Security researchers discovered a vulnerability in the privacy-focused Secret Network. The project team updated that the issue was resolved.
Security researchers have discovered a vulnerability in privacy-focused Secret Network. The researchers, some of whom are from UIUC, examined the network for AepicLeak vulnerabilities. Their analysis led them to find the master decryption key for the whole network. The vulnerability was related to Intel’s Software Guard Extensions.
The researchers have helped Secret Network take mitigation actions, “especially the Registration Freeze on October 5, 2022.” They described the vulnerability as follows,
“The Secret Network has been vulnerable to the xAPIC and MMIO vulnerabilities that were publicly disclosed on August 9, 2022. These vulnerabilities could be used to extract the consensus seed, a master decryption key for the private transactions on the Secret Network. Exposure of the consensus seed would enable the complete retroactive disclosure of all Secret-4 private transactions since the chain began. “
The researchers noted that there was no way of knowing whether the attack had been attempted before. They asked users to re-evaluate their risks as past transactions are subject to discovery.
Secret Network also acknowledged the incident on its Twitter page, stating that it had resolved the issue. No users’ funds were at risk, and users needn’t take any actions.
Secret Network and its privacy controls
Secret Network is a protocol that focuses heavily on private transactions. It distinguishes itself by encrypting input at a protocol level. As such, developers can build decentralized applications that protect user data.
The project’s native token is SCRT, used for on-chain governance, staking, and paying for network transactions. The protocol uses the Cosmos SDK framework, using proof-of-stake (PoS) via Tendermint’s Byzantine Fault Tolerance (BFT) consensus algorithm.
Secret attracts attention as Europe considers privacy coin ban
Secret Network has also been in the news, primarily because European lawmakers are potentially considering a ban on privacy coins. The protocol’s strong privacy controls have attracted the attention of crypto enthusiasts, as privacy coins look like they face a ban.
Privacy coins are also subject to a lot of scrutiny in other parts of the world. South Korea has banned the asset group, and other countries may follow suit.
SCRT is the native token of the Secret Network. The token has a fully diluted market cap of $152 million. The token jumped in price significantly during October 2021, when the EU privacy coin discussion was taking place.