1 year ago
Sui Foundation awarded $500,000 to smart-contract audit steadfast CertiK for discovering a imaginable onslaught vector connected the Sui network.
The vulnerability was an infinite loop bug successful the Sui code, which could beryllium triggered by a malicious astute declaration and origin the blockchain’s nodes to spell connected an endless circle, fundamentally paralyzing the network.
“Differing from accepted attacks that unopen down chains by crashing nodes, the HamsterWheel onslaught traps each nodes successful a authorities of ceaseless cognition without processing caller transactions, arsenic if they were moving connected a hamster wheel. This strategy tin cripple full networks, efficaciously rendering them inoperable,” CertiK said successful a property merchandise connected Monday.
According to the Sui Foundation, erstwhile the bug was identified, a squad of developers installed “two cardinal measures that would trim the imaginable interaction of a akin contented successful the future.” CertiK confirmed that fixes for the bug person already been rolled retired and promised to people a afloat method study later.
“We are highly pleased that the programme resulted successful uncovering and fixing this bug good earlier Sui went live,” Darius Goore, caput of communications astatine Sui Foundation, told CoinDesk.
“Due to the bug bounty program, but besides a robust third-party audits program, and thorough interior testing, the archetypal six weeks of Sui mainnet person been remarkably creaseless from an operational and information perspective,” helium added.
“The find of the HamsterWheel onslaught demonstrates the evolving sophistication of threats to blockchain networks,” Kang Li, main information serviceman astatine CertiK, said successful a written statement.
Edited by Aoyon Ashraf.
English (US) 