Satoshi Nakamoto Blog
Image default
Cryptocurrency Headlines NEWS

Ampleforth Stablecoin Completes Security Upgrades After Trail of Bits Audit

Ampleforth has announced that they have completed security upgrades following an audit by Trail of Bits.

Ampleforth first underwent an audit by Chinese firm Slow Mist which showed no vulnerabilities. When Trails of Bits conducted an audit, however, some vulnerabilities were discovered and some changes were prescribed.

Ampleforth has announced that is implemented 75 percent of the changes prescribed.

The Changes Prescribed

According to Trail of Bits, four changes were recommended to Ampleforth and it has implemented three of the four recommended.

The fourth change that was prescribed was relating to Oracle services. Trail of Bits believes that that stability of Ampleforth can be tampered with by a market maker.

“A market source returns a very large value for partialRate and/or partialVolume . This causes a revert in the calculation of volumeWeightedSum and thereby prevents rebasing. Self-stabilization through rebasing will not occur until the offending market source is removed from the whitelist,” the said.

The Changes Taken

Ampleforth has shed some light as to why the fourth prescription regarding oracle services was not taken.

According to them, the changes that would have needed to have been made would have not been feasible.

“The fundamental issue is that the oracle relies on a whitelist of sources authorized to provide data — fixing an overflow with an input restriction still would not have changed this. Adding a maximum allowable value independent of the number of sources combined in the calculation would have either been arbitrary or overly limiting,” Ampleforth management said.

The team said, however, that they are considering moving to an external Oracle infrastructure.

The Need for Security

When discussing the issue, the Ampleforth team stated that they are working towards identifying vulnerabilities as early as possible so as to correct them.

Leaving them unchecked, they say, can lead to hacks that can, in turn, lead to significant losses. These can be seen in the cases of hacks regarding Coincheck and Maple Exchange in 2018 that led to millions being lost.

Ampleforth has also stated that they are aiming to be a natural bank rather than a natural resource.

“ Ampleforth is kind of more like a natural resource than a national bank. This thing is designed very simply. It’s meant to maintain a stable unit of account. The rest of it is very similar to a normal floating price token. But the key here is that we don’t want to be a central bank. We want to be a different type of natural resource,” they said.

Source link

Related posts

Raymond James Keeps Recruiting without Raising Deal Terms: CEO


Become a winner of a prestigious Award


Swift Snubs Ripple; Enters Partnership with R3 for Blockchain-Based Payment Solutions


Modern Monetary Theory Explained: Will Gold Skyrocket? |


Cryptocurrency Security startup Trustology Receives Funding from Two Sigma Ventures


Families Of Sandy Hook Victims Score Legal Victory Over ‘InfoWars’ Host Alex Jones