News
Wabisabi Deanonymization Vulnerability "Disclosed"
GingerWallet, the fork of WasabiWallet maintained by former zkSNACKs employees after the shut down of the Wasabi coinjoin coordinator, has received a vulnerability report from developer drkgry. This vulnerability would allow the total deanonymization of users inputs and outputs in a coinjoin round, giving a malicious coordinator the ability to completely undo any privacy gains from coinjoining by performing an active attack.
Wasabi 2.0 was a complete re-design of how Wasabi coordinated coinjoins, moving from the Zerolink framework utilizing fixed denomination mix amounts, to the Wabisabi protocol allowing dynamic multi-denomination amounts. This process involved switching from homogenous blinded tokens to register outputs to claim your coins back, to a dynamic credentials system called Keyed Verification Anonymous Credentials (KVACs). This would allow users to register blinded amounts that prevented theft of other users’ coins without revealing to the server plain-text amounts that could be correlated and prevent linking ownership of separate inputs.
When users begin participating in a round, they poll the coordinator server for information regarding the round. This returns a value in the RoundCreated parameters, called maxAmountCredentialValue. This is the highest value credential the server will issue. Each credential issuance is identifiable based on the value set here.
To save bandwidth, multiple proposed methods for clients to cross-verify this information were never implemented. This allows a malicious coordinator to give each user when they begin registering their inputs a unique maxAmountCredentialValue. In subsequent messages to the coordinator, including output registration, the coordinator could identify which user it was communicating with based on this value.
By “tagging” each user with a unique identifier in this way, a malicious coordinator can see which outputs are owned by which users, negating all privacy benefits they could have gained from coinjoining.
To my knowledge drkgry discovered this independently and disclosed it in good faith, but the members of the team who were present at zkSNACKs during the design phase of Wabisabi were absolutely aware of this issue.
“The second purpose of the round hash is to protect the clients from tagging attacks by the server, the credential issuer parameters must be identical for all credentials and other round metadata should be the same for all clients (e.g. to ensure that the server isn’t trying to influence clients to create some detectable bias in registrations).”
It was brought up in 2021 by Yuval Kogman, also known as nothingmuch, in 2021. Yuval was the developer to design what would become the Wabisabi protocol, and one of the designers in actually specifying the full protocol with István András Seres.
One final note is the tagging vulnerability is not actually addressed without this suggestion from Yuval as well as full ownership proofs bound to actual UTXOs as proposed in his original pull request discussing tagging attacks. All of the data being sent to clients isn’t bound to a specific round ID, so a malicious coordinator is still capable of pulling a similar attack by giving users unique round IDs and simply copying the necessary data and re-assigning each unique round ID per-user before sending any messages.
This is not the only outstanding vulnerability present in the current implementation of Wasabi 2.0 created by the rest of the team cutting corners during the implementation phase.
Source link
Altcoins
MELANIA Insider Hayden Davis Selling Millions of Dollars Worth of Memecoin Amid 95% Drop: On-Chain Data
A memecoin creator notorious for being involved with several controversial projects is continuing to dump his coins even after a 95% drop.
New data from the blockchain tracking firm Bubblemaps is shedding light on on-chain activity of Hayden Davis, who admitted to having a role in both Libra (LIBRA), a memecoin originally backed by Argentinian President Javier Milei before he quickly disavowed it, and Melania Meme (MELANIA), a coin inspired by Melania Trump.
MELANIA began a steep descent the very day it was launched in January and is now down 95.3%.
Says Bubblemaps,
“Hayden Davis is STILL selling MELANIA
He recently sent $1 million to exchanges and extracted over $2 million from the liquidity pools…
For weeks, his MELANIA wallets were inactive – until now…
In total, Hayden sent $1,065,153 worth of MELANIA to centralized exchanges and extracted $2,050,666 from the liquidity pool over the last 14 days.
And many wallets haven’t sold yet.
Why act now?
Hayden may have seen the recent drop in attention as a window to quietly move funds while fewer people were watching
We’ll keep monitoring for further activity.”
At time of writing, MELANIA is trading for $0.615.
Argentinian authorities are reportedly attempting to have Davis arrested by Interpol for his role in LIBRA.
Says prosecutor Gregorio Dalbón,
“I’m here to request the immediate detention of Hayden Mark Davis, a citizen of the United States, who is accused of being one of the principal actors behind the launch of the cryptocurrency LIBRA…
The possibility that Davis will abandon his country of residence or hide to avoid answering for his alleged acts appears to be aggravated by the economic resources he possesses, which he can use to move or remain in hiding, hindering our investigation.”
President Milei quickly disavowed LIBRA, claiming that he was tricked into supporting its launch.
Said Milei in Spanish,
“I was not aware of the details of the project and after having become aware of it I decided not to continue spreading the word (that is why I deleted the tweet).
To the filthy rats of the political caste who want to take advantage of this situation to do harm, I want to say that every day they confirm how vile politicians are, and they increase our conviction to kick them in the a**.”
Follow us on X, Facebook and Telegram
Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Surf The Daily Hodl Mix
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: DALLE3
Source link
Crypto capital requirements
EU Regulator Pushes for New Capital Rules for European Insurers Holding Crypto Assets
The European Insurance and Occupational Pensions Authority (EIOPA), which oversees the insurance and occupational pensions sectors in the EU, recommends imposing stricter capital requirements for insurers with crypto holdings.
In a statement, the regulator says it advised the European Commission to introduce a 100% capital requirement for digital assets held by insurance companies.
The proposed rule will apply regardless of how insurance firms label their crypto holdings in the balance sheet or whether they have direct or indirect exposure to digital assets
“The European Insurance and Occupational Pensions Authority published today its technical advice to the European Commission, recommending that a one-to-one capital requirement be applied consistently to all crypto holdings of EU (re)insurers.”
The regulator says capital requirements should capture the risks associated with crypto assets, including extreme price movements, market manipulation, lack of price transparency and low liquidity.
“EIOPA considers a 100% haircut in the standard formula prudent and appropriate for these assets in view of their inherent risks and high volatility.”
EIOPA says insurance companies operating in the region do not yet have significant exposure to crypto. The regulator’s technical advice report says that in the last quarter of 2023, EU insurers invested only €655 million ($708.68 million) in the nascent asset, which represents just 0.0068% of their €9.6 trillion ($10.39 trillion) in total assets.
“Overall, the investments of undertakings in crypto-assets are immaterial.”
According to the Financial Times, EU insurers currently allocate capital equal to 60% to 80% of the value of their crypto assets.
Follow us on X, Facebook and Telegram
Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Surf The Daily Hodl Mix
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: DALLE3
Source link
The head of research of market intelligence firm Fundstrat says that the odds of a V-shaped recovery for the stock market in April are overwhelmingly high.
In a new interview with CNBC Television, Tom Lee says that based on historical patterns, the stock market could mount a recovery in early April.
“The spike in the VIX (volatility index) or the collapse in investor sentiment or consumer confidence, that all happened around February 2018, so really that coincided with the first low that was made in 2018, and the market began to stage its recovery…
But as we start to think about the second half of this year, first of all, we’ve already had the collapse in sentiment. We’ve seen $850 billion of cash raised over the past year in money market balances, and then in the second half, we were looking for tax reform, which really propelled stocks in 2017.”
According to Lee, much of the panic in the stock market has already taken place this year, leading him to believe that stocks should start regaining their bullish momentum this week.
“So I think that the odds of a V-shaped recovery in stocks that come after April 2nd is just extremely high, because we’ve already sequenced a lot of the panic that people saw in 2018. I think it’s already taking place.”
A V-shaped rally is a technical pattern indicating an abrupt bullish reversal and a sharp surge in the market.
Earlier this month, both the stock and crypto markets took a hard hit after President Donald Trump announced tariffs and refused to rule out an upcoming economic recession.
Follow us on X, Facebook and Telegram
Don’t Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Surf The Daily Hodl Mix
 
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.
Generated Image: Midjourney
Source link
Dogecoin (DOGE) Bulls In Trouble—Can They Prevent a Drop Below $0.15?
California introduces ’Bitcoin rights’ in amended digital assets bill
MELANIA Insider Hayden Davis Selling Millions of Dollars Worth of Memecoin Amid 95% Drop: On-Chain Data
Toulouse starts to accept crypto for public transport
Bitcoin, Crypto Prices Slide as Trade Tensions, Inflation Risks Rattle Markets
Will BlackRock Investors Stay Bullish?
Bitcoin Could Appear on 25% of S&P 500 Balance Sheets by 2030, Analyst Says
Centralization and the dark side of asset tokenization — MEXC exec
Bitcoin Support Thins Below $78,000 As Cost Basis Clusters Shift Toward $95,000
Cryptocurrencies to watch this week: Solana, Cronos, DOT
EU Regulator Pushes for New Capital Rules for European Insurers Holding Crypto Assets
Japan Set To Classify Cryptocurrencies As Financial Products, Here’s All
This Week in Crypto Games: ‘Off the Grid’ Token, GameStop Goes Bitcoin, SEC Clears Immutable
Binance debuts centralized exchange to decentralized exchange trades
Why Is the Crypto Market Down Today? Bitcoin Drops to $82K as Traders Flee Risk Assets Amid Macro Worries
24/7 Cryptocurrency News5 months agoArthur Hayes, Murad’s Prediction For Meme Coins, AI & DeFi Coins For 2025
Bitcoin2 months agoExpert Sees Bitcoin Dipping To $50K While Bullish Signs Persist
24/7 Cryptocurrency News3 months agoAptos Leverages Chainlink To Enhance Scalability and Data Access
Bitcoin5 months agoBitcoin Could Rally to $80,000 on the Eve of US Elections
Altcoins2 months agoSonic Now ‘Golden Standard’ of Layer-2s After Scaling Transactions to 16,000+ per Second, Says Andre Cronje
Bitcoin5 months agoInstitutional Investors Go All In on Crypto as 57% Plan to Boost Allocations as Bull Run Heats Up, Sygnum Survey Reveals
Opinion5 months agoCrypto’s Big Trump Gamble Is Risky
Price analysis5 months agoRipple-SEC Case Ends, But These 3 Rivals Could Jump 500x
