Zcash Bug Leaking Metadata Containing Full Nodes With Zaddrs

September 30, 2019 coinmaker

A recently discovered Zcash bug has got experts worried. Currently, all Zcash implementations and the majority of its forks are able to leak metadata which contains the full nodes with the protected addresses.

The Zcash bug was initially just a rumor but many people began to realize the gravity of the situation after the Komodo (KMD) core developer Duke Leto fully described the bug in his personal website.

As many people have already figured out, a Common Vulnerabilities and Exposures (CVE) code is already assigned to track the development of the bug.

Last week, Leto explained that the bug has in fact been there for quite a while:

“A nasty bug has existed for all the shielded addresses ever since the inception of Zcash and its protocol. It is currently present in all of Zcash’s source code forks. Basically, the bug allows to find the IP addresses of full nodes who own a shielded address. If person A gives person B their zaddr to be paid, it can potentially result in person B being able to discover person A’s IP address. This is something that is completely against the design of the Zcash protocol.”

The Zcash bug has probly affected many

The announcement also mentions that everyone who has provided their zaddr to a third party is most likely affected by the vulnerability. Leto mentions that users should carefully consider their geo-location and IP address information as its tied to their zaddr.

Leto mentions however, that users who actually never used a zadrr and only used the Tor Onion Roution Netowrk (TOR) or only send funds, are most likely not affected. He also mentioned that Zcash is by far not the only cryptocurrency suffering from this issue.

Leto revealed that Zcash is joined by Hush, Pirate Komodo smart chains with the zaddr enabled by their default settings, Horizen, Zero, VoteCoin, BitcoinZ, LitecoinZ, Zelcash, Verus, Arrow, Ycash, Bitcoin Private, Zclassic, Anon and quite a few more.

Leto has also pointed out that Komodo has already fully disabled the shielded addresses feature and transitioned it to the pirate chain. This means that KMD is now fully rid from the bug.

You can also check out:

• Investment in China: Bitmain’s Return Sparks Questions
• Full Shutdown for Kik: Legal Battle with the SEC over ICO
• Old-Style Extortionists Attempt to Destroy a Crypto Startup
• MasterBlock: A Unique Time-Piece With an Amazing Secret

The post Zcash Bug Leaking Metadata Containing Full Nodes With Zaddrs appeared first on CoinStaker | Bitcoin News.

Related posts

• 

  January 3, 2020 coinmaker

  Restoring Trust in Crypto and Government Institutions

  Governments and crypto institutions don’t get along most of the time. Due to the nature of...

  Crypto Analysis 

• 

  December 27, 2019 coinmaker

  Coinmine One: Mining Becoming a Part of Everyday Life

  Many startups have tried, but an everyman device hasn’t yet been available. Smart money is a...

  Crypto Analysis 

• 

  December 23, 2019 coinmaker

  Blockchain Games: Huge Potential for Drastic Changes

  The same way startups try out new tech, games often can be seen testing out new...

  Crypto Analysis