Samsung ot Launch Blockchain Based BankSign

BankSign platform developed jointly with the Korean Banking Federation
28 August 2018   883

Samsung SDS, a subsidiary of the Korean technical giant, introduced a certification platform for Korean banks called BankSign, based on blockchain technology. This is reported by the Yonhap.

It is reported that the BankSign platform developed jointly with the Korean Banking Federation and  is designed to provide interaction between the mobile systems of various banks. Users will be able to carry out transactions in different mobile applications, but verification will only be required in one program. As usual, passwords, fingerprints or a pattern are used to verify users.

BankSign is the first application of the much-anticipated blockchain technology on banking services. The company will continue to expand its digital transformation business, which will bolster competitiveness of banks and financial institutions.

Samsung SDS

According to representatives of Samsung, the security of the system is ensured by combining banking systems in a single data exchange network. Certification data can remain valid for three years. Technology should increase the safety of users. 

Samsung SDS was founded in 2015. The release of the first business platform called Nexledger was held in 2017. At the moment, the IT department of the South Korean technological giant is developing a digital financial platform Nexfinance based on distributed registry technology.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   965

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.