On an unknown exchange discovered vulnerability to double spending Tether
The Chinese company SlowMist, which deals with issues of cyber security have identified a vulnerability in the transaction stablon Tether (USDT). It is reported by Cointelegraph.
In his Twitter SlowMist said that were able to send USDT at cryptocurrency exchange (the name is not disclosed) about the data in the fields of the transaction. This means that users can be enrolled actually sent the tokens, which in turn could lead to double spending. After the tweet SlowMist founder OmniLayer platform, which was created USDT, gave the following explanation for this error on Reddit:
Probably the market is not checking the validity flag in the transaction. They took the first transaction value valid = false (which should not have been taken), and then a second transaction (double spending), which had a value valid = true. If I don't lose sight of the fact it's just a bad integration in the exchange.
Explorer CryptoMedication posted an image of the error:
OKEx, the second stock exchange in trading volume, commented on the error message. Its representatives stated that it had conducted a series of audits and found that OKEx "not vulnerable".
According to CryptoMedication, the vulnerability of double spending could be used without any restrictions. CryptoMedication recognizes that it is probably rather a problem of the exchange than the Tether.
Recall that this week's Tether issued 250 million new tokens, which are provided in US dollars in the ratio one to one, and at the end of March — 300 million tokens, which led to a slight increase in the prices of bitcoin.