Unidentified attackers exploited a Ravencoin vulnerability to coin extra RVNs “beyond the 5000 RVN per block coinbase,” Ravencoin lead developer Tron Black wrote in a post on Thursday.
According to Black, members of Ravencoin’s CryptoScope team, which developed Solus Explorer, recently reached out to the Ravencoin developer team with their findings.
The vulnerability was caused by a community code submission. “Law enforcement has been notified and are working with us,” Black said.
The extra coins increase the total supply of 21 billion RVN by 1.5% or the equivalent of 44 days of mining.
Ravencoin is an open source fork of bitcoin launched in 2018. It is designed to facilitate the transfer of resources from one party to another and users can create resources on the protocol that adhere to rules independent of those on the platform. The project website specifically calls the “Game of Thrones” reference to the Ravens as messengers of truth, which parallels the concept of blockchain as a technology for ultimate truth.
Black suggested that the Ravencoin community absorb the economic cost of extra RVN or move the coin halving 44 days earlier. Black did not return a request for comment within the press time.
“The vulnerability doesn’t allow for the theft of RVNs or assets you own and control, but minting has created RVN that shouldn’t exist,” Black said. “Because those RVNs have been transferred to a stock exchange and traded, they are mixed with other RVNs and therefore any programmatic attempt to burn them, with the support of miners and communities, would cause irreparable harm to innocent victims. At present, the burden has been shared among all RVN holders in proportion to their RVN holdings in the form of inflation. “
Black urged users to keep trading to a minimum until a correction is issued. It also stated that Ravencoin will not post details of the vulnerability until the fix has been implemented. At the moment, there is no history for when the chain will be updated.