- A popular crypto project Ravencoin recently saw an unknown attacker misuse a previously unknown flaw.
- The flaw resulted in expanding the token's maximum supply, which allowed the attackers to 'earn' $5.7m.
- For now, the investigation remains ongoing, while the community has to deal with the flaw.
On July 3rd, a cryptocurrency project Ravencoin disclosed an exploit after initial reports were confirmed. The project revealed that there was an unsanctioned minting of around 1.5% of the project’s maximum RVN supply, capped at 21 billion RVN.
The crypto firm is still conducting an investigation, so it did not specify any details. However, some things about the incidents are known, including the fact that around 315 million RVN tokens were minted.
The stolen coins are already out of reach
According to the coin’s current price, the amount is worth around $5.7 million. Naturally, the project quickly informed the law enforcement, although so far, they were not successful in catching or identifying the culprit, as far as it is known.
The nature of the bug made it even more difficult to do so, as no mone was stolen directly. Instead, the losses will be felt in the form of extra inflation, which will reduce the coins’ value for the rest of the RVN holders.
Furthermore, the attacker did not waste any time, and they already exchanged the extra RVN. As a result, any attempt to remedy the situation would be extremely difficult. Not only that, but the project’s miners and nodes will have to upgrade to a new, fixed version, in order to prevent the same from happening again.
How to deal with the flaw and the consequences?
Another thing worth mentioning is a rumor that has emerged on the RVN community’s Discord. The rumor claims that the bug is somehow tied to a wallet, and that it has been around since October. Some have speculated that ProgPow — Ethereum-based mining algorithm that Ravencoin adopted — is to blame.
However, the project’s team denied it, claiming that it is from somewhere else.
Regardless, the fact remains that the bug was successfully exploited, and that the community now needs to find a way to deal with the flaw, as well as the consequences of the exploit.
One suggestion, that came from the development team itself, is to hold a planned halving in around 44 days, which would compensate for the newly issued tokens. Another option is to simply leave things as they are.