Connect with us


Stellar silently patched a bug that allowed a user to ‘create’ 2.25 billion XLM worth $10 million




Stellar silently patched a bug that allowed a user to "create" 2.25 million XLM worth $10 million
Source: Unsplash

According to a new research report by Messari, Stellar had a bug which was abused by a user to create 2.25 billion XLM, worth approximately $10 million in 2017. This bug was identified by Stellar’s Development Foundation [SDF] and patched thereafter.

In 2017, the attacker exploited “MergeOPFrame::doApply” function in the Stellar code and created 2.25 billion XLM for himself. At the time, the amount was worth approximately 25% of the circulating supply. SDF eventually patched this bug and announced a coinburn equivalent to the amount created by the attacker. Messari reported that “public disclosures at the SDF regarding the event were relatively muted, and no media seems to have previously reported on the bug.”

Messari’s summary of the report stated:

“The affected addresses and related records of the bug are no longer accessible on Stellar Expert or other block explorers, but our research team was able to track the historical transactions through the Horizon client transaction history.”

It also added that the generated XLM might have been moved to exchanges and sold at the peak of crypto-frenzy in 2017.

Messari contacted Stellar before publishing the report, to which Stellar replied:

“In April 2017, Stellar was an emerging open-source project with a small but dedicated developer community. Announcing the bug in our release notes therefore made total sense—that’s how you reach those users. We mentioned it twice, in fact, in the notes, and we were very clear the bug had been exploited. From there, we took the additional step of burning Lumens to “true up” the supply, so that current $XLM owners wouldn’t be diluted and our projected total supply would remain accurate. We recognize that Stellar has since become significant financial software, and our disclosure standards have grown to reflect that reality. There’s been no notable bug since, and if there were we would disclose it in full detail as soon as it was patched. As we announced last month in our 2019 Roadmap we have already committed to a full accounting of all of SDF’s Lumens by the end of the year, and more details around this old bug were going to be (and still will be) part of that.”

Correction: A previous version of this article mistakenly stated that 2.25 million XLM were created, instead of 2.25 billion XLM. The error has since been corrected.

Subscribe to AMBCrypto’s Newsletter

Follow us on Telegram | Twitter | Facebook

Akash is your usual Mechie with an unusual interest in cryptos and day trading, ergo, a full-time journalist at AMBCrypto. Holds XRP due to peer pressure but otherwise found day trading with what little capital that he owns.


SEC delays VanEck Bitcoin ETF decision days after delaying Bitwise proposed rule change





SEC delays VanEck Bitcoin ETF decision days after delaying the Bitwise proposed rule change
Source: Unsplash

The Securities and Commission Exchange [SEC] has yet again delayed another Bitcoin ETF. This time around, the commission has decided to delay the VanEck Soldix Bitcoin ETF, one of the most awaited exchange-traded funds in the cryptocurrency community.

In the document released today, the exchange has asked for more comments on the proposed rule change and has also asked for further information on queries related to the exchange-traded fund. The commission stated that it has received 25 comments on the proposed rule change so far.  It stated,

“On January 30, 2019, Cboe BZX Exchange, Inc. […] filed with the Securities and Exchange Commission, […] a proposed rule change to list and trade shares of SolidX Bitcoin Shares issued by the VanEck SolidX Bitcoin Trust […] The proposed rule change was published for comment in the Federal Register on February 20, 2019.”

It further stated

“On March 29, 2019, pursuant to Section 19(b)(2) of the Act, the commission designated a longer period within which to approve the proposed rule change, disapprove the proposed rule change, or institute proceedings to determine whether to disapprove the proposed rule change.”

Notably, the main concerns of the commission continue to be market manipulation and the measure taken by the platform to protect its investors. The commission is currently seeking comments on 14 queries pertaining to the VanEck Bitcoin ETF.

This includes the views of the ‘commenters’ on whether the exchange has entered “into a surveillance-sharing agreement with a regulated market of significant size related to bitcoin?”, the relationship between the Bitcoin futures markets and the Bitcoin spot market, with the focus being price formation, the relationship between the Bitcoin futures market and the proposed Bitcoin ETF, and the commenters’ views “of the Exchange’s assertions that bitcoin is arguably less susceptible to manipulation than other commodities that underlie ETPs”.

Gabor Gurbacs, Director of Digital Assets Strategy with VanEck said on Twitter,

“The VanEck SolidX #Bitcoin #ETF decision has been postponed by the SEC. We continue the hard work towards better-regulated, safer and more liquid digital assets markets. Bitcoin is too big to ignore. Vires in numeris!”

Subscribe to AMBCrypto’s Newsletter

Continue Reading