The vulnerability was actually published even before we find it. The problem is people didn't realize what they found. And then, and then because I was at Facebook,. I said, okay, let's see if this vulnerability actually applies today in the exchanges. One of the big four auditors had an emergency when we reported it. They literally called me that we're going to have a Friday meeting. But anyway, nobody paid attention. You know, the auditors also do not have cryptographers. Even blockchain teams like sometimes struggle to find good cryptographers. So I believe they just got what they found in the forum and they just applied it. That's why nobody could figure out this is
This week, Anna explores the topic of proof of solvency with Kostas Chalkias, co-founder and chief of Cryptography at MystenLabs. They cover Kostas’ background in Cryptography and explore his work on Proof of Reserves, otherwise known as Proof of Solvency. They review past Proof of Solvency models using ZKPs and look at the protocols that major centralized exchanges are currently using. Then they dive into the security vulnerabilities, privacy issues, and general bugs that Kostas and his collaborators have identified in these protocols and their recommendations on how to better build Proof of Solvency systems.
Here are some additional links for this episode:
Today’s episode is sponsored by Aleo
Aleo is a new Layer-1 blockchain that achieves the programmability of Ethereum, the privacy of Zcash, and the scalability of a rollup.
If you’re interested in building private applications then check out Aleo’s programming language called Leo. Visit leo-lang.org to start building.
You can also join Aleo’s incentivized testnet3 by downloading and running a snarkOS node. No sign-up is necessary to participate. For questions, join their Discord at aleo.org/discord.
If you like what we do: