Eleven months ago we discovered a counterfeiting vulnerability in the cryptography underlying some kinds of zero-knowledge proofs.
The counterfeiting vulnerability was fixed by the Sapling network upgrade that activated on October 28th, 2018. The vulnerability was specific to counterfeiting and did not affect user privacy in any way. Prior to its remediation, an attacker could have created fake Zcash without being detected. The counterfeiting vulnerability has been fully remediated in Zcash and no action is required by Zcash users.
This blog post provides details on the vulnerability, how we fixed it and the steps taken to protect Zcash users.
Discussion on this topic should remain in this thread. Thank you!
So will this change the current plans for deprecating sprout addresses? Accelerate?
This is a pretty serious issue, where the inflation could be limitless and any patient person could slowly bleed the network of value.
Zcash team has done a commendable job by resolving this major vulnerability. But this whole episode makes me think, people will never trade security for privacy, given a choice they will tap on security over privacy. The market has already spoken they don’t like the news.
Been alot of news about this lately, I was hoping someone could explain a little more about the bug as there is very little information on how it would work. I seen one article showing 1 line of code in a formula was incorrect, but Im not sure how this would of lead to coins being created.
When would the coins appear, when a block was mined or during a transaction?
Could the fake coins appear in a t-add or a z-add or both?
I see the turnstile was added around the same time, was this in response to the bug?