Bittrex has locked out deposits and withdrawals (but not trading) of ZEN and ZCL due a vulnerability related to the split from ZCL to ZCL and ZEN. Bittrex is the primary exchange for them. The lead developer has left the project.
The nature of this type of attack, called a replay attack, could lead to a transaction replaying from the Zclassic blockchain to the Zen blockchain if the vulnerability is exploited.
ZEN company has thanked the lead developer for making the vulnerability public and bringing it to their attention at the same time he quit the project. Iām not trying to be sarcastic Iām just relaying their announcement. I havenāt found his public comments, so I donāt know if it was a rage quit.
ZCL seemed to get off to a good start on the appeal of not being directed by a company that receives coins. It was billed as ZEC without a āpre-mineā. Up until the split was announced, ZCL was beating ZEC on appreciation rising over 20x from December to May. ZEC has risen only 10x from itās absolute brief low to its high.
But then they decided the no-profit route just did not cut work and split it into ZEN with no pre-mine, no ICO, etc and yet if you look at the breakdown of where coins go, 12% go places other than mining. If thatās for the life of the coin, then I think thatās more than ZEC takes.
There was talk that the split to ZEN enabled a lot of insider profits to be made by buying ZCL before the announcement.ZCL dropped immediately as ZEN trading became available. Now Iām wondering if an insider who may have returned to buying ZCL before this announcement is going to get a boost, especially if he soon publicly returns to ZCL.
movrcx fully disclosed the vuln publicly without even thinking for a second the harm heād do in the process to the miners and hodlers.
There are a number of us who are now stuck in limbo the past 48 hours waiting for the wallets to be re-enabled on the exchanges so we can get out of this ponzi for good.
The most bizarre thing out of it all, is that the party who disclosed the vuln was the main developer, and they left ZEN before even patching the vuln in which they themselves were responsible for placing in the code in the first place; ok they made a temp fix days before disclosure but it didnāt amount to much - https://github.com/zencashio/zen/commit/75867a1c5183f3d0f76685c0fe7bce9724f31d7b *claps*.
All in all, this shows very little maturity from both projects seeing as ZEN is going on like nothing happened and kissing movās ass, whilst ZCL is all āwelcome backā, āyes this is great, we finally have that amazing developer, who couldnāt even patch his own vulnsā.
Best advice at this point is to be weary of both ZCL and ZEN.
If youāre looking at both of these projects long term, donāt.
Short term, theyāre both profitable but even then thereās still risk.
Hush is the only zcash fork (possibly komodo too but havenāt had time to look into it) which we should all be looking to now long term.
The fact that @anon47418038 is now the lead of that project and that they have a promising road map with realistic targets such as XCAT, i2p and IPFS integration and a lightweight client in the works should be more than enough to sway away those who were previously vested in ZCL and ZEN.
Yikes. Both June 4th and 5th tweets should have been a clear indicator to stay the hell away.
What kind of lead dev advises others to invest in his play toy and then goes on to request for all his followers to place buy orders on an exchange.
Also couldnāt help notice he favorites his own tweets which no one has responded to
Definitely a narcissist, probably worse.
By the way, a means of splitting coins (for any Zcash protocol/code-fork) without relying on the developers of that fork to have implemented replay protection correctly, is to send them in a JoinSplit anchored to a block that only exists (preferably, that can only exist, due to consensus rule changes) in the fork you intend to transact on.
This works for shielded transactions; Zcash Hard Fork 0 [later named Overwinter] will implement reliable replay protection for all transactions.
My suggestion to the developers of any blockchain cryptocurrency is: donāt do any kind of fork under time pressure. (I realise there are situations where this advice is difficult to follow; try to not get your coin into those situations in the first place.)
Sound advice @daira.
The ZEN debacle should serve as a lesson to all others thinking of jumping in on future splits.
And now I hear thereās rumors circulating of zclassic looking to launch another coin in the future. If true, they might as well jump in on that ICO ponzi craze at this rate, seeing as last I heard, ICOs yield great returns.
Canāt wait til ICO: The Smartest Guys in The Room. Going to make Enron look like childās play.
Any endorsement from Waynechain is a clear sell.
Going to forward this onto denarium. All crypto veterans should own a ponzICO piece.
Shall sit nicely alongside my UASF and make ethereum immutable memorabilia
What about Zcoin? It used to be Moneta. Their team looks a lot better than ZenCash. But it seems they had a similar break with a co-founder in December. A few days (weeks?) later, someone started exploiting a single-byte code error to generate Zcoin and get away with 400 BTC.
How does Zcoinās RSA accumulators compare with Zcashās zk-SNARKS? Which one can scale better?
