Dear BITG Community,
We’d like to inform you about a recent exploit involving stake weight manipulation designed to abuse a bug with masternode list synchronization. Our team previously identified a vulnerability present in all PIVX forks; it allowed a user to redirect masternode rewards to their balance with ease. This vulnerability was present the BITG codebase, and allowed a bad actor in our network to receive upwards of 30% of daily masternode rewards with a small staking balance. This exploit was previously identified as non-threatening by our team, but recently became a major concern. We noticed increasing amounts of BITG per day being incorrectly awarded to said individuals wallet since mid-July. We initially identified the issue quickly and reduced the individual to below 10% of rewards within 24 hours while waiting on a temporary fix. As of block 798743 we have initiated a temporary fix to stop the exploiter. The impact of this exploit on the BITG ecosystem has been minimal, and there have been no identifiable errors in the BITG chain’s validity (ie, no double spend or randomly minted coins). Total supply was not affected. As a precautionary measure, we have asked all exchanges to temporarily disable deposits and withdrawals.
We’ve been preparing a major tech upgrade which includes a permanent fix for this vulnerability. The fully updated BitGreen codebase will be ready in the next few weeks and includes deterministic masternodes to solve the current issue with list synchronization. This update will greatly increase the stability of our chain, and will also enable atomic swaps and other key functionalities which are crucial to implementing the new BitGreen ecosystem and our first utility use case.
In the immediate term we must issue a temporary fix. There will be a temporary fork immediately as of Block 798743 which will prevent the masternode reward exploiters. The minimum staking input will be raised to 200 BITG, the block time will be set to 2 minutes, and block rewards will be lowered to 1 (increased back to 10 with main update end of month). This will prevent the exploiters from earning thousands of BITG daily while we finalize the new codebase build. Again, this patch is a temporary fix and will last for the 2–3 weeks that we need to prepare BITG’s biggest tech upgrade yet.
Masternode / Wallet Upgrade Guide:
Our first in a series of BitGreen updates will be released via YouTube interview tomorrow. We are focused on sharing the new vision for BitGreen as we expand our team, secure new exchange listings, create partnerships, and push use cases, and utilities for the BITG blockchain.
Stay tuned and we look forward to an exciting second half of the year!
The BITG Team