Connect with us
Active Currencies 16229
Market Cap $3,489,084,904,361.30
Bitcoin Share 54.97%
24h Market Cap Change $-3.22

Vulnerability in Facebook’s Libra identified and patched after security firm’s revelation

1min Read

Share this article

Blockchain infrastructure security firm, OpenZeppelin, has revealed a vulnerability in the Libra open-source scripting language, Move, which would have enabled hackers to take control of smart contracts on the network.

The Move language has the ability to define custom resource types, wherein a resource cannot be copied or deleted, but only moved between storage locations. The vulnerability used a flaw in Move’s intermediate representation language compiler to exploit inline comments, in order to run malicious code on the network. According to the security firm’s CEO, Demian Brener,

“As cryptocurrency continues to grow in popularity, it is vital for companies to audit and ensure that their networks are secure. Libra is groundbreaking, and it’s great how they involve the community by open sourcing their code early in the process. Because of this, we were able to find this vulnerability before the Libra network went live, averting potentially damaging effects. Our team shared several exploit scenarios with the Libra team that illustrated why they needed to address this issue quickly.”

More about the vulnerability can be read on OpenZeppelin’s blog.

According to Brener, the team behind Facebook’s Libra responded quickly to the audits, and has applied a patch to ensure that this vulnerability cannot be exploited further. While we know that Libra will have programmable smart contracts, the depth of these features is yet to be announced. 

OpenZeppelin also works with Coinbase, Brave browser and the Ethereum Foundation.

Share

Biraajmaan is a full-time journalist at AMBCrypto covering the US market. A graduate in Automobile engineering, he writes mainly about regulations and its impact with a focus on technological advancements in the crypto space.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.