Kevin Cormack

Happy #eCashDay everyone! 🎂😍 Today marks 1 year since we rebranded to #eCash — and what a year it's been! We are so proud of everything we have achieved & are thankful to the community who have been along for the journey. 🎉 It's time to recap! ⏳ 1/ 🧵

Set a reminder for my upcoming Space! My next guest is none other than @cyprianous, who I will be asking about the new MUSD stablecoin leveraging the eCash network as well as his thoughts on crypto and what he calls the “cheap utility” thesis. twitter.com/i/spaces/1djxX…

x.com/i/article/1869…

Public Disclosure of "DogeReaper", a critical vulnerability in Dogecoin DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely. See the video below for a demonstration. It works similarly to the Japanese manga series "Death Note", where you write down the name of a person and that person immediately dies of a heart attack. DogeReaper is similar, where you write down the address of any Dogecoin node, and that node instantly dies of a Segmentation Fault. Since the addresses of the Dogecoin nodes are known publicly, anyone could crash the entire Dogecoin network in an instant. If a malicious actor would’ve found this bug instead of us, he could have stopped the Dogecoin network for at least a few days, with no transactions or blocks. This would’ve caused a lot of FUD, and the $DOGE price surely would have been closer to $0 than to $1. Luckily though, we discovered this bug before all this could happen, and DOGE is safe. We've privately disclosed this vulnerability to the parties most affected by this (miners, exchanges), and most systems have been patched. NB: @Coinbase considers the severity of this as “Low” and “informative”. A fix has already been deployed as part of Dogecoin Core 1.14.9. Any version below that is affected by this vulnerability, which according to Blockchair are around 90% of nodes. Our implementation "doged" is not affected (previously called "Dogecash"). Link in the replies if you want to run your own instance. If you're running any of the versions 1.14.8 and below, you MUST update your node. Otherwise, anyone can crash it remotely with minimal effort, as shown in the video demonstration. A signed SHA-256 commitment to prove authorship has been made on Nov 22 on this Twitter account, and in this Dogecoin transaction: c0316b81038bb3c45f50f9cfa929afebcbb17770f95e5cabd133581a147e26e8 So here it is, the DogeReaper vulnerability: Summary: Malformed AuxPow Coinbase Causes Segmentation Fault in Dogecoin Responsible Disclosure By: Tobias Ruck @be.cash> Roqqit @proton.me> Bounties: DCJDfXGLWBy5psR5QkiTTq62dK1VmGKTtn dogecoind Versions Affected: v1.14-rc-1 (released 2019) and later dogecoin developer branch 1.21-dev is also affected. Who is impacted? Potentially all dogecoind node operators (miners, exchanges, businesses). Impact if exploited: Potential to remotely crash dogecoind and halt the Dogecoin network. User funds are not at risk. Public Disclosure: We anticipate publishing the public disclosure on or after December 4th, 2024. We encourage you to patch and test your systems before this date. Suggested Remedy: Immediately apply the following patch to dogecoind: ``` diff --git a/src/auxpow.cpp b/src/auxpow.cpp index 56b919d3b..dfc378abb 100644 --- a/src/auxpow.cpp +++ b/src/auxpow.cpp @@ -101,6 +101,10 @@ CAuxPow::check(const uint256& hashAuxBlock, int nChainId, != parentBlock.hashMerkleRoot) return error("Aux POW merkle root incorrect"); + if (tx->vin.empty()) { + return error("Aux POW coinbase has no inputs"); + } + const CScript script = tx->vin[0].scriptSig; // Check that the same work is not submitted twice to our chain. ``` Alternative Remedy: Replace dogecoind with the Dogecash node implementation. See github.com/dogecash-io/do… and read more details about it in the Dogecash section at the bottom of this disclosure. Details: Commit bc8cca48968dfa3f60b5eae6a2b92bdd2870eee3 introduced AuxPow support into dogecoind. AuxPow is a feature that allows Dogecoin and other blockchain networks to share proof of work. While the AuxPow data is not validated in entirety (since dogecoind has no way to know the consensus rules of other blockchains), there is verification of the proof of work of the AuxPow payload. This is done in AuxPow::check() in src/auxpow.cpp. The vulnerability in question relates to this line: const CScript script = tx->vin[0].scriptSig; Note the assumption that tx->vin is not empty. No validation is done to ensure tx->vin contains one or more entries. We verified the impact of this vulnerability by applying the following patch which tests AuxPow with no inputs in tx-vin: ``` diff --git a/qa/rpc-tests/test_framework/scrypt_auxpow.py b/qa/rpc-tests/test_framework/scrypt_auxpow.py index 3beefa057..c2f999947 100644 --- a/qa/rpc-tests/test_framework/scrypt_auxpow.py +++ b/qa/rpc-tests/test_framework/scrypt_auxpow.py @@ -36,7 +36,7 @@ def computeAuxpowWithChainId (block, target, chainid, ok): # Build up the full coinbase transaction. It consists only # of the input and has no outputs. - tx = "01000000" + vin + "00" + ("00" * 4) + tx = "01000000" + "00" + "00" + ("00" * 4) txHash = doubleHashHex (tx) # Construct the parent block header. It need not be valid, just good ``` And then running the AuxPow functional test: make && ./qa/pull-tester/rpc-tests.py auxpow.py Note that the test fails with error code -11 SIGSEGV, indicating the node segfaulted during the test. Because of the nature of this functional test, we believe this is a reasonable approximation of the behavior we would see if this were exploited in the wild. The cost to an attacker to exploit this is extremely low and the complexity of such an attack is also extremely low. With the patch applied from the Suggested Remedy section above, note how the modified test no longer reports a segfault and instead reports only the expected test failure. We also discovered that the AuxPow implementation was backported from Namecoin (github.com/namecoin/namec…), however this vulnerability has already been patched as of May 15, 2019: github.com/namecoin/namec… so no attempt to contact the Namecoin developers or businesses has been made. We have not yet identified other software forks that may be affected. We encourage recipients of this disclosure report to share it with trusted individuals related to projects forked from either Namecoin or Dogecoin. Please note that time is of the essence, and sharing this days prior to the public disclosure date is encouraged. Dogecash as Alternate Remedy: Over the last 5 months, we have been developing a high performance Dogecoin node implementation that we call Dogecash. Dogecash is not a new blockchain. It is an alternative node implementation that is 100% compatible with Dogecoin. In addition to various improvements in performance, usability, and test coverage, you may notice Dogecash does not suffer from the same vulnerability. You may also notice that Dogecash's modern RPC suite more similarly matches the ones you are already familiar with on Bitcoin (BTC) and eCash (XEC). Our RPC suite is significantly faster than dogecoind, has better test coverage, faster sync/IBD, and the code is cleaner and easier to review. It also ships with a fast blockchain indexer. We humbly invite you try out Dogecash and are welcome to feedback: github.com/dogecash-io/do… If you plan to run Dogecash, please test against your internal systems before deploying on Dogecoin mainnet. If you encounter any issues, you can email us with your feedback.

$XEC #ECASH #XEC this coin structure is developing. projects keeps moving forward. investors coming in. tech-devs flows innovating. with this momentum pattern this could be a hit. ideal easy 8x to 20x on this 2025 and #altcoinbullrun peak could be at $0.01 Low Risk High Reward