Cold Storage Exploit FAQ

So as Anons found in the previous threads, there is in fact at least one private group that is using the code storage vulnerability to transfer out Chainlink from hardware wallets.

>What is this exploit?
There's a security layer in LINK's source code that deals with storage ticks. Basically, even in cold storage where they're untouched, there's a cache protocol that will occasionally ping public wallet addresses to verify their contents. Unfortunately, LINK has a slightly different version of this protocol in order to make micro-pings for staking purposes. Most staking rewards are going to be really small transfers, so the LINK devs lowered the tick rate for these pings. However, if you're using a hardware wallet, your storage is operating at the NORMAL tick rate, creating a cache gap where someone can use an SLQ% injection to gain access to your wallet. There's already been many posts of Anons opening up their wallets to find all their tokens transferred out to mysterious addresses, losing tens if not hundreds of thousands of dollars.

>Does this affect other tokens in my hardware wallet?
No, as this isn't a vulnerability with the wallet so much as Chainlink specifically. Other tokens, even on wallets that have been affected by the exploit, are safe.

>I haven't touch my wallet in years! Can someone really randomly gain access and steal my LINK?
Sadly, yes. This affects PUBLIC addresses, and these are most likely being chosen at random.

>I have my LINK on a hardware wallet! What do I do?
Either transfer them to a paper wallet (safest), an exchange, or trade for fiat.

>Can this be patched?
Yes, but it will take time. This isn't something that can be done in one week, as it's tied to the security layers focused on staking. These have to be rewritten very cautiously, else other major functions of the LINK source code can break.

Attached: sub-hero-chainlink-diagram-3fb7d8e9.png (1500x361, 78.53K)

Other urls found in this thread:

old.reddit.com/r/CryptoCurrency/comments/i9zgc4/warning_chainlink_hw_wallet_vulnerability_being/
twitter.com/NSFWRedditImage

Oh man this is good

not a single word you just said is true

bumping this for visibility

The pattern noticed in the last thread was that cold storage wallets are more likely to be stolen from than hot wallets. Rule of thumb is that the longer it's been since you've accessed your LINK, the more likely you'll need to transfer to a paper wallet.

liar liar pants on fire

> SLQ% injection
weak bait

Imagine writing all of this. Fuck off idiot

How does this remotely make sense? In order to take the LINk tokens you need the private key to the wallet, and once you have the private key it works for all of the tokens and Ether. What does SQL database stuff have to do with anything? But actually I'm the stupid one for even responding to this.

Literally just need to transfer until this gets patched, if you're vulnerable. There's no need to be this defensive.

Not technical but I don't see why we think he's lying.

He LITTERALLY gave alternatives to make sure you don't sell.

fckin THIS
OP kys

>>I haven't touch my wallet in years! Can someone really randomly gain access and steal my LINK?
>Sadly, yes. This affects PUBLIC addresses, and these are most likely being chosen at random.
These 2 sentences are hilariously bad.

Attached: 1589209531817.jpg (913x608, 343.3K)

Is OP trying to bring down the price so he can buy in? a couple autists on Zig Forums aren't gonna effect the price of a 5 billion dollar asset, retard.

kek someone spam this on reddit

Really hope they're just assuming it's FUD and not part of some raid discouraging safe storage practices.

Is this a way to data mine dumb LINK whales ?

truly kys

New FUD, finally and an intricate one. You should take this to reddit though as they are more likely to believe it than the retards that populate this place. They bought at 20c you know? I seriously doubt they would sell even if this FUD was true.

Attached: 1567774412654.gif (295x221, 573.53K)

Is myetherwalletconnect also at risk here?

transparently psychopathic behavior
seek help

itt: 90% newfags. go along with it, retards

Yes, send all your linkies to my address. I promise to keep them safe from the quantum thieves.

Attached: 1585307759263.png (1085x1217, 1.66M)

>SLQ% injection
HOLY SHIT NO WAY?
SHIT LINK QUEER PERCENTAGE INJECTIONS!
THIS IS LITERALLY SPREADING DIGITAL AIDS ONTO HARDWARE WALLETS MAKING THEIR DIGITAL IMMUNE SYSTEM OR "SECURITY" WEAKER, THUS EASIER FOR A SIMPLE VIRUS TO INFECT AND KILL YOUR HARDWARE WALLET!!!!!!!!!!!!!!!!!

Attached: file.png (840x704, 398.08K)

Finally some exciting new fud

Attached: 1596934758364.jpg (846x890, 219.82K)

Only if you connect to it with a hardware wallet. But again, it's not the hardware wallets themselves that are vulnerable, just the security layer that Chainlink uses to interact with them.

Huh. This is some new FUD. Wonder how many people will fall for it?

Ooh, I bet we could get plebbit to bite this hook line and sinker. I'm gonna start pushing it on /r/crypto or wherever those fuckers reside.

Attached: 1597377206519.jpg (2448x3264, 483.5K)

post the threads here i'll vote them up

I lied. I forgot that I deleted my reddit account after their latest rule update fiasco where everyone threw a hissy fit. Couldn't stand it anymore. Do it in my stead, Marine.

Holy shit. We could really get them to bite this. This is really good FUD.

Attached: 1597114574570.png (1242x2208, 577.54K)

Holy fuck these hackers removed this post too, its real, they dont want people to know about the exploits yet

DO you think the reddit moderators are in on it???

This Could Be Really Big guys.

I'm Scared

Everyone post this to reddit please