Researcher Finds Critical TRON Bug That Could've Crashed Its Blockchain

A researcher has recently found a critical bug that could’ve crashed TRON’s $1.6 billion blockchain with just one computer, if bad actors consumed its CPU power with Distributed Denial of Service (DDoS) attacks.

According to a HackerOne disclosure report, a potential DDoS attack on the TRON blockchain could’ve consumed all of its resources. Potential attacks could, for example, see bad actors call for smart contracts to be deployed, loaded with malicious code.

The report reads:

Using a single machine, an attacker could send DDOS attack to all or 51 percent of the [Super Representative] nodes and render TRON network unusable, or make it unavailable.

As first reported by The Next Web, a flaw in TRON’s wallet allowed all of the network’s memory to be consumed by one single computer. The bug was first discovered on January 14, and the researcher who found it was rewarded with $1,500 on February 1.

A second bounty worth $3,100 was paid out, although the TRON Foundation hasn’t disclosed any further details on the flaw, according to TNW. HackerOne bounties have, over time, become an industry norm, with the TRON Foundation itself already having paid out $78,800 in bounties to researchers for 15 separate reports.

The highest single bounty TRON paid out was of $10,000. As CryptoGlobe covered, however, Coinbase has paid a hacker $30,000 for a critical vulnerability earlier this year, although details on the vulnerability weren’t disclosed.

Cryptocurrency-related bug bounties are a lucrative business. Data has shown that blockchain companies have received “at least” 3,000 vulnerability reports last year, and paid out nearly $900,000 to security researchers for these.

As of March of this year, 43 different vulnerability reports had been filed to blockchain-related firms. Some of these found vulnerabilities were in some of the largest cryptocurrency networks in the world, including Brave, EOS, and Monero.

Ampleforth Seeks to Become the Perfect Digital Asset for Portfolio Managers

A new token is seeking to change up the existing paradigm in the cryptoasset market.

Billing itself as “smart commodity money” - a token that has the benefits of commodity-monies like gold and silver, but can respond efficiently to changes in demand - Ampleforth is keen to emphasize that its token represents a new kind of asset in the space.

The Evolution of Money 

Money has been reinvented many times over: for many centuries mankind did without it, instead simply assigning value to particular goods in exchange for other goods. Then gold and silver formed the basis of money, whether coins were made directly out of these precious materials or "stamped" as a standard into baser metals.

Indeed, gold as a standard for global money transfer lasted for many centuries: the official gold standard was dropped by Britain and the US in the early 1930s and by 1971 the system was abandoned completely to be replaced fully by what we now call the fiat money system where global currencies (to a large degree) freely float against each other on foreign exchange markets.

The Crypto-Evangelists

Niall Ferguson is an expert in this field and, as an Oxford and Harvard lecturer, has written and spoken about money and capital many times. He may be a little late to the crypto party but is none-the-less evangelical about it: in a Bank of England seminar last year he called cryptocurrencies "the financial system of the future".

Ferguson has now thrown his weight behind the Ampleforth Project, which - on June 13 - raised $4.9 million in 11 seconds in its initial exchange offering (IEO) of its "Ample" (AMPL) tokens.

The digital asset explains in its white paper that it’s a "synthetic commodity" that aims to become truly uncorrelated from both traditional assets, stocks and currencies as well as from Bitcoin, other cryptoassets and other synthetic commodities. The problem with existing synthetic commodities, the paper explains, is that they have so far failed to do both. 

Ampleforth Explained

While Ampleforth seeks the price target of $1 for the Ample, instead of pegging directly to the dollar - like Tether - or to a basket of fiat currencies - as Facebook's Libra intends - the Ample will allow the quantity of assets a user holds to fluctuate, in addition to price, as it seeks a price supply equilibrium.

The system's protocol will actively seek this equilibrium by either proportionally increasing the quantity of tokens every user holds when prices climb, or proportionally decreasing the quantity of tokens every user holds when prices fall.

This is called money supply and has been one of the tools used by central banks to control inflation for many years. But Ferguson's criticism of this - in his book The Ascent of Money - is that it reflects human sentiment too much:

Money amplifies our tendency to overreact, to swing from exuberance when things are going well to deep depression when they go wrong. Booms and busts are products, at root, of our emotional volatility.

Ampleforth seeks to overcome these problems algorithmically by applying countercyclical pressures that dampen volatility, encouraging markets to self-correct. Supply updates will be freely visible in the market ahead of any changes, allowing the market to anticipate these changes and respond accordingly.

Ferguson explains his enthusiasm for the project:

The ingenious thing about Amples is that this they are not stablecoins, pegged in some way to existing fiat money. They are a special kind of digital asset, the quantity of which varies in response to the behavior of investors and traders.

Crypto Rivals

Ampleforth is unlikely to challenge Bitcoin any time soon as the number one crypto investment, but offers a compelling three-stage plan for the use of Amples. 

In the near-term, the token’s lack of correlation to both traditional assets and Bitcoin, will make it a useful portfolio diversifier. 

In the more medium-term, Amples may be used as reserve collateral in decentralized banks, such as Maker DAO.

Ultimately, the long-term goal however, is that Amples will serve as an independent alternative to central bank money. The team describes it as a “macroeconomically friendly” Bitcoin that averts the deflationary problems associated with fixed supply commodities when used as reserve collateral by banks.

Ampleforth Moves Forward

Such was the success of its first token sale on Bitfinex, that Ampleforth is conducting a second round of funding on the same exchange on Thursday.

The company aims to raise close to $7 million in this IEO, with a maximum contribution per investor of $7,060 and a minimum of $28, with each Ample token worth $0.98.