时间:2024-01-16|浏览:235
用戶喜愛的交易所
已有账号登陆后会弹出下载
1 月 14 日,Ripple 首席技术官 (CTO) David Schwartz 就所谓的价值 256 亿(近 150 亿美元)XRP 的“交易”发表声明。 这一数字约占目前流通中 XRP 总量的一半,目前流通量约为 542.6 亿。 广受好评的区块链监控服务 Whale Alert 透露,据称的交易来自一个未知的钱包,是针对加密货币交易所 Bitfinex 的。 没有提供有关钱包的信息。
然而,进一步的检查很快得出结论,原来的担心是没有根据的。 Bitfinex 首席技术官 (CTO) Paolo Ardoino 做出了澄清,表示该事件不是交易,而是滥用 XRP 账本中包含的“部分支付”功能的行为。 考虑到 XRP 如此重大的转变可能带来的影响,加密货币社区的许多成员在得知这一信息后都松了口气。
Whale Alert 在随后的声明中也承认了这一错误,声明如下:“正确读取 Ripple 节点响应存在问题,导致出现了一些不正确的帖子。” “我们已经解决了这个问题。” 阿多伊诺对此事提供了进一步的见解,这是对此的补充。 他的声明如下:“有人试图通过‘部分支付漏洞’来攻击 Bitfinex。”鉴于 Bitfinex 以适当的方式处理“delivered_amount”数据字段,攻击没有成功。
Ripple 首席技术官就该事件提供澄清
在互联网上,化名为“JoelKatz”的施瓦茨提供了有关该事件的更多信息。 他强调,“数十亿 XRP 转移”的说法是不准确的,这与部分付款构成 XRP Ledger (XRPL) 安全问题的某些指控形成鲜明对比。
每次兑换的实际发送金额仅值几美分。 Bitfinex 和 Paolo Ardoino 成功阻止了一次漏洞利用尝试,他们的努力值得赞扬。 正如这里所发生的情况所示,XRP 账本没有任何缺陷或漏洞。 Ripple首席技术官强调,部分支付功能是一种普遍接受且安全的金融工具。
In addition, he emphasized that Bitfinex handled the effort to exploit the vulnerability in an appropriate manner, which is the reason why they were able to avoid any possible problems. "Today's thwart is a strong reminder to all institutions and applications – the importance of proper configuration and integration cannot be understated," Schwartz said. "Today's thwart."
In addition, he pointed users in the direction of a site that provides a safe connection with the Proper Payments function of the XRPL. This resource may be found at https://xrpl.org/partial-payments.html. In the website, the functionality of Partial Payments as well as the possible hazards associated with them are explained. The website also emphasizes how important it is to grasp the difference between the Amount field and the delivered_amount metadata field involved in a transaction.
The paper clarifies the distinctions that exist between transactions that have the Partial Payment indication and those that do not contain it. When it comes to conventional payments, the "Amount" field is used to specify the precise amount that is to be sent. On the other hand, when it comes to partial payments, this field indicates a maximum amount, and the transaction is considered successful even if only a fraction of the intended value is given. Although this feature is valuable in some circumstances, it has the potential to be abused in systems that are not well linked, which might result in significant losses.