Ethereum developers Level K took to social media, announcing, “We will shortly disclose a security issue that could potentially cause exchanges a loss of funds. In order to receive advance notice prior to disclosure, please add your name to the following list via pull request, or by DM’ing @trailofbits or @levelk_io.”
Level K Claim to Discover Vulnerability
In a vague message, Level K announced they will disclose particulars of the problem with regard to exchanges and loss of funds, however, in order to get the information interested parties must direct message them through Trail of Bits.
It appears not only exchanges are impacted by this potential threat. The developer group revealed, “This issue also affects other systems that transfer funds to users,” asking again those concerned about such potential to get in contact.
Trail of Bits CEO Confirms
Dan Guido, CEO of Trail Of Bits, confirmed they are working in tandem to release this vulnerability next week and to patch it as soon as possible.
“We will disclose this to as many people and organizations we believe are affected early next week,” Guido tweeted. “We are only gathering contact information right now, and finishing our technical investigation of the flaw.”
Trail of Bits is a software security company that specializes in software auditing, malware, and vulnerability patching. Their involvement in this matter appears to give more credibility to the potential security issue.
Information Released in Staged Process
“It will give people who add themselves to our notification list an advantage,” Guido continued in the thread, “which we are loudly trying to advertise in advance of a quiet, embargo’d notification period and then later public release.”
One concerned comment asked, “As a random individual, can I put my name on the list?” The Trail of Bits CEO noted they were only passing along the information to actionable parties with the ability to patch against the problem. “Everyone else will receive the details once the embargo period has expired,” Guido explained.
When pressed further about decentralized exchanges and the propensity for exit scams, Guido reasoned in response, “Thanks for your perspective, however, we see no better way to release this information than a staged process that attempts to maximize patching and minimize harm. You can choose a different process when you find the bug.”
CoinSpice.io will update readers as new information is available.
CONTINUE THE SPICE and check out our piping hot YouTube channel. Our podcast, Milk, might help sooth that crypto burn. Follow CoinSpice on Twitter. Join our Telegram feed to make sure you never miss a post. Drop some BCH at the merch shop — we’ve got some spicy shirts for men and women. Don’t forget to help spread the word about CoinSpice on social media.