The developers of the private cryptocurrency Beam based on the MimbleWimble protocol have discovered a critical vulnerability in the Beam Wallet wallet, affecting both the desktop version and the CLI implementation.
The project team urged users NOT to delete the wallet database, because the vulnerability does not affect private keys or passwords.
At the same time, the developers offered users five simple steps.
- Stop your currently running Beam Wallets immediately.
- Uninstall or delete your Beam Wallet application and executables from all machines. DO NOT DELETE THE DATABASE or any other wallet data
- Make sure the application was deleted. Check the documentation for the location of Wallet app files
- Download Beam Wallet again from the website only. It will have THE SAME version numbers as previously published archives. Make sure the SHA256 of the archive matches with the one published on the website.
- Install the new application
Beam was launch a week ago, in a day of Bitcoin genesis block 10th anniversary