Autor Cointelegraph By Brian Quarmby

Researchers find security flaw in Rarible: Users could have lost all their NFTs

Researchers find security flaw in Rarible: Users could have lost all their NFTs

Uverejnil používateľ | apr 14, 2022 |

The research arm of cyber security software firm Check Point said it identified a vulnerability in the Rarible NFT marketplace that could have seen many of its roughly two million active monthly users lose their NFTs in a single transaction. Check Point is a multinational IT security firm that was founded in Ramat Gan, Israel in 1993 and also claimed to have spotted issues relating to malicious airdrops on OpenSea back in October 2021. According to documents shared with Cointelegraph, Check Point Research (CPR) recently discovered that malicious actors could send users a dubious link to an NFT that executes JavaScript code after clicking that “attempts to send a setApprovalForAll request to the victim.”If the link is clicked, the user grants full access to their wallets on Rarible. CPR stated that it immediately notified Rarible on April 5, with the platform promptly acknowledging and fixing the security flaw: “If exploited, the vulnerability would have enabled a threat actor to steal a user’s NFTs and cryptocurrency wallets in a single transaction. A successful attack would have come from a malicious NFT within Rarible’s marketplace itself, where users are less suspicious and familiar with submitting transactions.” NFT TheftSpeaking with Cointelegraph, Oded Vanunu, Head of Products Vulnerabilities Research at Check Point Software said his team became interested in this type of scam after Taiwanese singer Jay Chou fell victim to a similar attack. Chou’s BoredApe #3738 NFT was swiped via a nefarious transaction at the start of this month. “Once we saw that this NFT was stolen, it gave us the incentive to investigate further.” Such a vulnerability could also be possible on many other platforms, Vanunu said. “Rarible acknowledged the security flaw quickly and fixed it by removing the SVG file upload option. This terminated the malicious NFT attack option,” Vanunu confirmed. Related: Trezor investigates potential data breach as users cite phishing attacksVanunu refused to estimate the potential value lost that the security flaw could have resulted in, as it could have been “triggered on any user on the platform.” Notably, a similar attack on just a single wallet belonging to DeFiance Capital founder Arthur0x last month, resulted in the loss of roughly 600 Ether ($1.86 million). CPR urged users to be diligent any time they approve any requests on NFT platforms and verify all of them via Etherscan’s request tracker in times of uncertainty.Cointelegraph has reached out to Rarible for comment on the matter, and will update the story if the company responds.

Čítaj viac
Ethereum Merge a 'few months after' June: Dev clears up what’s going on

Ethereum Merge a 'few months after' June: Dev clears up what’s going on

Uverejnil používateľ | apr 14, 2022 |

The long-awaited Ethereum Merge is set for yet another delay, with developers working on the upgrade estimating a completion time a “few months after” June. Owing to the success of testing, there was a general expectation the Merge would go through mid year, however the latest setback is unsurprising given that Proof of Stake has been delayed constantly ever since it was first proposed. That said, the signs are promising that the Ethereum mainnet will actually merge with the beacon chain to become a Proof-of-Stake (PoS) network this year. For real. Ethereum developer Tim Beiko provided the updated timeline via Twitter yesterday, tentatively stating that the core devs are into the final stretch: “It won’t be June, but likely in the few months after. No firm date yet, but we’re definitely in the final chapter of PoW on Ethereum.”After noting that his comments caused a stir amongst Ethereum proponents and haters alike, Beiko followed up today by observing “that it can be hard to parse the progress on The Merge when you aren’t deep in the process.” To provide further context, Beiko published a blog post with a deeper rundown. Didn’t expect my tweets from yesterday to cause such a reaction I appreciate that it can be hard to parse the progress on The Merge when you aren’t deep in the process. Tried to provide some context here: https://t.co/QTZ7CuapMf pic.twitter.com/MVXdPEj3NX— Tim Beiko | timbeiko.eth (@TimBeiko) April 13, 2022According to the developer, a specific date will not be set until “client teams are confident that the software implementations have been thoroughly tested and are bug-free.” Central to these latter stages are the trial runs of public test nets such as Kiln, and the roll out of shadow forks which enable devs to test various merge/PoS-related implementations on the network.Difficulty bomb tickingAnother important factor is the difficulty bomb (an automated increase in mining difficulty designed to make PoW mining less attractive), which Beiko says will start to be noticeable on Ethereum around May and make blocks “unbearably (read 15-20 seconds) slow by August.”“If client developers do not think they can deploy The Merge to mainnet before block times are slowed too much, it will need to be delayed again,” he said. Beiko put forward two ways in which the difficulty bomb could potentially be delayed to usher in the Merge upgrade beforehand, firstly combining a bomb delay with merge client releases to delay the “bomb at a certain block, restoring 13s block times, and then activate The Merge shortly after.” Secondly to separate the bomb delay via network upgrade “which only delays the difficulty bomb” prior to the merge. “The Merge, unlike previous Ethereum upgrades, will not be triggered by a block time. Instead, it will be triggered by a total difficulty value. Given these are harder to estimate than block times, the delay between choosing a time for The Merge and it going live on the network may be slightly shorter than prior Ethereum upgrades.”Related: Ethereum derivatives data shows pro traders are bearish, but for how long?Earlier this week Ethereum Foundation developer Parithosh Jayanthi suggested there is still a fair amount of trial and error to go, after he noted that the testing of three shadow forks resulted in “bugs varying from sync code to request timeouts being found.”We’ve done 3 shadow forks of Goerli with bugs varying from sync code to request timeouts being found. Watch the Ethereum R&D discord channels for more. Goerli-shadow-fork-3 is live for anyone to test with, rated at advanced difficulty to join.— parithosh | (@parithosh_j) April 10, 2022

Following the successful implementation of The Merge and transition to a PoS consensus mechanism, the final landmark on the road map for Ethereum (formerly known as Eth2) is the sharded chains upgrade slated to go live in early 2023. Until then however, the network will utilize Layer-2 networks like Polygon and Optimism to handle scalability and high transaction volumes.The price of Ether (ETH) has seen a significant uptick over the past 30 days, gaining 20.5% to sit at $3,126 at the time of writing.

Čítaj viac
‘Natural extension’: Sega's Super Game project looking to add NFTs

‘Natural extension’: Sega's Super Game project looking to add NFTs

Uverejnil používateľ | apr 13, 2022 |

Japanese gaming giant Sega is looking at integrating cloud technology and NFTs as part of its new “Super Game” project to connect different games to each other. The news has caused a predictable backlash from the crypto-skeptic section of the gaming community, with many people voicing their frustrations at the firm online this week. The Super Game initiative is set to roll out over the next five years and will reportedly see the development of a wide range of new cross-platform triple A grade games. The firm is said to be weighing up an investment of around $800 million into the project. The suggestion of potential NFT and cloud support was made during an interview on Sega Japan’s recruitment website. Gaming news outlet Video Games Chronicle provided a translation for English speakers earlier this week. During the interview, Sega producer Masayoshi Kikuchi noted that the gaming industry has a “history of expansion” into new forms of culture and technology such as social media in particular, with streaming and watching others play games via platforms like YouTube and Twitch becoming popular in recent years. Kikuchi went on to suggest that a move into cloud tech and NFTs would therefore be inevitable, noting that: “It is a natural extension for the future of gaming that it will expand to involve new areas such as cloud gaming and NFTs. We are also developing SuperGame from the perspective of how far different games can be connected to each other.”THE BETRAYAL. WHY SEGA? pic.twitter.com/HuabO5QaiG— JOLLY J✨ (@DynamoSuperX) April 10, 2022Some Sega fans vented their frustrations on Twitter, with user NotEdgyYet stating “Don’t you dare Sega you’re doing good right now, don’t screw up now.” While matthewhenzel noted “I’ve said this before and I stand by it.. NFT = NO FVCKING THANKS! Not for me.”The pushback seemed much tamer than other occasions in which big gaming firms announced NFT plans, possibly because these comments were from Sega Japan execs and not from the U.S. branch. Related: Japanese business giant Nomura to explore crypto and NFTs with new unitSega says ‘future of gaming’ includes NFTs and cloud streaming: https://t.co/4gTSOqoJoJ pic.twitter.com/JGmBTQJJX2— Kotaku (@Kotaku) April 10, 2022

Over on Reddit, members of the r/gaming community were also questioning the potential NFTs integrations, with “Radingod123” suggesting that gaming firm’s like the idea of NFTs due to the supposed pyramid scheme elements. However other users such as “Bouldurr” offered a different take on the subject, arguing that the idea to have cross game portable digital assets that can be owned and sold is a “cool one” that could work in the right circumstances: “NFTs are a technology. They aren’t inherently good or bad. The trepidation comes from the greedy micro transactions already in games. It’s understandable people don’t like the idea of ‘NFT’ games.”“But the idea has promise in certain situations. I’d love to be able to sell my hearthstone collection even if it was pennies on the dollar,” they added. In news that might frustrate anti-crypto gamers even further, iconic actor Jim Carey, who plays the role of Dr.Robotnik in the Sonic the Hedgehog movies, based on the Sega games, also unveiled plans to enter the NFT space. Apart from acting, Carey is also a respected artist and during an interview earlier with Access to promote Sonic the Hedgehog 2 earlier this month, the 60-year-old stated that he will soon be launching an NFT collection dubbed “Magic Hour” featuring digital art and spoken word pieces. Jim Carey releasing his Art as NFTs.I’m a big Jim Carey fan, let’s see how this goes down pic.twitter.com/qvA3CPW5zJ— Matty (@DCLBlogger) April 4, 2022

Čítaj viac
Pantera to close Blockchain Fund soon after raising $1.3B — double the target

Pantera to close Blockchain Fund soon after raising $1.3B — double the target

Uverejnil používateľ | apr 13, 2022 |

Crypto hedge fund giant Pantera Capital is set to close a blockchain fund next month that is backed by around $1.3 billion worth of capital. The Pantera Blockchain Fund was announced in May last year, with plans to raise $600 million to invest in early-stage tokens, venture equity, Web3 firms and tokens with strong liquidity. It has since surpassed that target significantly, with the firm revealing last month that the fund had topped $1 billion. The latest $1.3 billion figure was noted during an April 12 investor conference call regarding the company’s new $200 million Pantera Select Fund that will back “growth stage” crypto firms that are ready to generate revenue, as opposed to firms in early funding stages that being sought out via the Blockchain Fund. While a specific closing date for the fund wasn’t detailed, Pantera Capital CEO Dan Morehead suggested it could be in early May: “We’re wrapping up the Blockchain Fund, I think it’s gonna be about $1.3 billion and over the next three or four weeks, and as some of the big institutions that have very detailed due diligence processes wrap up, we will be done with that fund.”Moving forward, Morehead also noted that the company will then shift its focus to closing the Blockchain Fund II 2023, which will “essentially be the same” as the former variation of the fund and look to obtain further deals in the “early-stage private token space, and new deals in the early venture space.” “We will come back with a larger and more diversified and probably longer investment period growth-stage fund, in say 2024,” Morehead added. The Pantera Select Fund is also expected to close in early May with around $200 million worth of capital. The firm stated that the fund will be used to support and scale companies that are already open for business: “The Fund is expected to invest in about 10 companies over the next 18 months or so. We will primarily focus on more mature, revenue-generating companies than our typical Seed and Series A venture investments.”Pantera stated that the fund will invest in firms across multiple crypto sectors such as blockchain infrastructure, nonfungible token (NFT) platforms, Web3 gaming, the Metaverse, exchanges and decentralized finance (DeFi). Related: Hedge fund report says Bitcoin price is ‘at a relatively inexpensive place’In the firm’s April 5 newsletter, the Pantera CEO also stated that the funds will be “smaller, more targeted, and therefore more concentrated than a typical growth fund” as he emphasized his bullishness on having multiple deals already in place: “For the first time in our nine years, we have three very compelling growth-stage deals locked in all at the same time. That catalyzed us to offer a special fund to help Limited Partners gain exposure to these growth-stage deals plus seven to nine more we will invest in over the next year.”We are now -56% below the 11-year exponential growth trend. The markets have rarely been so cheap relative to the trend.Crypto is undervalued in my opinion.More thoughts here: https://t.co/JKVGi8BHwR pic.twitter.com/95F32y6RPc— Dan Morehead (@dan_pantera) April 6, 2022

Čítaj viac
Crypto-skeptic gamers review bomb Storybook Brawl after FTX buys it

Crypto-skeptic gamers review bomb Storybook Brawl after FTX buys it

Uverejnil používateľ | apr 1, 2022 |

Indignant gamers have review bombed Storybook Brawl on Steam over fears of potential nonfungible token (NFT) and blockchain integrations following crypto exchange FTX’s acquisition of its developers Good Luck Games. Storybook Brawl is a free-to-play auto-battle card game that was launched on online gaming platform Steam in mid-2021. The game’s review history showed an overwhelming amount of support until March 22, the exact day FTX US announced its acquisition. Since that time, the game has moved to an “overwhelmingly negative” status with 600 out of the last 761 reviews being negative. While it is possible for anyone who hasn’t played the game to leave feedback because it does not require a purchase, many of the reviews are from players who have spent a lot of time on the game. “We don‘t support NFTs in this household. Tragic end for a great auto battler,” wrote Steam user asnugglekitten, who has logged more than 130 hours on the game. Another player called King Bear, who has clocked more than 60 hours wrote: “Good Luck Games was acquired by FTX, a cryptocurrency company, as a way to ‘help crypto make inroads with gamers.’ I want no part of that and I don‘t want crypto ‘making inroads’ in things I‘m interested in. Uninstalled.” Storybook Brawl reviews: SteamAs part of the acquisition, Storybook Brawl will be integrated into FTX US’s blockchain gaming unit, with FTX co-founder Sam Bankman-Fried outlining the firm’s broader plans to ethically integrate “gaming and crypto transactions in a way that hasn‘t yet been done in this space.”Speaking on the move on March 23, Good Luck Games founder Matt Place also emphasized that it was good news for the player and the company, as it finally has the funding to bring the game to a triple-A level. It may do little to quash the concerns of the strong number of crypto-skeptic gamers, but Place also noted that FTX US hasn’t placed a requirement that blockchain tech is integrated into the game: “We’re going to explore blockchain technology […] how we can actually leverage that to make value, to create fun for players. When we find that, we’re gonna put it into the game, and if we don’t, we don’t have a mandate that we have to do it.”While NFTs, crypto and blockchain have been widely adopted by both artists and gamers, there are still large numbers of skeptics in both communities.Related: FTX and CoinShares launch physical staked Solana ETPMajor sticking points for many anti-crypto gamers often revolve around perceived scams, cash grabs and the environmental impact of crypto — despite more power-efficient blockchain solutions available for gaming than proof-of-work chains. So far, many traditional games and companies have copped the brunt of outrage over potential integrations including Ubisoft, Discord, a social media platform popular among gamers, Electronic Arts and Worms developers Team17.

Čítaj viac

Získaj BONUS 8 € v Bitcoinoch

nakup bitcoin z karty

Registrácia Binance

Burza Binance

Aktuálne kurzy