Zcash Developers Repoted Elimination Of A Critical Vulnerability In 2018
Zcash Company, developing Zcash cryptocurrency, revealed details of the vulnerability that had allowed hackers to create an unlimited number of non-existent ZEC coins.
According to the report in the company’s blog, in March 2018, the Zcash cryptographer Ariel Gabizon discovered a vulnerability in the zk-SNARKS protocol, used in Zcash to conceal users’ balances and data.
The developers of the cryptocurrency decided not to disclose the details of the problem, including a patch in the update of Zcash Sapling protocol, which was activated at the end of October. And only now the project team has publicly disclosed the circumstances of the incident.
The developers note that the detection of the vulnerability required an advanced level of technical and cryptographic knowledge, which only few have.
After the vulnerability was discovered, Zcash Company took exceptional measures to minimize the possibility of its being used, and notified other cryptocurrency teams, using the ZK-SNARKS protocol, of its existence.
In a comment to Fortune CEO Zcash Company added that the developers refused to contact the creators of Bitcoin Private, a project that has a very ambiguous reputation due to of the alleged use of hidden premining.