New Open-Source Code Vulnerability Was Found and Fixed In Facebook’s Libra
A recently discovered vulnerability on the open-source protocol of Facebook’s Libra was just fixed. The vulnerability was originally discovered by OpenZeppelin, a third-party audit company that is focused on crypto products.
The developers of the company have found some vulnerabilities in the scripting language created by Facebook, which is called Move. According to the company, the vulnerabilities were pretty severe and could lead to huge problems if the code went online before they were addressed.
OpenZeppelin’s CEO Demian Brener affirmed that one of the vulnerabilities allowed hackers to use smart contracts disguised as inline comments and they could use it to steal money. Fortunately, the issues have been patched as soon as possible, so these flaws will never actually see the light of day.
The auditor company was originally created back in 2015 and it has worked with several high-profile initiatives so far, including organizations such as the Ethereum Foundation, Coinbase, and the Brave browser.
The Move script was mostly devised by the developers of Calibra, the company created by Facebook to handle the project. They have defined the most important features of the technology, but since the code is open, anyone can give their opinions on what works or not.
According to Brener, audits are becoming more important to the industry each day. Crypto projects are getting considerably bigger as time passes, so more third-party audits are needed for them to work well, as no team can completely audit them alone.
Libra has a very complex system, just like many other recent tokens. These products will be used to manage a lot of money, so making sure that they work well is needed.