Chia Network Reissues Its Asset Token to Address Security Vulnerability

The smart transaction platform will upgrade its chia asset token (CAT) to a new token, CAT2, to address a potential security weaknesses.

AccessTimeIconJul 25, 2022 at 5:00 p.m. UTC
Updated May 11, 2023 at 5:38 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global event for everything crypto, blockchain and Web3.Register Now

Chia Network, the energy-efficient blockchain and smart transaction platform, will replace its 7-month-old chia asset tokens (CATs) with a new token to address a security vulnerability that it uncovered after an outside auditor detected potential weaknesses with the token’s standard, the company said in a blog post.

Chia will halt what it now is calling CAT1 on July 26 at 5 p.m. (UTC) after block height 2,311,760 and begin supporting its re-issuance as CAT2.

San Francisco-based Chia, the brainchild of BitTorrent founder Bram Cohen, discovered the weak point after the auditor, Trail of Bits, “raised a potential class of vulnerabilities,” prompting Chia to probe more deeply, the blog post says. Chia determined that while holders’ CATs were safe, one risk area was potentially significant enough to warrant the change to CAT2.

“It took quite a bit of digging on our part to get to a high degree of confidence that this isn’t just a window dressing level of vulnerability. This is a serious vulnerability. We should end-of-life CAT1, patch it and upgrade everybody to CAT2,” Paul Hainsworth, Chia’s vice president of product, told CoinDesk in a phone interview. Hainsworth added that the firm had installed a round-the-clock monitor shortly after Trail of Bits noted its concerns to ensure no one’s CAT had been compromised.

A number of blockchain protocols hire auditors to look for weaknesses, but token re-issuances are infrequent. Hainsworth said that as “an enterprise and institutional-focused blockchain,” the company has made security issues a priority and conducts regular audits of new releases. Chia engaged Trail of Bits, a respected security audit firm, in December, a month before launching the CAT.

Chia created CATs as cryptographic primitives that allow individuals to issue tokenized versions of stocks, bonds and other assets, on top of the Chia blockchain. They are separate from the Chia blockchain’s native XCH cryptocurrency. Cryptographic primitives are algorithms that serve as building blocks for cryptographic protocols in computer systems. “CATs are an artifact that are actually built on top of XCH,” Hainsworth said. “It’s a separate type of asset altogether.”

He added that the upgrade would not affect XCH, although Chia will ask holders to cancel in-progress offers to sell XCH for CAT1s, so they don’t wind up with “worthless tokens.”

Next steps for CAT token holders

The CAT1 end-of-life point will serve as a reference for re-issuance of CATs. For example, holders with 1,000 USDS in CAT1 in their wallets at the end-of-life block height will receive the same amount in CAT2 via an issuer, such as Stably.

Chia has asked holders to upgrade to a 1.5.0 wallet to enable the re-issuance. The company has created a website that can also be reached via the wallet to view historical CAT1 balances and compare them to CAT2 balances in the new wallet.

Separately, Chia has asked holders to cancel any offers that may be in progress

“End users should be made ‘whole’ on the CAT1 holdings,” the company said in a statement that will be available on the Chia blog.


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

James Rubin

James Rubin was CoinDesk's U.S. news editor based on the West Coast.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.