Critical vulnerability was spotted in Augur tokens

Hackers were able to create a "time paradox" in order to make token transfer impossible
29 July 2017   1321

The team of the Augur together with Zeppelin Solutions reported that the Serpent programming language, that was used to create the project revealed a critical vulnerability. This is reported by Forbes.

At this point, a vulnerability that threatened REP tokens has already been eliminated.

From a technical point of view, using the detected vulnerability, hackers could change the time stamp of tokens creating to a date in the future and thereby make it impossible to transfer tokens.

To solve the problem, the vulnerability was deliberately activated. Timestamp of creation was increased on approximately 31 billion years. The old REP contract was frozen at the same time.

At the same time, representatives of Augur assure that REP owners do not threaten the owners of tokens.

As Zeppelin Solutions notes, Serpent can not be considered safe for use until many problems are solved. The company's specialists also recommended that all projects using Serpent smart contracts, migrate to Solidity, using contracts for tokens ERC20 standards that have been developed by the OpenZeppelin.

The migration will be a simple translation from one language to another. This is a straightforward process, similar to translating a document written in English into another language you’re fluent in, then running your translated text through a series of tests to ensure nothing was lost in translation.

Augur Blog

Poloniex, Kraken, Bittrex, Liqui, Bity, Gatecoin, BTER, Mr.Ripple, GateHub, HitBTC, ShapeShift, Changelly, Jaxx, Parity, MyEtherWallet, MetaMask , OASIS and EtherDelta are the products, which confirmed that they will have to update their software.

The vulnerability has been discovered in the course of the audit, which is conducted Zeppelin Solutions for Augur.

Augur is an open-source, decentralized, peer-to-peer prediction market platform built on Ethereum. As developers assure, "Augur combines the magic of prediction markets with the power of a decentralized network to create a stunningly accurate forecasting tool - and the chance for real money trading profits".

Vulnerability in Ethereum-purse Parity led to the theft of more than $ 30 million last week.

Bank of China Filed a Patent to Scale Blockchain Systems

Bank of China has filed a patent application for a process able to scale blockchain systems  
23 February 2018   95

According to a document released by China's State Intellectual Property Office (SIPO) on February 23, the application was invented by Zhao Shuxiang and first submitted on September 28 last year.

The application states that instead of letting a new block store transactions from its previous one, a data compressing system could be used to pack transactions from multiple blocks into what the patent calls a "data block."

For example, when the system receives a request to compress transactions from block 1 to 1,000, it causes a new data block to be formed and temporarily hosted on a different storage system. Then, the system will run the packed data through a hash function with a hash value. After that, the compression system will attach labels in order to identify blocks on the blockchain.

With the use of the described method, the patent claims a reduction in the amount of the data stored in new blocks as transactions mount in a blockchain while ensuring that data from all previous transactions will still be tamper-proof and traceable.

At the moment, the patent in the review process.