Bug on TRON could have allowed a single computer to crash the network

Bug on TRON could have allowed a single computer to crash the network
фото показано с : cryptoslate.com

2019-5-7 11:10

A high severity bug on the TRON network could have allowed an attacker with a single computer to crash the network, as first reported by TNW. The fault stems from a vulnerability related to spamming smart contracts.

On Jan. 13th, software engineer Danish Shrestha reported a bug to TRON that would have allowed an attacker to conduct a distributed-denial-of-service attack on the TRON blockchain.

“Using a single machine an attacker could send DDOS attack to all or 51% of the SR [super representative] nodes and render Tron network unusable or make it unavailable.”

The bug stems from one type of computationally intensive operation, which takes 2-3 minutes for a modern MacBook Pro to process. A particular type of smart contract deployment on TRON’s wallet required six of these operations. In combination, these deployments had the potential to bog down the TRON blockchain.

By spamming these smart contract deployments it was possible to overwhelm the TRON network, clogging up available CPU and memory—rendering the blockchain unusable.

The exploit is similar to other types of denial-of-service (DoS) attacks. Simple attacks like spamming transactions or smart contract requests make it possible to overwhelm the resources of a network and make it inaccessible.

Related: Justin Sun reveals launch date for second-layer scaling, “100X scalability” for TRON

Networks like Bitcoin and Ethereum add a cost to transactions to prevent this simple kind of attack (although there are many other types), while XRP Ledger has a cost attached to creating new addresses for similar reasons. Networks are vulnerable if resources are too cheap or free.

Something to keep in mind is that these kind of bugs are not uncommon, especially for a system as complex as a blockchain protocol.

EOS is known for giving out large bug bounties to incentivize ethical hacking. Since blockchain protocols are oftentimes open-source, companies like TRON can leverage the community to discover vulnerabilities as people probe the code.

The TRON Foundation awarded Shrestha $1,500 for finding the bug and marked the issue resolved on Jan. 31st.

The post Bug on TRON could have allowed a single computer to crash the network appeared first on CryptoSlate.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Santiment Network Token (SAN) на Currencies.ru

$ 0.0865709 (-0.22%)
Объем 24H $210
Изменеия 24h: 9.95 %, 7d: 19.49 %
Cегодня L: $0.0865709 - H: $0.0865709
Капитализация $0 Rank 5672
Цена в час новости $ 0.7741 (-88.82%)

network allowed tron bug crash computer single

network allowed → Результатов: 46


PayBito Exchange Announces Plan to List Zcash (ZEC) Privacy Cryptocurrency

PayBito has announced that it will soon list Zcash on its exchange. The platform is built on HashCash which is built on the HC Net blockchain network. Before the addition of Zcash, the PayBito exchange allowed users to trade the dollar against a variety of cryptocurrencies, including Bitcoin, Bitcoin Cash, Bitcoin SV, Ethereum, Ethereum Classic, […]

2019-5-5 00:15


Фото:

Ethereum Vulnerability Could Have Allowed Attackers to Drain Hot Wallets

A recent vulnerability in the Ethereum network could have reportedly allowed hackers to gain massive profits from cryptocurrency exchanges which haven’t set up a Gas usage limit. A Critical Vulnerability A group of researchers discovered a vulnerability in Ethereum which allowed attackers to drain exchanges by burning their ETH on high transaction costs or to benefit directly by minting GasToken.

2018-11-27 02:00


Фото:

A Bug Making Ethereum Transactions on Exchanges Vulnerable Has Been Fixed

A bug centering around a new Ethereum token, GasToken, which was enabling abuse on cryptocurrency exchanges, appears to have been resolved. The details are provided in a report originally published on November 13, 2018, that discussed how the bug was exploited by attackers, and what digital platforms could do if they wished to protect their hot wallet funds.

2018-11-22 00:34


Фото:

What Bitcoin Did Gets Technical with Crypto-Educator Jimmy Song

<iframe style="border: none" src="//html5-player. libsyn. com/embed/episode/id/7132345/height/90/theme/custom/autoplay/no/autonext/no/thumbnail/yes/preload/no/no_addthis/no/direction/backward/render-playlist/no/custom-color/87A93A/" height="90" width="100%" scrolling="no"  allowfullscreen webkitallowfullscreen mozallowfullscreen oallowfullscreen msallowfullscreen></iframe> On the latest episode of What Bitcoin Did, host Peter McCormack interviews Jimmy Song, a consultant in blockchain education, to take an in-depth look at a relatively recent incident in the world of cryptocurrency and use that as an example to segue into a deeper discussion on the possible trajectories of Bitcoin itself.

2018-10-6 00:05


Фото:

Is It Right That EOS Is Forcing You To Give Up Your Private Key?

As the EOS MainNet launch continues, after the worlds biggest and most successful ICO that has really delivered EOS to the fore, we are now seeing the network sit within a state of limbo. A state of limbo that is requiring investors to confirm their private key in order to prove asset ownership, in order to allow them to place a vote on who will be allowed to process transactions on the new EOS blockchain.

2018-6-13 13:30