/biz/ - Business & Finance

>What is this exploit?
There's a security layer in LINK's source code that deals with storage ticks. Basically, even in cold storage where they're untouched, there's a cache protocol that will occasionally ping public wallet addresses to verify their contents. Unfortunately, LINK has a slightly different version of this protocol in order to make micro-pings for staking purposes. Most staking rewards are going to be really small transfers, so the LINK devs lowered the tick rate for these pings. However, if you're using a hardware wallet, your storage is operating at the NORMAL tick rate, creating a cache gap where someone can use an SLQ% injection to gain access to your wallet. There's already been many posts of Anons opening up their wallets to find all their tokens transferred out to mysterious addresses, losing tens if not hundreds of thousands of dollars.

>Does this affect other tokens in my hardware wallet?
No, as this isn't a vulnerability with the wallet so much as Chainlink specifically. Other tokens, even on wallets that have been affected by the exploit, are safe.

>I haven't touch my wallet in years! Can someone really randomly gain access and steal my LINK?
Sadly, yes. This affects PUBLIC addresses, and these are most likely being chosen at random.

>I have my LINK on a hardware wallet! What do I do?
Either transfer them to a paper wallet (safest), an exchange, or trade for fiat.

>Can this be patched?
Yes, but it will take time. This isn't something that can be done in one week, as it's tied to the security layers focused on staking. These have to be rewritten very cautiously, else other major functions of the LINK source code can break.

>>21431525
I

>>21431554
Lol fucking cancer

>>21431554
This is such shitty fud it’s laughable. I hope it works tho so I can accumulate more.

>>21431712
>it’s laughable
i'll let you in on a secret - that's the main point

>>21431525
N

>>21431525
here you go anon. fixed

>>21431525
never seen that version before, this was the first meme I ever saved from /biz/ way back when.

You really thought this wasn't going to happen?

I sat by and watched LINK rise. I knew I could've bought in. But I didn't. Figured it had to die out. But it went up. And up. And fucking up. And I realized I missed out on the biggest opportunity of my lifetime because I belittled your stupid fucking memes and decided to choose more stabler coins. None of you idiots deserve the money you have. And that's why I decided to take it all away from you.

I contacted a buddy of mine to begin conducting wallet ID sniffing using a crypto backlogger. The decentralized blockchain works as a decentralized swimming pool; all of the decentralized water has to lead somewhere. Usually, the "water" can remain anonymous and encrypted. My buddy and I found an exploit that allows oracle backdoor maneuver pooling. This allows for complete unencrypted access into anyone's wallet.

But only for hot ones. To access cold wallets, we required the SQL% injection protocol. We began compiling numerous SQL% injection .ps1 files to execute in a Flood Fill algorithmic manner. We are scraping dry tens of thousands of LINK wallets, and there is nowhere you can hide.

You knew this day would come. Remember this lesson.

>>21431624
G