The Zcash company, behind the development of the Zcash cryptocurrency, revealed the details of the vulnerability that allowed the attackers to create an unlimited number of non-existent ZEC coins.
According to a report on the company's blog, on March 1, 2018, Zcash cryptographer Ariel Gabizon discovered a vulnerability in the zk-SNARKS protocol, which Zcash uses to hide balances and user data.
The Cryptocurrency developers decided not to reveal the details of the problem by including a patch in the Zcash Sapling protocol update, which was activated in late October. And only now the project team has publicly revealed the circumstances of the incident.
"The vulnerability was related only to the creation of non-existent currencies and did not affect the privacy of the users. Until it was removed, the attacker could create fake Zcash coins, while it went unnoticed … The vulnerability was completely eliminated, and Zcash users do not require any action ", – He said in a statement.
In addition, the developers point out that vulnerability detection required an advanced level of technical and cryptographic knowledge that few possess.
"It existed for several years, but it was not identified by numerous expert cryptographers, scientists, external auditors and third-party development teams that launched new projects based on Zcash."
After the discovery of the vulnerability, Zcash Company took "exceptional measures" to minimize the possibility of its operation, and also notified other cryptocurrency teams that use the zk-SNARKS protocol, including Horizen and Komodo, about its existence.
In a comment from Fortune CEO of Zcash Company, Zuko Wilcox added that the developers refused to contact the creators of Bitcoin Private, a project that enjoys a rather ambiguous reputation due to the alleged use of hidden Prime.
"We did not want to disclose information to other people until the largest capitalization cryptocurrency is protected", – Wilcox said.
Recall that earlier this year, Zuko Wilcox announced that the Zcash community is exploring the possibility of changing the consensus algorithm to reduce the rate of inflation.
Subscribe to ForkLog news on Telegram: ForkLog Live – the complete news source, ForkLog – the most important news and surveys.
Did you find an error in the text? Select it and press CTRL + ENTER
Subscribe to the news Forklog