Researchers Say Theyve Exposed Vulnerability in Privacy Centric …

Whitehat researchers are exposing a vulnerability in an anonymity-focused altcoin project thats had a volatile month price-wise.

Security researchers saythey found the master decryption key for the whole Secret (SCRT) Network.

We evaluated TEE-based blockchain Secret Network to see if it was susceptible to AepicLeak, and ended up finding the master decryption key for the whole network.

Secret is a privacy-centric networkwith end-to-end encryption and smart contracts called Secret Contracts.

Explain the whitehat researchers on their website,

The Secret Network has been vulnerable to the xAPIC and MMIO vulnerabilities that were publicly disclosed on August 9th, 2022. These vulnerabilities could be used to extract the consensus seed, a master decryption key for the private transactions on the Secret Network. Exposure of the consensus seed would enable the complete retroactive disclosure of all Secret-4 private transactions since the chain began. We have helped Secret Network to deploy mitigations, especially the Registration Freeze on October 5th, 2022.

Secret Network says they have resolved the vulnerability.

Once verified, access keys that nodes use to register on the network were invalidated, effectively limiting the exposure of the vulnerability. This action occurred on October 4th.

SCRT Labs then worked directly with Intel and the researchers to design and build a solution that would prevent any vulnerable machines from rejoining the network. Those nodes were forcefully ejected from the network and their secrets deleted. The only way for those nodes to rejoin the network was to patch all known vulnerabilities, including xAPIC. This solution was successfully deployed in the November 2nd network upgrade.

Secrets native token SCRT is trading at $0.82 at time of writing.

Featured Image: Shutterstock/Phoenix_Renders/karnoff

More here:
Researchers Say Theyve Exposed Vulnerability in Privacy Centric ...

Related Posts

Comments are closed.