Beam Mimblewimble Wallet Vulnerability Found & Fixed, Days After Mainnet Release

Developers of the Beam Wallet have discovered and fixed a critical vulnerability in their software. The announcements of the discovery and the fix came simultaneously, on Twitter and on the startup’s official blog.

The Beam team posted detailed instructions for users to follow in order to update their wallets, and said that the vulnerability affects all previously released versions of the wallet.

They note, critically, that they themselves discovered the vulnerability, and that:

So far, we are not aware of Beam’s users being affected by this vulnerability. We are working with various providers in the ecosystem to upgrade their systems.

Beam Mimblewimble

Beam (the company) is a payment solution provider most prominently serving the United Arab Emirates. The wallet software is notable for its implementation of Mimblewimble, a privacy protocol that can greatly enhance privacy without using a lot of memory for transactions.

Mimblewimble transactions, unlike with public blockchains, are not (necessarily) visible in a blockchain explorer. The protocol makes use of both “blinding factors” and CoinJoin, to bundle many transactions together and encrypt their contents to all but the senders and receivers of transactions. One of Beam’s objectives is to create the option for publically visible transactions.

Beam released its Mimblewimble mainnet only on January 3, stating at the time (correctly, it seems) that because “Beam is of innovative nature, this Version, even though developed in accordance to state of the art, is likely to: (i) contain bugs, defects, or errors.”

But the software is indeed state of the art, and is the first released implementation of the Mimblewimble idea and protocol. A competing Mimblewimble blockchain, called Grin, is set to launch its own mainnet in a few days. Grin even got a mention in a recent article in The Guardian on the subject of Bitcoin’s tenth birthday.

Ripple CEO: 'You Don’t Want to Use BTC at Starbucks'

On Thursday (January 23), Brad Garlinghouse, the CEO of Ripple, told the Wallet Street Journal (WSJ) that Bitcoin is not a good means of payment because BTC transactions take too long.

The Ripple CEO's comments were made during his talk with Phillipa Leighton-Jones (Editorial Director for Innovation) at a Ripple-sponsored event (organized by the WSJ) called "Ripple Panel: Changing the Finance Industry From Within" held alongside this year's World Economic Forum Meeting in Davos, Switzerland.

Although we don't yet have a full transcript of this interview, we do know about two of the things he talked about thanks to tweets by Asheesh Birla, SVP of Product at Ripple, who was at this event.

First, it seems that although the Ripple CEO likes Bitcoin as a store of value, he does not see (at least, as of now) as a viable means of payment. The example he gave was paying for a cup of coffee at Starbucks. He believes that BTC transactions take so long to confirm that by the time you have finished paying for your coffee, "it'll be cold." 

Second, within the next 12 months, he sees several companies in the crypto space holding initial public offerings (IPOs) and he wants Ripple to be "on the leading side" since this is "a natural evolution" for Ripple, which raised $200 million via a Series C funding round (which valued the company at $10 billion) last month. 

On Wednesday (January 22), Ripple published the "Q4 2019 XRP Markets Report", which is a quarterly report that allows Ripple to "voluntarily provide transparency and regular updates on the company’s views on the state of the XRP market, including quarterly programmatic and institutional sales updates, relevant XRP-related announcements such as Xpring and RippleNet partnerships and commentary on previous quarter market developments." 

In Q4 2019, Ripple's total XRP sales were down just over 80% compared to the preceding quarter ($13.08 million vs. $66.24 million). Ripple "continued the pause of programmatic sales" (to crypto exchanges), and focused exclusively on over-the-counter (OTC) sales to "a few strategic partners, who are building XRP utility and liquidity in strategic regions including EMEA and Asia."

Featured Image Credit: Photo via Pixabay.com