The blockchain of one of the most popular cryptocurrency Tron, due to a serious vulnerability, could be brought down with a single computer. But, fortunately, the vulnerability was discovered not by a hacker, but by a bug-hunter, who, by the way, had already received an appropriate reward from the developers.
The vulnerability discovered by a white hacker allows you to organize a so-called. "Byte attack", which involves the use of a massive fragment of bytecode for the consumption of network resources. The result of this attack will be the "depletion" of the network and the termination of processing not only the requests of smart contracts, but even directly transactions.
“Using just one machine, an attacker could make a DDOS attack on all nodes, or 51% of the nodes, making the Tron blockchain unavailable or unusable.”
The bug-hunter has already received a relatively modest reward of $ 1,500 from the Tron Foundation for the found vulnerability. He informed developers about the bug on January 13, but this information was made public only on May 2. The latest version of Tron was released on April 9, and before that, presumably, the developers introduced a patch that fixes the vulnerability.
According to the researcher, this vulnerability could have dire consequences:
.
