Bitcoin Warning As Serious Security Vulnerabilities Uncovered

Bitcoin developers have been trying to make the world’s most popular cryptocurrency more useful for payments, with the somewhat controversial Lightning Network one of the most popular projects.

However, serious security vulnerabilities have this week been discovered on the bitcoin Lightning Network, which could result in users losing their funds if nodes are not upgraded.

“Security issues have been found in various Lightning projects which could cause loss of funds,” wrote software developer, Rusty Russell, who authored the majority part of bitcoin’s Lightning Network protocol specification, in a post shared via a Lightning Network mailing list. “Full details will be released in four weeks, please upgrade well before then.”

The specifics of the vulnerability will be disclosed on 27 September, a common software security practise to both prevent bug exploitation and give developers time to patch problems.

The vulnerability appears to be related to the lightning-ready bitcoin wallet Eclair, which Russell also advised users to update.

The Lightning Network, first proposed by Thaddeus Dryja and Joseph Poon in a 2015 white paper, creates a layer on top of the bitcoin blockchain, where transactions can be passed back and forth before being added to the underlying blockchain.

Today In: Money

This should mean bitcoin transaction speeds are increased while costs are significantly reduced.

There are now a few different Lightning-ready wallets available, as well as companies that are able to process them on behalf of merchants.

However, low user numbers mean bitcoin lightning nodes currently lose money when they process transactions, according to recent reports.

When sending a Lightning payment, two parties deposit the funds at one bitcoin address, a so-called channel, in which they can exchange funds a limitless number of times.

This maintains bitcoin’s security but means small, regular payments don’t need to be added to the underlying blockchain until the channel is closed.

Questions have been raised about what Lightning Network adoption will mean for the bitcoin price, with much of the price dependent on transaction fees picked up by miners.

Most are though confident that with increased bitcoin adoption the price will continue to rise.

Follow me on Twitter.

I am a journalist with significant experience covering technology, finance, economics, and business around the world. As the founding editor of I reported on how technology is changing business, political trends, and the latest culture and lifestyle. I have covered the rise of bitcoin and cryptocurrency since 2012 and have charted its emergence as a niche technology into the greatest threat to the established financial system the world has ever seen and the most important new technology since the internet itself. I have worked and written for CityAM, the Financial Times, and the New Statesman, amongst others. Follow me on Twitter @billybambrough or email me on Disclosure: I occasionally hold some small amount of bitcoin and other cryptocurrencies.

Source: Bitcoin Warning As Serious Security Vulnerabilities Uncovered

By Daniel Chechik, Ben Hayak, and Orit Kravitz Chechik A mysterious vulnerability from 2011 almost made the Bitcoin network collapse. Silk Road, MTGox, and potentially many more trading websites claim to be prone to “Transaction Malleability.” We will shed some light and show in practice how to exploit this vulnerability.


Verge (XVG): Security Issues, Is It the Time to Switch to Proof-of-Stake


Safety 1st – How to Protect your Coins from Malware

Precedent: Two Companies Will Enlist ICO’s Tokens as Securities to Avoid Further SEC Charges – Julie Williams


The U.S. Securities and Exchange Commission (SEC) announced on Friday that CarrierEQ Inc. and Paragon Coin Inc. have settled the charges leveled against them for violating laws guiding initial coin offering (ICO) securities offering. According to the press release, the companies also agreed to return funds to harmed investors, register the tokens as securities, file periodic reports with the commission, and pay penalties.

The United States securities regulator said that despite their warning neither company registered their ICOs as securities before offering them to investors and both companies were not also qualified for registration exemptions.

Now what is ICO all about and why would these firms violate SEC regulations? Let’s begin with what ICO is. Initial coin offering (ICO) refers to the cryptocurrency space equivalent to an initial public offering (IPO) in the normal investment world. ICOs are basically for fundraising. When a company intends to create a new app or service, it can raise funds through the creation of a digital coin. Interested investors then buy the digital coin – with fiat currency or other digital tokens if possible – with the aim to sell later at a higher price.

Investors who buy such offering are now holders of a new cryptocurrency specific to the ICO (something very similar to a shareholder) while the crypto firm uses the investors’ funds to further its goals and launch its products.

Earlier in the year, the Securities and Exchange Commission (SEC) made it known that virtually all tokens are securities because many crypto firms are now hiding under the shield of an ICO in a bid to circumvent federal securities laws. To further strengthen the law, the SEC created a cryptocurrency task-force headed by members of the SEC Division of Enforcement to enforce federal securities laws and seek disgorgement and money penalties for any misconduct by crypto firms. The primary goal of the task force is to ensure that all token issuers comply with federal securities laws as they develop their platforms.

According to the SEC, both CarrierEQ Inc (Airfox) and Paragon Coin Inc. conducted ICOs in 2017 even after the DAOR Report of Investigation clearly stated that ICOs would be henceforth treated as securities.

The press release issued on November 16 showed that a total sum of $15 million worth of digital assets was raised by Airfox, a Boston-based startup, to finance its project. The company claims that the project, which is the development of a token-denominated ecosystem, would allow users in future markets to buy and exchange tokens for data by interacting with advertisements.

Meanwhile, $12 million worth of digital assets was raised by Paragon, an online entity, through the ICO securities offering. The management claimed that the money would be used to develop and implement its business plan which involves the addition of blockchain technology to the cannabis industry and working towards the legalization of cannabis.

Stephanie Avakian, Co-Director of the SEC’s Enforcement Division, reiterated that companies that issue securities through ICOs are required to comply with existing statutes and rules governing the registration of securities.

She also added that these cases would serve as a warning to crypto firms who are considering taking similar actions. She emphasized that the SEC will continue to be on the lookout for violations of the federal securities laws with respect to digital assets. The U.S. SEC also noted that these two cases are their first cases imposing civil penalties solely for ICO securities offering laws violations.




Donate us if you like

%d bloggers like this:
Skip to toolbar