NEO Token Vulnerability Exposed

During the weekend, reports have aired with regards to a vulnerability located within NEO tokens. The vulnerability was found within the code of some NEP-5 Smart Contracts, according to a press release on the NEO website. The actual NEO blockchain was not affected by this. According to NEO:

“There are several NEP-5 tokens affected by this issue. By exploiting this vulnerability, an attacker could make changes to the contract storage. An attacker can burn a certain amount of tokens and change the status of totalSupply within the contract. However, such an attack can only change the show value of totalSupply. It will not change the actual supply volume. In addition, the cost of this attack would be very high. Therefore, we consider the risk of damage from this attack very limited.”

From the reports seen, it does look as if NEO have acted in a very timely manner here and thus have managed to reduce risk to any parties concerned in the most effective way possible. Anybody who could be affected by this should have been contacted by NEO Global Development, who have in turn advised the parties concerned on what actions need to be taken in order to update and secure a fix. According to NEO:

“NGD has already reached out to all concerned projects and informed them of the issue, along with releasing development guidance on how to address this vulnerability. NGD suggests project teams to use the contract upgrade API on the NEO fundamental layer to upgrade the affected smart contract. Projects will handle the implementation based on their own considerations.”

Further guidance regarding this matter can be found here- https://github.com/neo-project/proposals/blob/nep5amendment/nep-5.mediawiki Overall, it is important that when such issues do arise they are dealt with in an efficient manner. From what we can see here, the NEO team have worked very hard to control any potential damage and thus, as a result of this, the news of the vulnerability has not had a clear or profound impact on the value of NEO. At the time of writing, NEO is valued at $63.07 and is up 4.19%. Overall, NEO is recovering from a week or so of negative movements, soon enough we may very well see NEO as a contender for the top ten currencies once more. I believe this provides an excellent example of a team who are capable of ensuring that their customers safety and security is at the fore of their work and their motivations. It may seem trivial, but in the grand scheme of things, these sorts of events can have a big impact on how people perceive cryptocurrencies worldwide, good work NEO!