Distributed Digest: Monday, February 4, 2019
A vulnerability with certain Parity Ethereum nodes was discovered and addressed, the Groundhog crypto subscription toolset was soft-launched on Groundhog Day, and Gnosis announced there will be a bug bounty program for dxDAO.
Your daily distillation of crypto news for Monday, February 4, 2019:
Parity Ethereum Bug Fixed
On Sunday, February 3, Parity was notified of a vulnerability allowing an attacker to «send a specially-crafted RPC [remote procedure call] request to a public Parity Ethereum node,» causing that node to crash. Nodes with public-facing JSON-RPC endpoints were affected (including through services such as Infura, MyEtherWallet, and MyCrypto).
Parity released two updates, 2.2.9-stable and 2.3.2-beta, to fix the issue. The Parity team recommends that individuals update their nodes as soon as possible.
Groundhog for Crypto Subscriptions
The Groundhog suite of crypto subscription tools was soft-launched on Saturday, February 2 (or, fittingly, Groundhog Day for American and Canadian celebrants). CEO Scott Burke said that prior to Groundhog’s launch, «there was a big problem holding back the growth of crypto e-commerce.»
To make a subscription payment via Groundhog, an individual would choose the «pay with Groundhog» option on a compatible merchant’s checkout page, then sign the transaction using the Groundhog app or another crypto wallet. The first time a customer uses the service will prompt the creation of a Groundhog wallet, which the individual can fund through a crypto or fiat transfer.
Further, the Groundhog team co-developed ERC1337, a standard for recurring, Ethereum-based subscription payments. Because of this, Burke maintains, «any ERC-1337 compatible wallet can initiate subscriptions with any ERC-1337 compatible payment gateway.»
Catch Some Bugs for dxDAO
Gnosis announced today that prior to dxDAO’s vote-staking period, which begins February 18, there will be a bug bounty program. Bounty hunters can earn up to $150,000 for discovering bugs related to two major attacks: gaining ETH/ERC20 token access in locking contracts or «breaking» the DAO. However, Gnosis noted that payouts from the program «will not exceed the funds used in the test dxDAO.»
Also, the bug bounties will not be on the live dxDAO but, rather, a test version of it. The Gnosis team maintains, though, that this test version «will have as close as configuration as possible» to the actual dxDAO, save for a few differences mostly related to timing.
Dani is a full-time writer for ETHNews. He received his bachelor’s degree in English writing from the University of Nevada, Reno, where he also studied journalism and queer theory. In his free time, he writes poetry, plays the piano, and fangirls over fictional characters. He lives with his partner, three dogs, and two cats in the middle of nowhere, Nevada.
ETHNews is committed to its Editorial Policy
Like what you read? Follow us on Twitter @ETHNews_ to receive the latest Parity, Parity Ethereum or other Ethereum ecosystem news.
