Beam team: "Critical vulnerability" found in Beam Wallet

Beam, the privacy coin implementing the MimbleWimble protocol, announced via its Twitter account that its team had found a "critical vulnerability" in the Beam Wallet. Per Beam CTO, Alex Romanov, in Beam's community chat, the vulnerability does not affect "wallet data, secret keys, or passwords." The vulnerability was first discovered by the Beam development team and affects previously released Beam Wallets.

The Beam team is recommending users to do the following:

  • Stop running their wallets.
  • Uninstall or delete their wallet application and executables from all machines.
  • Make sure the application was deleted.
  • Redownload and reinstall the updated version of Beam Wallet from Beam's website.

The Beam team will release a proper update, providing more details on the vulnerability, in the next few days. Beam officially launched on January 3, 2019, becoming the first cryptocurrency to implement the privacy protocol, MimbleWimble.