Coinbase, a digital currency exchange, which has its headquarters in San Francisco, California recently found out and made public that ethereum balance glitch enabled users to falsify their bank account numbers. Some analyst discovered this by using a smart contract, in which a person can be able to add as much ethereum as they desire to their account.
On the 21 March, some researchers exposed a glitch in the Coinbase platform, which lets users add as much ethereum as they want to their individual accounts by utilizing a smart contract. The glitch that was discovered this past Wednesday was in the system since December of last year, that for nearly 5 months. Vicompany, a Dutch research analysts’ company is responsible for discovering the issue. Coinbase offered them a $10,000 reward. The cryptocurrency Coinbase stated that; The researchers notice an issue with our ETH receiving code when receiving a contract. It added that; This allowed sending of ETH to Coinbase to be credited even if the underlying contract execution failed. The company also mentioned that; The issue was fixed by changing the contract handling logic. Analysis of the issue indicated the only accidental loss for Coinbase and no exploitation attempts.
As stated by the company from the Netherlands, Vicompany says that by utilizing a smart contract to distribute ether over a set of wallets you can manipulate the account balance of your Coinbase account. If one of the internal transactions in the smart contract fails all transactions before that will be reversed. However on Coinbase, these transactions will not be reversed, that means that someone was able to add as much ether to their balance as they desire. When you check your Coinbase wallet address after this transaction, you will see that it is empty, but checking your Coinbase wallet will show your funds.
Though, Coinbase was not the only cryptocurrency exchange to be a victim of a glitch that enables users to falsify their account balances. Zaif, a Japanese cryptocurrency exchange, is another victim of a similar glitch which lets clients buy BTC for literally nothing. Zaif suffered a $20 trillion glitch on the 22nd of February. Also Overstock, an e-commerce marketplace suffered a similar issue. They found a website glitch that made big discounts because their system was accidentally allowing bitcoin cash purchases for products that were priced in bitcoin core.