We’ve found a critical vulnerability in Loopring’s frontend wallet, which allows anyone to gain control of every account created using it. The vulnerability arises because Loopring’s frontend wallet uses a 32-bit integer to derive each user’s private key. This would allow an attacker to reproduce all such private keys. We’ve demonstrated the vulnerability by recovering private keys for over a dozen accounts. This problem was communicated to Loopring, and it is acting quickly to address it.
币安是全球领先的数字货币交易平台，提供比特币、以太坊、BNB 以及 USDT 交易。