Critical vulnerability was spotted in Augur tokens

Hackers were able to create a "time paradox" in order to make token transfer impossible
29 July 2017   2713

The team of the Augur together with Zeppelin Solutions reported that the Serpent programming language, that was used to create the project revealed a critical vulnerability. This is reported by Forbes.

At this point, a vulnerability that threatened REP tokens has already been eliminated.

From a technical point of view, using the detected vulnerability, hackers could change the time stamp of tokens creating to a date in the future and thereby make it impossible to transfer tokens.

To solve the problem, the vulnerability was deliberately activated. Timestamp of creation was increased on approximately 31 billion years. The old REP contract was frozen at the same time.

At the same time, representatives of Augur assure that REP owners do not threaten the owners of tokens.

As Zeppelin Solutions notes, Serpent can not be considered safe for use until many problems are solved. The company's specialists also recommended that all projects using Serpent smart contracts, migrate to Solidity, using contracts for tokens ERC20 standards that have been developed by the OpenZeppelin.

The migration will be a simple translation from one language to another. This is a straightforward process, similar to translating a document written in English into another language you’re fluent in, then running your translated text through a series of tests to ensure nothing was lost in translation.

Augur Blog

Poloniex, Kraken, Bittrex, Liqui, Bity, Gatecoin, BTER, Mr.Ripple, GateHub, HitBTC, ShapeShift, Changelly, Jaxx, Parity, MyEtherWallet, MetaMask , OASIS and EtherDelta are the products, which confirmed that they will have to update their software.

The vulnerability has been discovered in the course of the audit, which is conducted Zeppelin Solutions for Augur.

Augur is an open-source, decentralized, peer-to-peer prediction market platform built on Ethereum. As developers assure, "Augur combines the magic of prediction markets with the power of a decentralized network to create a stunningly accurate forecasting tool - and the chance for real money trading profits".

Vulnerability in Ethereum-purse Parity led to the theft of more than $ 30 million last week.

Coinbase to Expand Services for Asia

Among the services available now there are Coinbase Prime, Pro and Custody
22 January 2019   119

Coinbase, the leading US cryptocurrency company reported that from now on its professional trading and custodial platforms are available to institutional clients and investors with large volumes from the Asian region.

In particular, according to the Coinbase blog, users of Asia will have access to the option of depositing accounts and withdrawing funds using SWIFT transfers through non-US bank accounts.

In the past 12 months, hundreds of crypto-first hedge funds have launched around the world, and many hundreds more traditional institutions such as proprietary trading firms, family offices and endowments have begun actively trading digital assets. Coinbase’s suite of professional products — Coinbase Prime and Pro, Coinbase Custody — serves these customers, along with other participants in the market, like asset issuers, crypto exchanges, and miners.

Elliott Suthers


Among the services available there are Coinbase Prime, Coinbase Pro and Coinbase Custody, which also supports the steamer USDC.

In December 2018, Coinbase began to provide services to residents of the islands of Guernsey and Maine, as well as Lithuania, Iceland, Andorra and Gibraltar.