CZ was responding to a tweet by BNB Chain’s chief scientist V. The developer said that the Jump Crypto security team notified the Binance about a severe vulnerability in the blockchain network. According to V, the blockchain forensics team was selfless and professional in handling the situation.
Minting Vulnerability on BNB Chain
Jump Crypto published a report of the incident on Feb. 10. The firm said, this was part of its efforts to improve security assurance within the crypto market. It added that it has been researching several networks to discover and fix vulnerabilities through coordinated disclosure.
These research efforts led to the discovery of a number of minting bugs on the BNB Chain. The technical nature of the BNB Chain made it challenging to discover these vulnerabilities as it combines an EVM-compatible smart chain and a Beacon Chain.
“The issue would have allowed an attacker to mint an infinite number of arbitrary tokens on the BNB chain, potentially leading to a large loss of funds,” said Jump Crypto.
Binance’s Changpeng Zhao affirmed that the issue has been taken care of to ensure any overflow in BNB calculation will lead to a transaction failure. The discovery underlies the importance of collaboration within the crypto space.
Malicious Players on the Look Out
While Jump Crypto was able to protect BNB Chain’s vulnerability from being exploited, malicious players stole around $4 billion in different crypto hacks in 2022. The same scenario has played out in the current year, with several crypto projects suffering various hacks and exploits.
It is worth noting that this is not the first time BNB Chain has been subject to a security breach. In October 2022, a hacker was able to send 1 million BNB tokens twice. But they could only move $100 million of the funds before validators shut down the network.
Validators reacted quickly and were able to prevent a $556 million theft. The hacker was able falsify transactions on the BNB bridge, which could have led to more significant losses.
BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.