example, using a mobile phone number or email address.

What is associated with another patent, the publication does not specify.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   975

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.