A mistake in the bulletproofs paper could have led to the theft of millions of dollars

By Jim Miller We discovered a critical vulnerability in Incognito Chain that would allow an attacker to mint arbitrary tokens and drain user funds. Incognito offers confidential transactions through zero-knowledge proofs, so an attacker could have stolen millions of dollars of shielded funds without ever being detected or identified. The vulnerability stemmed from an insecure […]

confidential critical critical vulnerability cryptography funds incognito incognito chain knowledge led miller mint mistake stolen theft tokens transactions vulnerability