US, Canadian Watchdogs to Start Anti Crypto Scam Action

"Operation Cryptosweep" constitutes "nearly 70 inquiries and investigations and 35 pending or completed enforcement actions"
22 May 2018   753

A group of financial regulators from the US and Canada announced an "international crackdown" to combat fraudsters in the field of cryptocurrencies. This is reported by Washington Post.

The initiative, sponsored by the North American Securities Administrators Association (NASAA), received the name "Operation Cryptosweep." It consists of "nearly 70 inquiries and investigations and 35 pending or completed enforcement actions since the beginning of the month." In addition, even more investigations are on the way, but it is not clear now when it will be told about the related enforcement measures.

The initiative began to gain momentum in April, when a working group consisting of NASAA members was established to "to begin a coordinated series of investigations into ICOs and cryptocurrency-related investment products". The regulators will be focused on the ICO and the sale of tokens.

The market for cryptocurrency investments is saturated with widespread fraud, and our work is only revealing the tip of the iceberg.

Joseph Rotunda

Director, TSSB's Enforcement Division

NASAA has not yet commented on the situation, but other agencies involved in the operation, reported that the initiative to combat fraudsters has a large-scale nature. Examples of state-based regulatory actions include one that touted false endorsements from celebrities like actress Jennifer Aniston.

Potentional Vulnerabilities Found in ETH 2.0

Least Authority have found potentional security issues in the network P2P interaction and block proposal system
26 March 2020   212

Technology security firm Least Authority, at the request of the Ethereum Foundation, conducted an audit of the Ethereum 2.0 specifications and identified several potential vulnerabilities at once.

Least Authority said that developers need to solve problems with vulnerabilities in the network layer of peer-to-peer (P2P) interaction, as well as in the block proposal system. At the same time, the auditor noted that the specifications are "very well thought out and competent."

However, at the moment there is no large ecosystem based on PoS and using sharding in the world, so it is impossible to accurately assess the prospects for system stability.
Also, information security experts emphasized that the specifications did not pay enough attention to the description of the P2P network level and the system of records about Ethereum nodes. Vulnerability risks are also observed in the block proposal system and the messaging system between nodes.

Experts said that in the blockchains running on PoS, the choice of a new block is simple and no one can predict who will get the new block. In PoS systems, it is the block proposal system that decides whose block will fall into the blockchain, and this leads to the risk of data leakage. To solve the problem, auditors suggested using the mechanism of "Single Secret Leader Election" (SSLE).

As for the peer-to-peer exchange system, there is a danger of spam. There is no centralized node in the system that would evaluate the actions of other nodes, so a “malicious" node can spam the entire network with various messages without any special punishment. The solution to this problem may be to use special protocols for exchanging messages between nodes.