Mercury Layer v0.2.0 Released: Critical Fixes for Backup Transaction Vulnerabilities
The Mercury Layer, a Layer 2 protocol for Bitcoin designed to facilitate self-custodial transfer of coins without requiring on-chain transactions, has released an important update. Version 0.2.0 addresses vulnerabilities in backup transactions that could have been exploited by malicious actors to bypass verification checks.
In a statement, Tom Trevethan, CTO at CommerceBlock, highlighted the significance of the update: “This update fixes vulnerabilities related to malicious backup transactions bypassing receiver verification checks. We've revamped the way backup transaction checks are constructed to ensure robust security."
Key Enhancements in v0.2.0:
Verification of Backup Transaction Construction: A more secure approach to constructing backup transactions has been implemented to prevent exploits.
nLocktime Checks Against Current Block Height: Transactions now validate their lock times against the current block height, adding another layer of protection.
nSequence Set to Zero in Backup Transactions: Backup transactions will now have their nSequence values set to zero, preventing potential manipulation by malicious entities.
These improvements aim to strengthen the Mercury Layer’s security framework, ensuring safer self-custodial Bitcoin transfers on its Layer 2 protocol.
For more details on the vulnerabilities and the technical specifics of the fixes, the full disclosure can be found in the Vulnerabilities Report.
Read More
Latest
