{"id":94393,"date":"2023-02-13T17:57:55","date_gmt":"2023-02-13T17:57:55","guid":{"rendered":"https:\/\/dripp.zone\/news\/index.php\/2023\/02\/13\/jump-crypto-finds-infinite-token-vulnerability-on-binance-bnb-chain-crypto-news\/"},"modified":"2023-02-13T17:57:59","modified_gmt":"2023-02-13T17:57:59","slug":"jump-crypto-finds-infinite-token-vulnerability-on-binance-bnb-chain-crypto-news","status":"publish","type":"post","link":"https:\/\/dripp.zone\/news\/jump-crypto-finds-infinite-token-vulnerability-on-binance-bnb-chain-crypto-news\/","title":{"rendered":"Jump Crypto finds infinite token vulnerability on Binance BNB Chain\n &#8211; Crypto News"},"content":{"rendered":"<p><\/p>\n<div>\n<p>Web3 infrastructure firm Jump Crypto has alerted <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.blockchaintechnology-news.com\/tag\/binance\/\">Binance<\/a> to a vulnerability in the BNB Beacon Chain that would have allowed for an infinite mint of tokens.<\/p>\n<p>The issue was reported privately to the BNB team on February 8 and patched within 24 hours, according to a <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/jumpcrypto.com\/helping-secure-bnb-chain-through-responsible-disclosure\/\">blog posts<\/a> from 10 February.  The post said that, if exploited, the vulnerability could have led to a &#8220;large loss of funds&#8221;.<\/p>\n<p>The vulnerability would have allowed for an attacker to make a malicious transfer, resulting in designated addresses receiving a far greater sum of BNB tokens than were initially sent.<\/p>\n<p>Jump Crypto explained: \u201cBugs that allow infinite minting of native assets are some of the most critical vulnerabilities in web3.  As such, this finding is proof that we all must stay vigilant and collaborate to elevate security assurances across all projects.\u201d<\/p>\n<p>According to the report, the BNB Chain is made up of two blockchains: the Ethereum Virtual Machine-compatible Smart Chain, based on an Ethereum fork, and the Beacon Chain, built with Tendermint and Cosmos SDK.<\/p>\n<p>However, the Beacon Chain uses a BNB fork with a number of changes specific to Binance.  Jump Crypto said: &#8220;It deviates from the Cosmos SDK upstream in several ways, motivating us to take extra care in reviewing the differences.&#8221;<\/p>\n<p>Jump Crypto recently initiated an industry-wide research drive aimed at unearthing and correcting web3 vulnerabilities across projects through coordinated cooperation.<\/p>\n<p>The BNB team patched the issue using overflow-resistant arithmetic methods for the SDK coin type.  The fix could result in a golang panic and a transaction failure if the coin calculation overflows.<\/p>\n<p>Binance CEO, Changpeng &#8216;CZ&#8217; Zhao, thanked the Jump Crypto team publicly on Twitter following their report of the bug.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-twitter wp-block-embed-twitter\"\/>\n<p>BNB Chain is the native blockchain behind the world&#8217;s most popular crypto exchange, Binance.<\/p>\n<figure class=\"wp-block-image\"><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.blockchain-expo.com\/\"><noscript><img loading=\"lazy\" decoding=\"async\" width=\"728\" height=\"90\" src=\"https:\/\/blockchaintechnology-news.com\/wp-content\/uploads\/sites\/10\/2022\/04\/blockchain-expo-world-728-x-90-01.png\" alt=\"Blockchain Expo World Series\" class=\"wp-image-12467 lazyload\" srcset=\"https:\/\/www.blockchaintechnology-news.com\/wp-content\/uploads\/sites\/10\/2022\/04\/blockchain-expo-world-728-x-90-01.png 728w, https:\/\/www.blockchaintechnology-news.com\/wp-content\/uploads\/sites\/10\/2022\/04\/blockchain-expo-world-728-x-90-01-300x37.png 300w, https:\/\/www.blockchaintechnology-news.com\/wp-content\/uploads\/sites\/10\/2022\/04\/blockchain-expo-world-728-x-90-01-380x47.png 380w, https:\/\/www.blockchaintechnology-news.com\/wp-content\/uploads\/sites\/10\/2022\/04\/blockchain-expo-world-728-x-90-01-350x43.png 350w, https:\/\/www.blockchaintechnology-news.com\/wp-content\/uploads\/sites\/10\/2022\/04\/blockchain-expo-world-728-x-90-01-100x12.png 100w, https:\/\/www.blockchaintechnology-news.com\/wp-content\/uploads\/sites\/10\/2022\/04\/blockchain-expo-world-728-x-90-01-60x7.png 60w\" sizes=\"auto, (max-width: 728px) 100vw, 728px\"\/><\/noscript><\/a><\/figure>\n<p><strong>Want to learn more about blockchain from industry leaders?  check out <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/blockchain-expo.com\/\">Blockchain Expo<\/a> taking place in Amsterdam, California and London.<\/strong><\/p>\n<p><strong>Explore other upcoming enterprise technology events and webinars powered by TechForge <\/strong><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/techforge.pub\/upcoming-events\/\"><strong>here<\/strong><\/a><strong>,<\/strong><\/p>\n<p class=\"tags\"><span class=\"tags-title\">Tags:<\/span> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.blockchaintechnology-news.com\/tag\/binance\/\">Binance<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.blockchaintechnology-news.com\/tag\/bnb-chain\/\">BNB Chain<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.blockchaintechnology-news.com\/tag\/jump-crypto\/\">JumpCrypto<\/a>, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.blockchaintechnology-news.com\/tag\/security\/\">security<\/a><\/p>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Web3 infrastructure firm Jump Crypto has alerted Binance to a vulnerability in the BNB Beacon Chain that would have allowed for an infinite mint of tokens. The issue was reported privately to the BNB team on February 8 and patched within 24 hours, according to a blog posts from 10 February. The post said that, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":94394,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8],"tags":[188,183,185,186,187,184,189,150,182,190],"class_list":["post-94393","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology","tag-blockchain-tech","tag-blockchain-technology","tag-crypto-technology","tag-cryptocurrency-technology","tag-metaverse-technology","tag-nft-technology","tag-soul-bound-token","tag-tech","tag-technology","tag-token-technology"],"_links":{"self":[{"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/posts\/94393","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/comments?post=94393"}],"version-history":[{"count":1,"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/posts\/94393\/revisions"}],"predecessor-version":[{"id":94395,"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/posts\/94393\/revisions\/94395"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/media\/94394"}],"wp:attachment":[{"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/media?parent=94393"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/categories?post=94393"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dripp.zone\/news\/wp-json\/wp\/v2\/tags?post=94393"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}