Researchers found vulnerability in privacy-focused Secret Network November 30, 2022
Researchers found vulnerability in privacy-focused Secret Network <br><br><br>
Researchers found vulnerability in privacy-focused Secret Network
Security researchers found a vulnerability in the privacy-focused protocol Secret Network, the network is intended to be anonymous and confidential. However, a few researchers from the University of Illinois Urbana-Champaign (UIUC) have discovered AepicLeak vulnerability, related to Intel’s Software Guard Extensions, which threatens to reveal the history of user transactions. The security researchers’ analysis helped to discover the whole network’s master decryption key.
Secret Network to take mitigation actions with help of the security researchers, “especially the Registration Freeze on October 5, 2022.” The has described the vulnerability as, “The Secret Network has been vulnerable to the xAPIC and MMIO vulnerabilities that were publicly disclosed on August 9, 2022. These vulnerabilities could be used to extract the consensus seed, a master decryption key for the private transactions on the Secret Network. Exposure of the consensus seed would enable the complete retroactive disclosure of all Secret-4 private transactions since the chain began. “
To know whether the attempt to attack the network has been tried before is not clear according to the researchers. They suggest to the users that their past transactions may be subject to discovery, therefore they must re-evaluate their risks.
The network has also shared the incident on its Twitter page and had also acknowledged it by informing the audience that they have resolved the issue. Also, they mentioned that their users’ fund are not at risk and they don’t need to take any actions.
This is the network that focuses more on private transactions. It stands out from the rest due to its encrypting input at a protocol level. For example, developers can build decentralized apps that protect user data.