The web3 infrastructure company Jump Crypto has discovered a vulnerability in the Binance BNB Beacon Chain, which would allow an unlimited amount of arbitrary tokens to be minted. The issue was reported privately to the BNB team, allowing a patch to be developed and applied within 24 hours.
In a February 10 blog post, Jump Crypto revealed a detailed report on the vulnerability found two days earlier, which could “have led to a large loss of funds.”
According to the report, The BNB Chain is made up of two blockchains – the EVM Smart Chain (BSC) compliant, which is based on a go-ethereum fork, and the Beacon Chain, built on top of Tendermint and Cosmos SDK.
However, The Beacon Chain uses a GitHub-hosted BNB fork with several BNB-specific changes. “It deviates from the Cosmos SDK in a number of ways, which has prompted us to be especially careful when reviewing the differences,” says Jump Crypto, which has recently launched an extensive research effort dedicated to discovering and patching vulnerabilities in all projects through coordinated disclosure.
The vulnerability would allow an attacker to mint a nearly unlimited number of BNB tokens via a malicious transfer, meaning that the destination accounts would receive a much larger number of BNB tokens than the initially provided sender. Jump Crypto took note:
“Bugs that allow infinite minting of native assets are some of the most critical vulnerabilities in web3. As such, this finding is proof that we all need to be vigilant and work together to raise security guarantees across all projects.”
The BNB team fixed the issue by switching to overflow-resistant arithmetic methods for the sdk.Coin type. The patch will cause a golang panic and transaction failure if the coin calculation overflows.
The BNB Chain is the native blockchain behind the Binance cryptocurrency exchange. The company’s CEO, Changpeng Zhao, thanked the Jump Crypto team for reporting the bug on Twitter:
Many thanks to @jump_ for reporting this bug. They got a great security team. Really appreciate it. https://t.co/bqidp5X3Y2
— CZ Binance (@cz_binance) February 10, 2023
Many thanks to @jump_ for reporting this bug. They have a great security team. I really appreciate it.
In October 2022, the BNB Chain was briefly suspended after a cross-chain exploit compromised nearly $80 million worth of cryptocurrency. The origin of the breach took place in the BSC Token Hub, which ended up causing the creation of “extra BNB”, according to an official post on Reddit.
Clarification: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information presented here should not be taken as financial advice or investment recommendation. All investment and commercial movement involve risks and it is the responsibility of each person to do their due research before making an investment decision.
Investments in crypto assets are not regulated. They may not be suitable for retail investors and the entire amount invested may be lost. The services or products offered are not directed or accessible to investors in Spain.