the worst blockchain makes the worst typos

Judo, one so many blockchain that was supposed to compete with Ethereum, has just experienced the worst publicity imaginable. Yesterday, one of his team of developers transferred the equivalent of $ 36 million (34 million euros) in cryptocurrencies to a bad wallet, with no option to cancel the on-site operation.

125 validators and no warnings

On the occasion of a monstrous attack, on an account that would have extracted this sum maliciously, the Juno teams missed out on a major human error. In his original plan, the amount was to be transferred to a company’s wallet address pending a vote on how it would be used.

“This was the first major example yet of the blockchain community voting to change the symbolic balance of a single user accused of acting maliciously”explained a journalist from CoinDesk.

Only the developer responsible for tampering accidentally entered the hash number instead of the wallet number. By confirming its transaction, none of the blockchain network’s 125 validators recognized the error and did not object to the confirmation.

Clearly, the error was a typo during copy-paste, but the entire Juno team has its share of responsibility. Although no member of the blockchain miners could give the warning, the returned message is very bad for a blockchain operating under the “Proof-of-Stake” principle, instead of “Proof-of-Work”, as it is. the case of Ethereum.

Validators are intended to be guardians of network security and decentralized processing. However, in this case, they can be held responsible for not being able to detect the error in the entry in time. Daniel Hwang, one of the Juno Blockchain Validators, told CoinDesk : “we screwed it all up”and added that the error was mainly “validators’ fault” who executed the code.

Juno blockchain

© Juno Network

A solution

Where Juno may be happy to use a Proof-of-Stake protocol rather than Proof-of-Work is that they should be able to find a solution faster. In fact, the Juno blockchain relies on a so-called “governance” protocol, where token holders can vote to change transactions in the blockchain. The majority wins, and once the vote is complete, the transaction can be reversed by an update.

A similar vote has already taken place last week on whether Juno should be responsible for extracting the $ 36 million from the malicious wallet.

The update will be deep because at the same time to bring about improvements it will change the general ledger for Juno accounts – usually immutable. A final solution that would have experienced much more difficulty on a blockchain like Ethereum. Except that this certainly would not have missed the input error from the start …

Juno token

© CoinMarketCap

Blockchain security charges and doubts

As a result of the accident, the Junos token lost more than 10% of its value. Looking at the long term, many investors have already parted with their tokens as Juno has lost over 72% since its peak two months ago.

Several people, including the owner of the wallet with the $ 36 million raised, accuse members of the management of Juno of having made secret transactions themselves to enrich themselves behind the backs of the community.

These allegations have not yet been confirmed. However, there has never been so much doubt as another event in early April further undermined investor confidence. The issuance of a maliciously crafted contract had made the Juno network offline for more than 24 hours.


Leave a Comment