Slow Fog: The old version of Mina's ecological wallet Clorio has a private key security vulnerability

2023-01-09 12:28:55

Collection

ChainCatcher news, according to Slow Mist intelligence, due to the weak entropy issue in versions prior to Mina JavaScript client-sdk v1.0.1, multiple users in the community have reported that their wallet private keys have been stolen. The Slow Mist security team has investigated and found that wallets created using Clorio Wallet v0.1.1 and Clorio Wallet v0.1.0 are at risk of being compromised.

It is recommended that users who have created wallets using Clorio Wallet v0.1.1 or Clorio Wallet v0.1.0 (May 28, 2021) ensure that they update their wallets to the latest version (Clorio Wallet v1.0.0) and recreate new wallet addresses, transferring funds to the newly created wallet addresses to ensure asset security. The vulnerable wallet versions are Clorio Wallet < v0.1.2, and the vulnerable client-sdk version is o1labs/client-sdk < 1.0.1. (source link)

Related tags

Mina Clorio security vulnerability

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.