Zcash fixes critical vulnerability: previously threatened the security of over 25,000 ZEC, worth approximately 6.5 million dollars
The privacy coin Zcash recently disclosed and fixed a critical security vulnerability that could have been exploited by malicious miners to transfer over 25,000 ZEC (approximately 6.5 million USD) from the deprecated Sprout privacy pool. Security researcher Alex "Scalar" Sol disclosed on March 23 that the vulnerability stemmed from the zcashd node skipping proof verification when processing transactions involving the Sprout pool.
The official statement indicated that the vulnerability had existed since July 2020 but had not been actively exploited, and user funds remained safe at all times. The development team has released version 6.12.0 to complete the fix, and mainstream mining pools have completed the upgrade deployment within a few days. Additionally, the unaffected Zebra full node implementation has the capability to trigger a chain fork, providing extra protection in the event of exploitation.
It was disclosed that although the Sprout pool closed to new deposits in November 2020, approximately 25,424 ZEC remained untransferred. Even if the vulnerability were exploited, Zcash's "turnstile" mechanism would prevent inflationary issuance, ensuring that the total supply would not be breached. This vulnerability was discovered with the assistance of AI, and the researcher will receive a total bounty of 200 ZEC (approximately 51,000 USD). It is worth noting that this is not the first time Zcash has encountered a significant vulnerability; as early as 2019, it had fixed a serious flaw that could lead to unlimited issuance.
You may also like
Standard Chartered Bank sings a 50x rhapsody again, aiming for AAVE to reach 3500 USD
Tidal Investment: We still have a positive outlook on the AI industry chain, but the reasons have changed
Former SpaceX engineer reconstructs the financial execution system using first principles
Why Is PAXG Price Different From Gold? 5 Reasons Crypto Traders Should Know
The cryptocurrency industry has entered the "Show Me" era: merely relying on vision is no longer enough
WEEX OpenAPI 101: 5 Powerful Modules, AI Trading Tools, and Grab Up to 70% Revenue Opportunities
Learn how WEEX OpenAPI connects traders, developers, AI agents, and trading platforms. Discover WEEX API features, Binance-compatible integration, automated trading workflows, revenue opportunities, and ecosystem possibilities.
Morning News | The draft amendment to the People's Bank of China Law aims to clarify the legal status of digital renminbi; South Korea will transfer about 40 unregistered virtual asset service providers to law enforcement agencies
Interpreting the Ethereum Foundation's new structure: Reaffirming self-sovereignty amid institutional trends
Interview with NDV Founder Jason Huang: Popping the AI Bubble and the Myth of Microstrategy, Seeking the Ultimate Ace in the Crypto Market
Morning Report | Former Ethereum Foundation researcher establishes Ethlabs; EU Parliament Economic Committee passes digital euro regulatory proposal
Dragonfly partner Haseeb: The fastest-growing companies in the future may all be stuck at 149 people
How xBubble Breaks the Deadlock in VC's Heavy Investment in the OPC Economy
The encrypted unicorn Blockstream is deeply embroiled in a serious fraud case
Morning Report | The South Korean Financial Services Commission plans to expand the regulatory sandbox to include virtual assets; the parent company of the New York Stock Exchange, ICE, has reached a partnership with OKX to jointly establish a cryptocu...
Exclusive Interview with Strategy CEO: Putting Aside the Sale of 32 BTC, the 60 Trillion AI Intelligence is the Ultimate Fate of Bitcoin
TRON revitalizes the image of the bull, creating a more approachable brand character
Will the STRC issuance price discussed with ChatGPT really fall into a death spiral?
The foundation retreats, Ethlabs steps forward: Ethereum welcomes its largest restructuring in history
Standard Chartered Bank sings a 50x rhapsody again, aiming for AAVE to reach 3500 USD
Tidal Investment: We still have a positive outlook on the AI industry chain, but the reasons have changed
Former SpaceX engineer reconstructs the financial execution system using first principles
Why Is PAXG Price Different From Gold? 5 Reasons Crypto Traders Should Know
The cryptocurrency industry has entered the "Show Me" era: merely relying on vision is no longer enough
WEEX OpenAPI 101: 5 Powerful Modules, AI Trading Tools, and Grab Up to 70% Revenue Opportunities
Learn how WEEX OpenAPI connects traders, developers, AI agents, and trading platforms. Discover WEEX API features, Binance-compatible integration, automated trading workflows, revenue opportunities, and ecosystem possibilities.
