Back to top
  • 공유 Share
  • 인쇄 Print
  • 글자크기 Font size
URL copied.

Security Firm Warns Against Fake Deposit Of RBF On Filecoin

작성자 기본 이미지
Coinness reporter

Fri, 19 Mar 2021, 04:20 am UTC

According to the blockchain security firm SlowMist, Filecoin came under attack because of suspected "double spending." A multitude of crypto exchanges now shut down the deposit service for FIL.

After the analysis by SlowMist security team, the attack was caused by the phony deposit of RBF on Filecoin, instead of "double spending." The hacker sent a transaction with a low gas-feecap in advance, and then replaced the original transaction (RBF transaction) by increasing the gas-premium and gas-feecap. At the moment, the RBF transaction was first packaged on the chain, and the old transaction was discarded. However, when querying the execution status of the old transaction (using the lotus state exec-trace command or obtaining it through the REST interface Filecoin.StateGetReceipt), the execution status of the RBF transaction was returned, which made the exchange record the two transactions repeatedly.

The SlowMist security team reminds exchanges and wallets that when depositing and recording transactions, they need to compare the cid in the query return result with the queried cid, and use the ChainGetParentMessages and ChainGetParentReceipts interfaces to perform query comparisons to avoid repeated recording.

Different from the fake deposit attack found by SlowMist before, this attack method is more covert. It is caused by the characteristics of the Filecoin node. Exchanges and wallet should check the deposit procedure again.

Coinness

<Copyright ⓒ TokenPost, unauthorized reproduction and redistribution prohibited>

Most Popular

Comment 2

0/1000

alert("SQLSTATE[42S02]: Base table or view not found: 1146 Table \'tokenpostcom.ExperienceClient\' doesn\'t exist");