Why Nostr? What is Njump?
2024-03-20 14:00:41
in reply to

0xB10C on Nostr: tl;dr: ViaBTC didn't check the header merkle root in their P2P client. Sending a ...

tl;dr: ViaBTC didn't check the header merkle root in their P2P client. Sending a block message with an old header and a modified coinbase transaction caused them to SPV mine on the old header for 30s at a time. I responsibly disclosed this to ViaBTC, and they awarded 2000 USDT.
Author Public Key
npub1kyxqqqq8n2pu7f5pthr48zqcmr2k52vrud6wxzjpg0jsqcyhs3tshfc6vv