was found and eliminated in the Libra project
After the developers posted the Libra project code in the public domain, specialists discovered a critical vulnerability in it that allows attackers to embed their code in smart contracts
A dangerous bug in the Move scripting language developed by Facebook for the Libra project was discovered by the startup developer OpenZeppelin.
“Vulnerability in the Move IR compiler allows attackers to embed executable code in their smart contracts under the guise of in-line comments. The good news is that it was identified and fixed before the platform was launched, ”explained Demjan Brener, CEO of OpenZeppelin
The problem was fixed with the next code update on September 4th. Now experts continue to study the code in search of new bugs.
“We see how large and complex these systems are, and Libra is just the first of many. When these systems are put into operation, they begin to be used to manage millions of dollars, billions of people. It is important to be aware of what these systems are. People must understand their potential, ”concluded Brener.
.
