Blockchain security firm Asymmetric Research discovered a critical vulnerability in Circle's Noble-CCTP and has privately notified Circle. The vulnerability has been promptly fixed and no user loss in capital or malicious attacks have occurred.
The vulnerability exists on the Noble-CCTP component of the USDC cross-chain transfer protocol. The security firm discovered that malicious actors could potentially counterfeit USDC tokens on the Noble Bridge by bypassing the message sender verification process. This vulnerability allows any sender to send "BurnMessages" to an unverified address, thereby forging USDC.
Although the vulnerability initially appears to be an infinite casting flaw, the actual impact is limited due to Noble's casting limitations. As of now, Circle has fixed the issue and secured the system.
Earlier this year, a similar vulnerability was discovered in the Wormhole bridge on the Aptos network, demonstrating the need for higher security standards for cross-chain bridging protocols. The rapid response from Circle and Asymmetric Research shows that protecting against potential vulnerabilities and attacks is critical to protecting user assets.
Circle fixes Noble-CCTP critical vulnerability without loss in capital
2024-08-27 22:29:58
Blockchain chain security company asymmetric research circle noble cctpdesk3cryptocurrencydesktopCrypto News
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
Circle修复Noble-CCTP关键漏洞,未造成资金损失Next article:
今年下半年比特币净实现利润/亏损趋于稳定
