Sirin Labs Users informed about the Hack of SRN Holder

The producer of a mobile phone with military-grade security, Sirin Labs has claimed on its Telegram channel that a major SRN token holder was hacked
14 June 2018   1088

SRN is a token which raised ‎$157.8 million and has become the fourth largest ever at that time. Currently, according to coinmarketcap.com, SRN has a market capitalisation of $44.2 million. 

Sirin Labs is a blockchain firm that deployed a mobile phone with military-level security called Solarin. The phone retails at $14,000 in the US. The appliance is unique as it features a switch that  encrypts all communications, and it comes with a concierge service which monitors the state of the device.

We look at the newest and the most advanced technology and incorporate [it] into a new phone. That costs a lot of money.
Tal Cohen
Chief Executive, Sirin Labs

Announced in February 2018, The FINNEY line of devices will be launched on the Sirin operating system and come pre-integrated with the cryptocurrency of Cardano, ADA. They are processed by the Tangle, that is the network of a company called IOTA. The devices were developed in the collaboration with a Japanese company Emurgo. 

Sirin Labs informed its subscribers in their Telegram channel:
A large SRN token holder just informed us that his wallet was hacked, which might explain the issues surrounding the token. Please ensure you’re taking all necessary precautions to protect your wallets.
Sirin Labs
in Telegram

Above 40 percent of SRN tokens are concentrated on a Las Vegas-based cryptocurrency exchange - Bittrex, according to Cryptovest. As reported, the hack has so far not been not been widely considered as yet.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   983

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.