There is some interesting information about the NEO ecosystem that is worth to comment about. The most important one is related to a vulnerability found in the smart contract code of a number of NEP-5 smart contracts.
NEO Storage Injection Vulnerability
On Friday the 18th, NEO informed users and developers that a vulnerability has been discovered in the smart contract code of a number of NEP-5 smart contracts. The situation has been informed by the security audit company Red4Sec. NEO Global Development (NGD), and Red4Sec, stated:
“The vulnerability exists within the smart contract code of some dApps. The NEO blockchain is not affected by the vulnerability.”
According to the information released by these two companies, there are several NEP-5 tokens affected. With this vulnerability, an attacker could make changes to the contract storage, burn a certain amount of tokens, and change the status of totalSupply within the contract.
Some projects were able to fix this issue and are not at risk, but those who didn’t do it, can decide whether to perform contract upgrades based on their own considerations.
“NGD has already reached out to all concerned projects and informed them of the issue, along with releasing development guidance on how to address this vulnerability. NGD suggests project teams to use the contract upgrade API on the NEO fundamental layer to upgrade the affected smart contracts,” explains the statement.
It is important to mention that NEO ecosystem projects have updated their users about the situation.
Blockchain Store explained that their tech team have tested the deployed BCS smart contract on Testnet. The say that BCS does not have any of the security problems mentioned.
DeepBrain Chain has also informed its users that it has not been affected by this vulnerability, the same as Qlink, Red Pulse, and Trinity.
City of Zion Bounty Program
City of Zion, launched their first software bounty program that aims to bring new talent into the NEO ecosystem through development of open source software. The software bounty program will ask developers to explore improvements to the dBFT protocol used on the NEO network, and $50,000 dollars will be the rewards to the best implementation paid in NEO and GAS.
The information released by NeoNewsToday reads as follows:
“CoZ note that it is not asking for the community to develop a full consensus node, and is only looking for code that ‘demonstrates the performance characteristics of many approaches to consensus’ and ‘can be ported and reused in future node implementations.’”
China Blockchain Ratings
Good news for NEO and its rank in the Chinese IT Ministry cryptocurrency ratings. NEO was ranked 4 out of 28 virtual currencies in a report presented by China’s Ministry of Industry and Information Technology.
According to the ranking, the top 5 cryptocurrencies ranked were Ethereum, Steem, Lisk, NEO, and Komodo. The ranking has been elaborated taking into account technology, application and creativity. In the application index, it was ranked first, doubling the score of virtual currencies like Bitcoin, Waves, Cardano, and others.
Bridge App Preview
Bridge Protocol, a suite of tools for blockchain processes, has released a preview of its mobile app and announced a new chief systems architect known as Alex Guba. The information has been released by the company on May the 18th.
Alex Guba is a member of the City of Zion, NEO development community, and maintainer of neo-sharp, a node implementation for the NEO blockchain.
The Bridge Protocol Identity Access app aims to make it easy for users to control digital identities. Moreover, individuals are able to submit KYC documents from within the app and maintain their credentials from within the application.
Switcheo Exchange Resumes Trading
On May the 17th, the Switcheo exchange was able to resume trading amid a series of trading halts and exchange downtime due to maintenance. In a blog post, Jack Yeu, co-founder of Switcheo Network said:
“Switcheo will resume trading the NEO/GAS pair on the V1 exchange contract next week, to allow users to extract fractional NEO value out of the contract. The team will be supplying additional GAS at or blow market rate (based on 3rd party exchanges), so users do not have to worry about liquidity.”