ERC725: self-sovereign identity standard for ETH released

Ethereum developer Fabian Vogelsteller creates Ethereum Request for Comment 725 (ERC725) on GitHub
12 October 2017   742

Ethereum developer Fabian Vogelsteller created Ethereum Request for Comment 725 (ERC725) on GitHub. Despite the fact, that the project doesn’t even have an assigned Ethereum Improvement Proposal number, within 24 hours, the plan for a standardized identity system for humans and machines gained significant hype.

On GitHub, UX designer and fellow Ethereum Foundation member Alex Van de Sande called the ERC “very useful,” while suggesting some adjustments.

In an email to, Vogelsteller explaines, that “identity is certainly one of the most [important] missing pieces in the blockchain ecosystem". According to the creator, ERC725 solves quite a lot of problems. 

“This needs to be standardized so that other contracts can interact with real world identities, automatically check and verify them. It’s not mainly necessary for interfaces alone. Also, this contract represents ONE identity. The addition of claims needs to be standardized, so that other identities can issue claims about each other.

Fabian Vogelsteller
Ethereum Request for Comment 725 (ERC725) creator

As the man views it, crrently everybody collects all information about you separately to make sure they know who you are (e.g. banks, credit services, or any service which needs to have KYC). A standard will help insofar that everybody can auto check certain claims, and therefore don’t need to store actual details about you anymore, as they - as long as they trust the claim issuer – don’t need to have the actual information. The current over-collecting is because of lack of a better system.

On October 12th, Fabian Vogelsteller is to present ERC725 at the Ethereum London Meetup. What the future has in stock for it, remains to be seen, yet is is definitely worth monitoring.

Ethereum price chart on
Ethereum price chart on

Meanwhile, at the time of writing, Ethereum price is about $303.33, its market capitalization is $28,835,297,776.

Coinbase Bug to Provide Unlimited Ethereum

The bug was found by VI Company in December last year
21 March 2018   95

VI Company reported the discovery of a vulnerability in the system of smart contracts of the Coinbase exchange, which allowed users to credit an unlimited amount of ETH to their accounts. Experts informed the company about the vulnerability in December last year, and in January it was eliminated. For their work, VI Company employees received an award of $ 10,000. This is reported by The Next Web.

By using a smart contract to distribute ether over a set of wallets you can manipulate the account balance of your Coinbase account. If 1 of the internal transactions in the smart contract fails all transactions before that will be reversed. But on Coinbase these transactions will not be reversed, meaning someone could add as much ether to their balance as they want. When you look up the Coinbase wallet address after this transaction you will see that it is empty, but checking your Coinbase wallet will show your funds.

VI Company Report

In practice, this means that Coinbase users were able to enroll any amount of Ethereum on their accounts.

Researchers provided screenshots showing how Ethereum was credited to their account using the cancellation of the transaction.

Coinbase Bug
Coinbase Bug

Steps to reproduce, provided by the researchers :

  • Setup a smart contract with a few valid Coinbase wallets and 1 final faulty wallet (always throw exception when receiving funds smart contract for example)
  • Transfer appropriate funds to smart contract.
  • Execute smart contract adding the set amount of ether to the Coinbase wallets without ever actually leaving the smart contract wallet because the complete transaction fails at the last wallet.
  • Repeat until you have more than enough ethereum in your Coinbase wallet.
  • Cash out, transfer to off site wallet.

Whether any of the users could detect and take advantage of this vulnerability for their own enrichment is unknown.