Skip to content

7 Comments

  1. phan nho
    June 9, 2017 @ 6:12 am

    like

    Reply

  2. Mark
    June 9, 2017 @ 8:32 am

    Appreciate the comments on what has happened, but any more updates? Bittrex shows the wallets as under maintenance which can understand due to the text of the blog post.

    Network hash and difficulty all look to be dropping and wouldn’t want lack of news to scare off miners from the overall concept of ZenCash.

    Reply

  3. Kit Sunde
    June 9, 2017 @ 3:06 pm

    For a project that’s supposed to take security seriously, this is an incredibly weak update.

    * Where was the 0-day dropped and under what circumstances?
    * Why such an blatant violation of our industry’s standard practice of responsible disclosure being thanked instead of reprimanded?
    * Why are there no details on what your policy for responsible disclosure is.

    What you’re telling people watching this project is that this is how you expect information to be shared in the future, this is how security incidents are to be dealt with and this is how developers leaving your projects should handle these issues in the future.

    I understand not wanting to reprimand one of your own, but someone just irresponsibly published an attack against the network with you thanking him. You’re supposed to have the networks interest at heart, this tells us you don’t.

    As far as security practices goes this is amateur hour and you know it.

    Reply

    • blockops
      June 9, 2017 @ 3:09 pm

      the thanks is in the post above.

      “are grateful for all the hard work put into the project by Joshua Yabut when he was the lead developer, and thankful for the notification of the potential zero day attack. We will definitely miss him being on the team.”

      Reply

    • blockops
      June 9, 2017 @ 3:13 pm

      We were in the middle of confirming Bittrex had a chance to update their servers before disclosing it. We had agreed on that.

      He made the disclosure before the biggest vulnerable systems we knew of had confirmed mitigation. And in his disclosure he told people how to do the attack. It was publicly done in the slack with hundreds of witnesses, and maybe on twitter.

      He was not asked to leave the project. He left on his own in a very public way.

      Reply

  4. Kevin
    June 9, 2017 @ 5:41 pm

    What happen to my deposit I just sent to Bittrex this morning? Wallet show sent and confirmed but Bittrex wallet was disable, I my deposit lost or reject back to my wallet?

    Reply

  5. c.jackie
    July 10, 2017 @ 1:25 am

    Same for me. I transfered coins this night to Bittrex wallet and only response I get from support is copied from FAQ section which I read before wrote them. Anybody know what’s happening?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.