Decentralized systems based on technologies such as Blockchain must take into consideration the safety of the security researcher and provide the means to report vulnerabilities anonymously. And because flaws are inevitable, companies working in this space must have a mature, responsible disclosure policy.
In the previous article I reviewed the Segregated Witness (SegWit), a Bitcoin soft fork developed to scale Bitcoin by trimming transaction data that was stored in the block and segregating it in another structure, freeing up space for more transactions. I finished the article promising a follow-up article on SegWit2X, which was scheduled to be released in November 2017.
On August 1st Bitcoin was split into Bitcoin (BTC) and the clonecoin Bitcoin Cash (BCH). The means of this split was both a source code “hard fork,” creating an incompatible and independent crypto currency, in conjunction with a clone of the entire blockchain. Everyone who had bitcoins (BTC) before the fork has the same number of coins in bitcoin cash (BCH). In this article, I’ll explain the security and risks related to this split by discussing the motives, technical differences, and the consequences to the eco-system.
Security researchers at the CWI institute in Amsterdam working together with a team from Google found a practical way to compromise the SHA-1 hash algorithm. The goal of this post on ITSPmagazine is to explain the impact of this finding and what can be done to mitigate the risk.