{"id":22407,"date":"2018-03-22T22:35:38","date_gmt":"2018-03-22T22:35:38","guid":{"rendered":"http:\/\/ci027cfe81200c26c3"},"modified":"2018-03-22T22:35:38","modified_gmt":"2018-03-22T22:35:38","slug":"bug-caught-allowed-coinbase-users-garner-unlimited-amounts-ether","status":"publish","type":"post","link":"https:\/\/bitcoinmagazine.com\/markets\/bug-caught-allowed-coinbase-users-garner-unlimited-amounts-ether","title":{"rendered":"Bug Caught That Allowed Coinbase Users to Garner Unlimited Amounts of Ether"},"content":{"rendered":"
<\/div>
<\/figure>\n

On March 20, 2018, it was revealed that a bug hidden in Coinbase\u2019s Ethereum smart contract setup could have given users access to unlimited amounts of ether. At press time, it does not appear as though the vulnerability was ever exploited or even noticed<\/a> by users.<\/p>\n

The issue was first discovered last December by VI Company, a Dutch firm that specializes in fintech. The company was planning to give its employees ether bonuses in celebration of the upcoming holiday season when researchers noticed the issue with their \u201cETH receiving code\u201d while garnering funds from a contract. They saw that by using a smart contract, a series of digital wallets could be \u201ctricked\u201d into recording ether transfers and purchases that had never actually happened.<\/p>\n

The team issued the following statement in a vulnerability report later published on the firm\u2019s HackerOne account<\/a> in January 2018:<\/p>\n

\u201cBy using a smart contract to distribute [ETH] over a set of wallets, you can manipulate the account balance of your Coinbase account. If [one] wallet transaction in the smart contract fails, all transactions before that will be reversed, but on Coinbase, these transactions will not be reversed, meaning a person could add as much Ethereum to their balance as they want.\u201d<\/p>\n

The report specified the following steps for taking advantage of the exchange\u2019s weakness:<\/p>\n

    \n
  1. Set up a smart contract with a few valid Coinbase wallets and [one] final faulty wallet.<\/li>\n
  2. Transfer appropriate funds to the smart contract.<\/li>\n
  3. Execute smart contract adding the set amount of ether to the Coinbase wallets without ever actually leaving the smart contract wallet because the complete transaction fails at the last wallet.<\/li>\n
  4. Repeat until you have more than enough ether in your Coinbase wallet.<\/li>\n
  5. Cash out, transfer to offsite wallet.<\/li>\n<\/ol>\n

    Had users noticed the glitch, they could have been able to turn themselves into crypto-billionaires overnight.<\/p>\n

    The problem was resolved after the team changed the contract handling logic. VI Company claimed there were only \u201caccidental\u201d losses for Coinbase and stated there were no attempts to exploit the vulnerability. Coinbase executives later thanked VI Company\u2019s counterparts by sending them a $10,000 bounty<\/a> for their work.<\/p>\n

    Though instances like these are rare, they can occur from time to time. In February 2018, popular Japanese exchange Zaif aroused heavy controversy after a bug was exposed that allowed users to purchase bitcoin through its system at no charge<\/a>. Representatives of the company claimed the error occurred within its \u201cprice calculation system\u201d and that seven transactions had occurred where customers bought bitcoin for zero yen. Six of these transactions were later reversed.<\/p>\n

    Zaif\u2019s parent company, Tech Bureau Corp, had faced several checks the previous month after regulators claimed it was vulnerable to cyberattacks. The exchange later apologized to users, saying the problem would not affect individual customer amounts. Zaif is one of a small handful of cryptocurrency trading platforms currently registered with the Japanese government.<\/p>\n","protected":false},"excerpt":{"rendered":"

    Had Coinbase users noticed the glitch, they could have been able to turn themselves into cryptocurrency billionaires overnight.<\/p>\n","protected":false},"author":3479,"featured_media":22408,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[1844,190,621,1279],"class_list":{"0":"post-22407","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-markets","8":"tag-bugs","9":"tag-coinbase","10":"tag-ethereum","11":"tag-smart-contracts"},"author_data":{"id":3479,"name":"Nick Marinoff","nicename":"nick-marinoff","avatar_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/12\/cropped-bitcoin-schmitcoin-promo-image-1-2-96x96.png"},"featured_image_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/bug-caught-that-allowed-coinbase-users-to-garner-unlimited-amounts-of-ether.jpg","_links":{"self":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/22407","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/users\/3479"}],"replies":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/comments?post=22407"}],"version-history":[{"count":0,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/22407\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media\/22408"}],"wp:attachment":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media?parent=22407"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/categories?post=22407"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/tags?post=22407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}