You can check the website statistics yourself or request them from us at [email protected]
On this platform, only organic high-quality traffic
Bitcoin
$ 30,725

White Hat Hackers Awarded $300K After Uncovering Critical Chainlink VRF Vulnerability

Decentralized oracle network Chainlink has recognized white hat hackers Zach Obront and Or Cyngiser of Trust by awarding them $300,000 for identifying a critical vulnerability in its Verifiable Random Function (VRF) product. The VRF feature enables smart contracts to access tamper-proof random values while maintaining a high level of security.

This discovery of a significant bug comes at a time when Chainlink is experiencing increased institutional adoption of its Cross-Chain Interoperability Protocol (CCIP) technology. Noteworthy traditional institutions, including Swift, Vodafone, and South Korea’s largest gaming company, have recently embraced Chainlink’s technology. The vulnerability identification and subsequent reward underline the importance of ongoing security efforts in the blockchain and decentralized finance space.

Uncovered Potential for Manipulation

Chainlink Labs reported that Obront and Cyngiser discovered a critical issue in which a malicious VRF subscription owner could potentially disrupt the proper generation of random values for users. This could be achieved by blocking and rerolling until a desired outcome occurred, posing a significant smart contract vulnerability.

While the specific conditions needed to exploit this loophole were somewhat specific, the vulnerability compromised the fundamental functionality of Chainlink VRF, which is to provide transparent and verifiable on-chain randomness. The primary risk stemmed from a compromised or malicious subscription owner, a role typically controlled by the decentralized app utilizing VRF. The identified vulnerability underscores the importance of continuous vigilance and prompt action in maintaining the security of decentralized systems.

Mitigation Implemented, $300K Bounty Paid

Following consultations with the researchers, Chainlink swiftly implemented a fix to ensure the delivery of randomness, even if a subscription owner attempts to exploit the vulnerability. In recognition of their responsible disclosure, Obront and Cyngiser were awarded $300,000, a payout that ranks among the top 10 in Immunefi’s history.

Chainlink actively runs bug bounty programs on platforms like HackerOne and Immunefi, providing incentives for security researchers to identify and report vulnerabilities in its systems. The network has disbursed over $500,000 to date across more than 75 resolved reports.

In addition to bug bounty programs, Chainlink has engaged in crowdsourced audits on platforms like Code4rena to further bolster security measures. These proactive steps highlight Chainlink’s commitment to securing its reputation for reliability and transparency, especially as it experiences increased adoption in the decentralized finance and blockchain space.

Increasing Real-World Use Cases

Chainlink’s Verifiable Random Function (VRF) is a crucial component for decentralized applications (dApps) like Axie Infinity, PancakeSwap, and Aavegotchi, providing a layer of security for smart contracts. Additionally, Chainlink’s Cross-Chain Interoperability Protocol (CCIP) facilitates communication between different blockchains, overcoming a significant hurdle in decentralized finance (DeFi). Notably, major institutions such as Swift and Vodafone have adopted Chainlink’s technology for tokenization, indicating a growing trust in its capabilities.

As decentralized finance continues its rapid expansion, the security and interoperability solutions offered by Chainlink are likely to see increased real-world application. Responsible disclosure and timely mitigation of issues, such as the recent VRF vulnerability, are crucial for maintaining reliability, especially as the use cases for Chainlink’s technology scale up in the evolving landscape of decentralized finance.

Related Posts

Leave a Reply

Confirm now and stay with our news

What we write about

I want to save money. Will cryptocurrency work?

Cryptocurrency is essentially virtual money that operates in a decentralized manner, not through a bank but directly on multiple independent computers.

Every cryptocurrency has two main components: the units of digital exchange called “coins” and the network within which the exchange takes place. These units can be transferred between wallets and exchanged on exchanges. The networks in which these coins exist are called blockchains, which translates to “chains of blocks.”

Latest Articles

S&P Global Ratings joins Singapore MAS’s Project Guardian
28.06.2024By
Boden Memecoin Crashes After US President Biden’s Poor Debate Performance
28.06.2024By
Steno Research Expects $15-20B Inflows into Ether Spot ETFs, Predicts $6,500 Price Target
28.06.2024By

Latest news

S&P Global Ratings joins Singapore MAS’s Project Guardian
28.06.2024
Boden Memecoin Crashes After US President Biden’s Poor Debate Performance
28.06.2024
Steno Research Expects $15-20B Inflows into Ether Spot ETFs, Predicts $6,500 Price Target
28.06.2024
Bitcoin Mining Firm CleanSpark Acquires GRIID in $155M Stock Deal
28.06.2024
Elastos Partners With BEVM to Launch Bitcoin P2P Loans, Targeting $1.3T in Dormant Value
28.06.2024
Coinbase Files Lawsuits Against SEC, FDIC Over FOIA Request
27.06.2024
UK Watchdog Boosts Crypto Division to 100 Staff Members
27.06.2024
Hong Kong Government Explores DeFi and Metaverse to Boost Fintech Dominance
27.06.2024
Spot Ether ETFs May Receive US Approval by July 4: Report
27.06.2024
Bitcoin ETFs See Inflows for Second Consecutive Day as BTC Holds Steady at $60K
27.06.2024