The team behind the decentralized Domain Name Server (DNS) project, Handshake, recently patched a bug that could have inflated the supply of HNS coins.
When it existed in Handshake’s code, the bug was never exploited and no user funds or domain data were compromised, Handshake’s developers wrote in a post.
“A flaw was discovered in the Handshake protocol that could unintentionally increase the total HNS coin supply beyond its designed limits,” according to the post. “A user with a reserved name claim could have accidentally generated small amounts of extra HNS by modifying their wallet. In the worst-case scenario, a malicious miner could generate nearly unlimited extra HNS in every block. The bug was never exploited and is now fixed.”
The team advises miners and node operators to update to the newest version ASAP.
Handshake is a decentralized domain name service wherein users can purchase Handshake names, an alternative to the DNS identifiers traditionally used for accessing websites (Handshake users pay for these in HNS token). Per the blog post, the bug would have given users who have claimed Handshake names the ability to accidentally print extra HNS tokens.
Handshake inflation bug
Matthew Zipkin, former developer at BitGo and a contributor to Bcoin, alerted the team of the vulnerability on March 24. From here, Handshake developer (and Lightning Network architect) Joseph Poon and fellow Handshake dev Christopher Jeffrey coded fixes that were rolled out to HNS mining pools first.
The team approached miners like F2Pool and Poolin first because the bug required overhauling Handshake’s code, according to the post.
“This flaw is not just an implementation bug that could be fixed with a software patch. It is a problem with the design of the Handshake protocol and so it affects every user and all full nodes. The only way to fix this kind of issue is with a soft fork, which adds new rules to the protocol and is enforced by miners,” the team said.
“Soft forks” are blockchain upgrades where new versions of a software are made compatible with older versions and, as the post admits, they typically occur with total community involvement. Handshake’s team executed this emergency soft fork because “the flaw could not be disclosed until the new protocol rules were in place and enforced by as much hashrate as possible,” the team said in the post.