Eleven months ago we discovered a counterfeiting vulnerability in the cryptography underlying some kinds of zero-knowledge proofs.
The counterfeiting vulnerability was fixed by the Sapling network upgrade that activated on October 28th, 2018. The vulnerability was specific to counterfeiting and did not affect user privacy in any way. Prior to its remediation, an attacker could have created fake Zcash without being detected. The counterfeiting vulnerability has been fully remediated in Zcash and no action is required by Zcash users.
This blog post provides details on the vulnerability, how we fixed it and the steps taken to protect Zcash users.
Discussion on this topic should remain in this thread. Thank you!
The blog outlines the reasons why we think the vulnerability wasnāt exploited. Further, our published policy defending against counterfeiting outlines the steps we would take if anything abnormal is detected.
Huge love to the honest cryptographers who patched the issue appropriately, considering the immense monetary compensation that would otherwise be afforded. Congrats to everyone who did the right thing
So will this change the current plans for deprecating sprout addresses? Accelerate?
This is a pretty serious issue, where the inflation could be limitless and any patient person could slowly bleed the network of value.
A person smart enough to exploit the vulnerability wouldnāt get caught right now. If it was exploited it already happened and the individual already sold what they could.
Zcash team has done a commendable job by resolving this major vulnerability. But this whole episode makes me think, people will never trade security for privacy, given a choice they will tap on security over privacy. The market has already spoken they donāt like the news.
Thatās another issue the headlines,was this approved by the zcash team?
āZcash discloses vulnerability that could have allowed āinfinite counterfeitā currencyā
This was the headline of the fortune article, who will not be shit scared when they read this headline? The word ādisclosesā is ambiguous IMO and could have been āresolved, fixed, removed, eliminatesā
We spoke with Robert, who btw I think did a great job with the article, but good reporters donāt give any editorial control on articles or headlines.
The issue is with people reading the headlines and the tweets under itā¦:)ā¦thatās what most people do these days instead of reading the full article.
i think there should be a follow up article which says āZcash becomes more robust and secure after eliminating a major vulnerability. Drastically reducing the possibility of counterfeitingāā¦
Been alot of news about this lately, I was hoping someone could explain a little more about the bug as there is very little information on how it would work. I seen one article showing 1 line of code in a formula was incorrect, but Im not sure how this would of lead to coins being created.
When would the coins appear, when a block was mined or during a transaction?
Could the fake coins appear in a t-add or a z-add or both?
I see the turnstile was added around the same time, was this in response to the bug?
