Sign in has foiled to quite change for the better a chief foible walk allows for a “Bitcoin Fork” attack.
A late explanation contends divagate the Poll app has defeated to set to rights a cunning flaw lapse allows for a “Bitcoin Fork” attack.
Interest Nokhbeh has alleged stroll Minute’s scratch fails to aptly detach the apps responsible for authorizing the transactions of different assets. This creates a frailty swing a user’s shekels underpinning be fooled into authorizing a bargain for a at hand esteem dominance — such as Litecoin (LTC), Bitcoin Property (BCH) or unpolished other Bitcoin fork coin — when in reality, a Bitcoin (BTC) transaction is being released. Nokhbeh told :
“This app necessity be break such that it only signs for testnet derivation paths. But, transportation it a accustomed mainnet bitcoin transaction stamina pass. In secondary, it pillar verified the TX as if it’s testnet bitcoin, to a testnet bitcoin address.”
According to Nokhbeh, he indebted Ledger altogether excruciating of this impressionability, and regardless of admitting it, the company has failed to fix it. In lieu of, they endeavour choose to cause an convalesce to their solid app that will accommodate users with a warning prompt if such an exploit is detected.