Libra vulnerabilities found and patched, but not by Facebook
The social media giant’s stablecoin has a few wrinkles that need to be ironed out
Facebook has been bragging about its new Libra stablecoin as the next big innovation for the cryptocurrency space, and one that would be a complete game-changer for the entire world.
Lawmakers and regulators haven’t been as convinced, which is why both Facebook and the Libra Project have been scrutinized extensively and raked over the coals. It’s probably a good thing, too, since there are apparently issues with the Libra code that make it vulnerable to hackers.
With billions of dollars and an endless supply of tech resources at its disposal, Facebook wasn’t able to identify the vulnerabilities itself. A startup, cryptocurrency audit firm OpenZeppelin, discovered the issues.
The problems relate to a scripting language that Facebook created for Libra called Move and which could allow a malicious person to inject code to smart contracts disguised as comments on the platform.
OpenZeppelin took the initiative and repaired the issue, explaining, “The good news is that it was found and patched before the platform was live. Issues once thought of as benign can become more severe in the blockchain setting because auditability substitutes for trust.”
Libra is still a long way away from being launched to the world. Regulators in several countries aren’t convinced that Facebook is ready to take on such a huge responsibility and Libra’s ability to comply with regulations established by the Financial Action Task Force (FATF) has been called into question. The Under Secretary of Terrorism and Financial Intelligence for the US Treasury, Sigal Mandelker, asserted this week that Libra will have to be in compliance or it won’t be allowed to operate.