Ethical Hacking and the Case for Decentralized Exchanges: A Discussion with Oleksii Matiiasevych

admin

Ethical Hacking and the Case for Decentralized Exchanges: A Discussion with Oleksii Matiiasevych Date: in: Bitcoin 0 Views There’s no shortage of surprise in the world of crypto: Massive price swings, big corporate sponsorships, layer two protocols , and, of course, hacks . Since Bitcoin ’s inception, the space has been plagued by technical bugs,…

Ethical Hacking and the Case for Decentralized Exchanges: A Discussion with Oleksii Matiiasevych Date: in: Bitcoin 0 Views
There’s no shortage of surprise in the world of crypto: Massive price swings, big corporate sponsorships, layer two protocols , and, of course, hacks . Since Bitcoin ’s inception, the space has been plagued by technical bugs, user inexperience, as well as malicious agents hoping to leverage a still burgeoning technology in their favor.
To get a better idea of who’s working against these individuals, BTCManager spoke with Ethereum architect Oleksii Matiiasevych from Ambisafe about ethical hacking, his history in patching vulnerabilities, and the case for decentralized exchanges. Sponsored Links Vulnerabilities in 8 Top-rated Cryptocurrency Exchanges
On March 22, 2018, a massive vulnerability was unveiled on the top 50 cryptocurrency exchanges. As it involved the Ethereum blockchain, Oleksii Matiiasevych and the Ambisafe team were a few of the first to react.
It began as a simple procedure to determine whether exchanges had adequately integrated the blockchain’s specifications. In this particular case, users interested in withdrawing ether would be pulling from a centralized exchange’s wallet. As such, the withdrawal wouldn’t necessarily be pulled from the first deposit, simply from the available stockpile.

Very little concern was placed on FIFO procedures, and from this lead, Matiiasevych determined that interested parties could fraudulently increase their account balances before proceeding to withdraw hefty sums of ill-gotten ether. With a background in software testing, Matiiasevych ran a handful of simulations to test his hypothesis.
“At first, I detected one possible way for accounts to be compromised. We notified all the exchanges where this vulnerability was found and, just in case, sent a report to around 200 other exchanges that might have potentially been affected by the same bug,” recounts Matiiasevych.

The responses from various exchanges were mixed. Matiiasevych explained to BTCManager that “A few exchanges reacted quickly and made the changes. Some didn’t believe us or said they just discovered the same bug on their own and others simply didn’t respond.”
Immediately, Coinbase made public their vulnerability on HackerOne, a security platform that connects associations with individuals like Matiiasevych to resolve system weaknesses. The White Hat Group’s Charitable History
All members of the White Hat Group (WHG) were also notified of which included Griff Green, founder of Giveth, a platform that is bringing the Ethereum platform to charitable causes.
This swift action wasn’t the first that the group performed either; in July 2017 the group was also responsible for alerting, correcting, and ultimately helping to patch the Parity wallet hack.

While malicious agents subsequently walked off with $32 million in spoils, the damage could’ve been much worse minus Matiiasevych and Green’s quick response.
The event generated such heat that claims for another hard fork paraded the Ethereum community leading Vitalik Buterin to comment on the matter. Does anyone else notice how literally the only people calling for a hard fork or chain rollback right now are concern trolls? https://t.co/b1jL1UFX8a
— Vitalik “Not giving away ETH” Buterin (@VitalikButerin) July 19, 2017 I demand my ETH back. @VitalikButerin chain rollback is imminent.

We must hard fork now!
— Joshua Unseth (@junseth) July 19, 2017 Decentralized Exchanges and Smashing the Honeypot
The Parity vulnerability was, of course, nothing more than a hiccup in the timeline of an emerging technology. Centralized exchanges, however, provide a much different solution: Instead of sitting on their fingers, investors, day traders, and amateur speculators have decentralized exchanges at their disposal. While this advent has only recently gained traction, it’s for good reason. Refer quickly to the Mt.

Gox, Coincheck, and, most recently, the Coinsecure hack.
Each of these historic moments in the rise of cryptocurrencies could have been reduced to a blip on a security report if users were leveraging the same peer-to-peer technology underpinning the very asset itself.
Although Matiiasevych and Co. managed to deflect this most recent hack attempt, he agrees that this attack vector “was only possible via centralized exchanges” and that exchange operators “just want to get a coin listed rather than worry about how the technology works.

” This latter point refers to the poor integration of Ethereum’s blockchain by the exchanges mentioned above.
Understanding decentralized exchanges like Ambisafe’s Orderbook, 0x, Airswap, WAVES, Cryptobridge, Radar Relay, and Bisq means understanding Nick Szabo’s phrase, “Trusted third parties are securities holes.” Category: Ethereum, Interviews, News, Tech Tags: blockchain, cryptocurrency, cybersecurity, Decentralized Exchanges, Ethereum, ethereum news, fintech, Interview, technology.

Leave a Reply

Next Post

Cryptocurrency Startup Circle Raised $110M For Ethereum Coin Backed By U.S. Dollars

Cryptocurrency startup Circle Internet Financial has raised $110 million in venture capital to build out what its founders hope will finally be the internet of value. Led by Beijing-based Bitcoin hardware provider Bitmain, the round of investment is the largest venture capital round ever raised by a cryptocurrency or blockchain company, eclipsing banking consortium R3,…

Subscribe US Now