ShipChain is ordered to cease in South Carolina

The securities department of the South Carolina’s Office of the Attorney General has directed blockchain startup ShipChain to pause working in the state
23 May 2018   1347

A cease-and-desist order was sent to the company by the securities commissioner  for ostensibly violating securities laws. As claimed in the order, ShipChain, which is a freight logistics platform based on the Ethereum blockchain, has been “offering investment opportunities” and marketing its tokens to South Carolina citizens both online and at live events, yet has not admitted as a broker-dealer to process in the state. The ShipChain ecosystem is fueled by ShipCoin, a cryptocurrency that is the sole payment method on the firm’s platform.

According to the South Carolina securities law, “investment contracts constitute securities”, and it’s wrongful to sell securities that are not registered in the state. Finally, ShipChain, that is situated in Wilmington, Delaware, “transacted business … as an unregistered broker-dealer” and disrupted the law. The cease-and-desist paper was sent to ShipChain care of attorney, Julian Zegelman of Velton Zegelman in San Jose, Calif.

The study is going on and it’s a part of a broader sweep by the North American Securities Administrators Association announced in recent days dubbed “Operation Cryptosweep”. It is to “crack down on fraudulent Initial Coin Offerings (ICOs), cryptocurrency-related investment products, and those behind them” across the United States and Canada. A number of investigations are either pending or have been ended in the month of May alone, and ShipChain is called among them.

ShipChain isn’t being charged of promising any bloated returns or operating a scam. The aim of the order is to refine the fact that the firm is marketing and selling investment contracts directly to South Carolina residents without registering cryptocurrency as a security.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   1018

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.