CHECK YOUR FUCKING WALLETS
THE COLD STORAGE EXPLOIT IS REAL I JUST LOST EVERYTHING
CHECK YOUR FUCKING WALLETS
Ryder Perry
Hunter Lewis
I put my cold storage into a hardware wallet, into another cold storage, into a bank deposit box, then I buried my 24 word passphrase in a very secure box in the mountains.
Am I safe?
Daniel Gray
No they can ping it offline and directly access it and transfer out. Really clever shit
Bentley Hill
no, god knows you touch yourself to loli pics you degen
Matthew Bell
wtf i just checked the paper wallet i had stored in my freezer.
it's all gone.
Joshua Williams
No, I did the same. Didn't touch them for years. 4 hours ago, someone took them from my wallet. Nearly $90,000 in link gone in a second. Luckily I still have 50k link on a paper wallet
James Phillips
QUANTUM TIME TRAVELING SPACE NIGGAS ARE ROBBING YOU
Christopher Jackson
ME TOO WTF AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Josiah Mitchell
My bank isnt open... wtf do I do?
I guess i'm hiking in the mountains for 5 hours tonight...
Gavin Bennett
>What is this exploit?
There's a security layer in LINK's source code that deals with storage ticks. Basically, even in cold storage where they're untouched, there's a cache protocol that will occasionally ping public wallet addresses to verify their contents. Unfortunately, LINK has a slightly different version of this protocol in order to make micro-pings for staking purposes. Most staking rewards are going to be really small transfers, so the LINK devs lowered the tick rate for these pings. However, if you're using a hardware wallet, your storage is operating at the NORMAL tick rate, creating a cache gap where someone can use an SLQ% injection to gain access to your wallet. There's already been many posts of Anons opening up their wallets to find all their tokens transferred out to mysterious addresses, losing tens if not hundreds of thousands of dollars.
>Does this affect other tokens in my hardware wallet?
No, as this isn't a vulnerability with the wallet so much as Chainlink specifically. Other tokens, even on wallets that have been affected by the exploit, are safe.
>I haven't touch my wallet in years! Can someone really randomly gain access and steal my LINK?
Sadly, yes. This affects PUBLIC addresses, and these are most likely being chosen at random.
>I have my LINK on a hardware wallet! What do I do?
Either transfer them to a paper wallet (safest), an exchange, or trade for fiat.
>Can this be patched?
Yes, but it will take time. This isn't something that can be done in one week, as it's tied to the security layers focused on staking. These have to be rewritten very cautiously, else other major functions of the LINK source code can break.