A counterfeiting vulnerability was discovered in a cryptography paper which could affect ZCash and other cryptocurrencies that are based on the technology. However, the loophole has been fixed in the case of Zcash, but there are still some companies whose tokens can be counterfeited, according to Fortune on February 5.
ZCash Discovers a Bug that can Lead to Counterfeiting of Crypto
Reportedly, Ariel Gabizon, an engineer at Zerocoin Electric Coin Company on March 1, 2018, discovered a minor error in a seminal cryptography paper which is used to develop some cryptocurrencies. However, on further study of the problem, he realized that it is a bug that could be taken advantage of to illegally mine Zcash and other cryptocurrencies that are based on this cryptographic technology.
To resolve the issue, Bryce Wilcox, CEO of ZCash told the media that they had kept their discovery private between only 4 members of the company. Also, the team used encrypted means to communicate and decided that subsequently, other companies that had been affected will be informed after the problem was taken under control. Their aim was to prevent chaos and wade off a potential attack when the news is publicized.
The CEO also said:
We don’t believe that there was any exploitation of the vulnerability
Team Fixes Bug 7 Months After its Discovery
More light into the event reveals that it took the team about 7 months to resolve the problem. In this case, an additional code was sneaked in during the October 28 Sapling upgrade that had been scheduled by the company. While speaking to the media outlet, they revealed that only the quad was aware the entire time.
Furthermore, they kept to their plans to inform others about the bug and two companies, Komodo and Horizen were the first to be contacted on November 13. According to Zcash, the duo was selected because they have the next highest market valuation after Zcash. Komodo reportedly has a market cap of $72 million while Horizen, which was formerly known as ZenCash has a market cap of $22 million.
Other Cryptocurrency Projects are Still Vulnerable
Despite these attempts, other companies that have not made updates to their code are still susceptible. As such, their cryptocurrencies can be forged as is the case of Monero which is constantly being mined illegally. It has, however, been pointed out that the bug that was fixed is not of the same makeup as that used to mine Monero even though both achieve the same purpose.