Beam Mimblewimble Wallet Vulnerability Found & Fixed, Days After Mainnet Release

Developers of the Beam Wallet have discovered and fixed a critical vulnerability in their software. The announcements of the discovery and the fix came simultaneously, on Twitter and on the startup’s official blog.

The Beam team posted detailed instructions for users to follow in order to update their wallets, and said that the vulnerability affects all previously released versions of the wallet.

They note, critically, that they themselves discovered the vulnerability, and that:

So far, we are not aware of Beam’s users being affected by this vulnerability. We are working with various providers in the ecosystem to upgrade their systems.

Beam Mimblewimble

Beam (the company) is a payment solution provider most prominently serving the United Arab Emirates. The wallet software is notable for its implementation of Mimblewimble, a privacy protocol that can greatly enhance privacy without using a lot of memory for transactions.

Mimblewimble transactions, unlike with public blockchains, are not (necessarily) visible in a blockchain explorer. The protocol makes use of both “blinding factors” and CoinJoin, to bundle many transactions together and encrypt their contents to all but the senders and receivers of transactions. One of Beam’s objectives is to create the option for publically visible transactions.

Beam released its Mimblewimble mainnet only on January 3, stating at the time (correctly, it seems) that because “Beam is of innovative nature, this Version, even though developed in accordance to state of the art, is likely to: (i) contain bugs, defects, or errors.”

But the software is indeed state of the art, and is the first released implementation of the Mimblewimble idea and protocol. A competing Mimblewimble blockchain, called Grin, is set to launch its own mainnet in a few days. Grin even got a mention in a recent article in The Guardian on the subject of Bitcoin’s tenth birthday.

Monero’s Hashrate Jumps 186% After Network Upgrade

Michael LaVere
  • Monero's hash rate skyrocketed following the implementation of the ASIC-resistant RandomX update.
  • XMR's price has stagnated amidst exchanges de-listing the anonymity-focused coin. 

Privacy-centric cryptocurrency Monero (XMR) has seen its hashrate rise exponentially following the RandomX update despite a lackluster movement in price. 

On November 30th, Monero’s community executed the implementation of its new proof-of-work algorithm RandomX. The update uses random code execution with memory-based techniques to slow down the efficacy of mining operations and make the coin resistant to ASICs. Following the update, the XMR network’s hash rate skyrocketed. 

According to data compiled by Bitinfocharts, Monero’s hashrate rose from 309 MH/s on Nov. 29, the day before the update, to 950 MH/s as of Dec. 7. Since then the network's hashrate dropped to 826 MH/s, which means the jump was still of over 180%.

XMR hasharate since JanuarySource: BitInfoCharts While Monero’s hashrate shows that miners are contributing to the network, the coin’s price has failed to reflect a similar appreciation. XMR’s price fell from ~$55 on the day of the update to its current value of $53.70. 

Despite the increase in hashrate, Monero’s RandomX update also had the effect of punishing professional crypto miners who utilize ASIC rigs on the work. The end result is a boost in recreational miners contributing to XMR’s network with traditional CPU in a bid to maintain the network's decentralization and stop large organizations of having too much control over the hashrate.

Monero, which is based upon user privacy and anonymous transactions, operates that ASIC mining contributes to centralization. However, the coin has also had to contend with a number of exchange de-listings as crypto trading platforms accommodate the Financial Action Task Force’s (FATF) controversial “Travel Rule.”

Featured Image Credit: Photo via Pixabay.com