ZenGo X fixes double-spending vulnerability affecting BitClout

Quick Take

  • ZenGo X discovered a possible double-spending vulnerability for BitClout.
  • It received a $75,000 bug bounty, the greatest amount paid so far by the DeSo project.

ZenGo X, the research arm of crypto wallet provider ZenGo, says it discovered a double-spending vulnerability related to BitClout, an app on the Decentralized Social (DeSo) network.

The security vulnerability in question involved a potential double-spending exploit that ZenGo X’s senior researcher Matan Hamilis said could drain funds held in BitClout's reserve called Gringotts Bank. 

DeSo rewarded ZenGo $75,000 — the highest-ever by the project — for discovering and reporting the vulnerability. ZenGo X also stated that the security did not pose any risks to user funds or the DeSo blockchain as a whole.

BitClout creator Nader Al-Naji launched DeSo in September after receiving a $200 million investment from backers including Andreessen Horowitz (a16z), Coinbase Ventures, Polychain Capital, and TQ Ventures among others. DeSo is a platform that supports a variety of decentralized social media platforms, including BitClout.

Breaking into Gringotts

To get funds on DeSo, users need to swap bitcoin using the BTC-DeSo bridge. Even though Bitcoin has a 10-minute block time for confirming transactions, the bridge was designed to release deso tokens automatically without waiting for confirmation of the initial bitcoin transaction.

This method opened the door to the possibility of a double-spend attack. For someone could make a bitcoin payment to the bridge, receive the deso and then, say, bribe a miner to do a different bitcoin transaction instead — so it wasn’t spent in the first place. In order to prevent such an attack, DeSo used blockchain explorer tool Blockcypher to scan for possible double spends.

ZenGo X, however, found that DeSo’s defense against double-spending was not sufficiently robust. It noticed that an attacker could fool the system using a very specific type of transaction, known as ancestor transactions.

These gaps could allow rogue actors to trick the bridge protocol into swapping bitcoin for deso tokens when the attacker had not sent any BTC across the bridge.