Bitfinex battles money withdrawal problem

Bitfinex, one the world's biggest cryptocurrency exchanges, faced a problem of money withdrawals on the platform reported by the users
19 November 2017   444435

The members of the community of Bitfinex cryptoexchange started noticing problems with money withdrawal on the exchange. The problem might be linked to the connection between Tether and Bitfinex and the issues concerning redacted information that would normally be included in an audit.

The users started noticing swings of price and comparing those to Bitfinex’s margined trading practices, stating that there was no response from the support and that the company was putting them at risk. This might eventually result in major losses for the company and for the users. The users on Twitter were concerned that the market was being moved by large-scale trades.

Nevertheless on November 19 Bitfinex made an announcement on Twitter stating that both fiat and crypto withdrawals are functioning normal and that the statements were FUD aimed to create a market disrupting event.

The users still continue to be anxious about their financial status bewaring that such problems might eventually lead to the company's crash. Bitfinex claimed that the formal announcement towards the recent allegations is forthcoming.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   986

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.