Monero Multisignature implementation testing started

Multisignature will help Monero to to compete better with cryptocurrencies, in which this technology has already been integrated
07 November 2017   1003

The terms for adding the multisignature function to the Monero cryptocurrency have not yet been determined, but work in this direction is underway, and users are already offered the opportunity to test this option. This is reported by Merkle.

The multisignature function has been known for a long time to users of bitcoin and allows wallet owners to enhance their security by signing up of a third party to confirm transactions.

At the same time in Monero, this functionality has not been implemented so far, as its implementation is complicated by the structural features of the cryptocurrency. However, recent events suggest that at some stage this will still happen.

In particular, some time ago, changes were made to the records in the Monero repository on Github. So, earlier all files related to the multi-signature technology were accompanied by the "DO NOT MERGE" tag, but at the end of last week this tag was deleted.

Additionally, the developer with nickcname "Moneromoo" who is responsible for the implementation of the multi-signature asked the community to test and evaluate the new option.

According to the publication, the introduction of the multi-signature function will allow Monero to compete better with cryptocurrencies, in which this technology has already been integrated. In addition, a multi-signature can in the long run affect the state of affairs in the darknet. It is possible that a number of marketplaces can go along the way of abandoning bitcoin and wider adoption of Monero with its higher level of anonymity.

Monero Team to Kill Coin Burning Bug

A scenario of a hypothetical attack described by one of the participants of Monero's subreddit helped to identify the bug
26 September 2018   484

Developers of the Monero cryptocurrency have eliminated a bug that could allow intruders to "burn" funds in organizations' wallets, while sacrificing only a small amount in the form of transaction commissions. This is reported in the official announcement of the project.

A scenario of a hypothetical attack described by one of the participants of Monero's subreddit allowed to identify the bug.

Practically speaking this bug is exploited as follows. An attacker first generates a random private transaction key. Thereafter, they modify the code to merely use this particular private transaction key, which ensures multiple transactions to the same public address (e.g. an exchange's hot wallet) are sent to the same stealth address. Subsequently, they send, say, a thousand transactions of 1 XMR to an exchange. Because the exchange's wallet does not warn for this particular abnormality (i.e. funds being received on the same stealth address), the exchange will, as usual, credit the attacker with 1000 XMR. The attacker then sells his XMR for BTC and lastly withdraws this BTC. The result of the hacker's action(s) is that the exchange is left with 999 unspendable / burnt outputs of 1 XMR.
 

dEBRUYNE at Get Monero

Monero developers note that this method does not allow the attack organizer to directly receive the XMR coins deposited in this way. However, an attacker can withdraw XMR through bitcoins, and the exchange will remain with 999 non-consumable or "burned" outputs from 1 XMR.

The created fix was privately distributed to exchanges and large merchants, in order not to attract unnecessary attention to the time of elimination of problems. According to the developers, the exploit was not used to perform real attacks.

In early August, because of the critical bug in the code of Monero, which allows to manipulate the amount of transactions, Livecoin suffered losses exceeding $ 1.8 million.