Filecoin official rumor: Filecoin did not have a "double flower" attack
first level title
1 Review of Filecoin "Double Spending" Event
At first, on the evening of March 18, some users reported that they could still receive another FIL of the same amount after depositing FIL in some exchanges and then withdrawing cash after the "double spend" operation. Similar problems seem to have occurred in multiple exchanges, and some analysts believe that it is a problem with the Filecoin main network.
Subsequently, in the early hours of March 19, the developers of Filfox and FileStar discovered that there was a risk of "double spending" in the recharge of Filecoin. According to the joint analysis of the Filfox browser and FileStar developers: the exchange deposit process officially recommended by Filecoin has the risk of "double spending", and it is recommended that the exchange suspend the deposit of Filecoin. The risk of "double spending" has affected the deposit of an exchange and has been verified by "double spending". At present, the developers of Filfox and Filestar have assisted some exchanges to improve the recharge process and notified the official Filecoin.
Immediately afterwards, Protocol Labs said: After the Filecoin development team confirmed that Filecoin has no "double spending" problem, it may be that the front end of the Filfox browser has caused misleading, making some users think that there is a "double spending" in the process of recharging Filecoin on the exchange. "possible.
Despite this, Huobi suspended the deposit and withdrawal of FIL. Huobi officially announced that due to the upgrade of the FIL (Filecoin) wallet, Huobi Global has suspended the deposit and withdrawal of FIL.
Then, the developers of Filfox and FileStar responded to the protocol lab: After careful and detailed analysis, it can be confirmed that there is a serious problem with the recharge process recommended by the official website of Filecoin to the exchange, and special transactions can be constructed to deceive the recharge detection of the exchange, so as to realize the A transaction is "double spent". Through this method of constructing special transactions, an exchange has already had a false recharge of Filecoin worth about $5 million.
Confirmed by the Filfox developer, the front end of the FilFox browser shows that everything is normal, and even if there are any problems, it will not affect the deposit of the exchange. The deposit of the exchange is carried out according to the official Filecoin recommended process, and has nothing to do with the browser display .
first level title
secondary title
2.1 The impact of the Filecoin "double spend" event on FIL
Before the "double spend" incident, since all SAFT investors will be released linearly on April 15 (it is the release of early participation in crowdfunding and fund holdings, not a significant reduction in mining output), and the entire network The continuous growth of effective computing power, Grayscale’s new FIL fund products, and companies such as Ninth City and Xinyuan Technology have successively invested tens of millions of dollars to join the Filecoin industry. The price of FIL has reached a new high due to the superposition of multiple factors.
secondary title
2.2 Actions taken by Filecoin officials
With regard to the "double spend" incident on March 9, the current official actions taken by Filecoin are as follows:
impact of transactions.The exchange discovered this misuse of the API and took immediate action to stop deposits, withdrawals, and transfers. They have reinstated the incorrect transaction in question (so no funds were lost in this incident) and are in the process of correcting their use of the Lotus API to comply with recommended usage.
other exchanges.Other exchanges have been warned and are reviewing their code to make sure they have not been affected. A lot of vetting has been done - as far as we know, no other exchange has faulted this API in this way.
Team Lotus.The Lotus team is actively working on all transactions to ensure this behavior is handled correctly, and improving the API documentation to ensure everyone else is properly checking the state of the Filecoin blockchain.
Community and Media Team.Several organizations are working with the media to clarify details and facts of the alleged incident and help dispel misinformation.
community team.first level title
3 Math popular science: what is "double spending"
"Double spending" refers to double payment, which means that in the digital currency system, due to the reproducibility of data, the same digital asset may be reused due to improper operation in the system. To put it simply, it is to use the tokens of the first transaction to conduct transactions again, thereby generating false transactions.
Example: For example, if A has 100 yuan in his wallet, A can buy items of equivalent value. When A goes to the mall, he finds that the unit price of the table and the chair is 100 yuan, so A can only buy one of them. The "double spending" problem mentioned above is just the opposite. The same 100 yuan can be used to buy two commodities, a table and a chair, at the same time through some improper operation.
So how did the "double spending" problem happen? In the blockchain system, the "double spending" problem will appear in the following situations:
1) Due to the long block confirmation time due to the consensus mechanism, one transaction can be carried out with one digital currency, and the second transaction can be carried out before the transaction is confirmed and completed.
2) Realize "double spending" by controlling computing power. After the first transaction is verified and recorded in the blockchain, higher computing power in the network verifies a new, longer chain in which the money is spent a second time. Since the block chain spent for the second time is longer, the chain where the block of the first transaction is located is an invalid chain. In this way, the first transaction blockchain is abandoned by the blockchain network, and the money spent for the first time returns to its own account, which leads to the "double spending" problem.
There have been many "double spend" attacks in the history of the blockchain, but the most well-known "double spend" incident is Bitcoin Gold BTG. In 2018, Bitcoin Gold BTG was attacked by "double spending", and the attackers stole more than 388,200 BTG worth as much as $18.6 million.
As more and more people join the blockchain industry, while injecting new vitality into the industry, due to the weak knowledge and lack of security awareness of some practitioners, it also provides more opportunities for attackers. Shensuan Mining Pool believes that safety issues must be taken seriously! I also hope that more and more projects can guarantee the security of users' assets, so that blockchain and digital currency can have more applications.
The above is a review of the "double spending" incident of the Filecoin project on March 9, and an introduction to its impact and the "double spending" problem. I hope to be helpful
