Analysts portal Messari disclosed serious inflation bug that happened in the Stellar network in April 2017. Then this incident went almost unnoticed.
According to them, an intruder with the bug in the function “MergeOPFrame::doApply” Protocol, Stellar has created about 2.25 billion XLM (at the time approximately $10 million).
Subsequently, the coins were transferred to the exchange and probably sold in the first half of 2017. Analysts were able to discover the history related to the bug of transactions through the customer Horizon, the browser blocks it is not available.
“The issue was about a quarter of all coins in circulation as of April 2017, however, the Stellar Development Foundation has not publicized the incident at the proper level. Subsequently, in order to maintain parity, the developers took the decision to destroy the corresponding amount of XLM from the reserves of the community,” said the researchers.
Preliminary fix for bug was introduced by the founder of Stellar jed Machalaba April 6, but until its official release on 30 April, the attack vector remains open.
In turn, representatives of Stellar said that a couple of times mentioned the use of bug in the release notes and since then significantly revised standards disclosure of information.
“After this incident worthy of such attention, bugs in the Protocol were not found”, — said the representative of Stellar.
We will remind, in November of 2018, the network was seen Stellar transaction on billions of tokens XLM carried out by the same address. The total amount of remittances exceeded then available on the market offer coins, however it soon became clear that the transaction was fake.