Slowmist, a private Chinese digital security company, has reported of detecting a double-spending vulnerability in the code of Tether (USDT).
In a lengthy Twitter post, the security firm stated it was able to send USDT to an undisclosed crypto exchange by entering false field values in the transaction. This means that crypto punters, trading with USDT (which is second in 24 hour trading volume, behind only bitcoin) may be credited with tokens without actually sending them, which is a definition of a double-spend vulnerability.
The tweet raised a huge amount of concern within the crypto community, which has already been going through a torrid time lately, with digital currency prices dropping below their yearly lows.
Nonetheless, founder of OmniLayer, a platform on which USDT was developed explained the malfunction, saying that, “It appears that what happened here is that an exchange wasn’t checking the valid flag on transactions. They accepted a transaction with valid=false (which they should not have), and then the second “double spend” transaction had valid=true, which they also accepted. Unless I am missing something, this is just poor exchange integration.“
One of the leading crypto exchanges globally, OKEx, has also chimed in on the matter, claiming it immediately contacted their business partner SlowMist after being informed on the issue. A series of tests were performed to further understand the problem and luckily, one of the biggest crypto exchanges is not affected by it, which is good news for everyone, involved with digital currencies.
It seems the vulnerability might actually prove to be a fault of the unnamed exchange, as no other platforms reported having trouble with USDT.
Tether has been a subject of numerous controversies lately. Earlier this week, the company issued an additional $250 million worth of USDT tokens. As USDT is a stablecoin and is supposedly backed by the US dollar on a 1:1 ratio, its price remains stable, while the rest of the virtual currencies continue to slide.
The stablecoin was also accused of being behind the bitcoin price manipulation in 2017 and the controversy only deepened in January when Tether fired Friedman LLP, a law firm that was hired to perform on official audit on the company’s holdings and confirm whether USDT is really entirely backed by USD.
Nonetheless, some clarity has finally been provided, as another US-based law firm Freeh Sporkin and Sullivan LLP confirmed that Tether‘s USD reserves and USDT tokens in circulation are equal. Even though it was not an official audit, it cleared at least some of the controversy. Amidst the recent crypto market slump, Tether benefited from its stable price and has climbed to the 9th spot on the biggest cryptocurrencies rankings, overtaking IOTA and TRON following the influx of new USDT tokens.
Image Source: “Flickr”