“Solana killer” by former Meta developers is under threat: could other blockchains also be affected?

The Aptos blockchain network, which has been called “Solana killer,” found itself in the media spotlight, not at all because of the promise of super features. The former Meta developers who worked on the project overlooked something, and the notorious platform was launched unsuccessfully and works with failures. In this case, the creators are supposedly aware of the problems, but deliberately play them down. Thus, Aptos does not reach Solana at all. But this is not the end yet. Aptos’ problems could be found in other blockchains.

Don’t Move!

A cybersecurity vendor and solution provider based in Singapore, Numen Cyber Technology, discovered a critical-level security vulnerability in the Move Virtual Machine (VM)The MoveVM executes transactions expressed in the Move bytecode. of the Aptos public chain. The problem turned out to be in the Move by Libra — a smart contract programming language (based on Rust), which is also used in other large projects. For example, in Sui, DiemFormerly known as Libra — a blockchain-based stablecoin payment system proposed by the American social media company Meta Platforms.. 

The bug is mainly related to the StackUsageVerifier::verify module. The vulnerability occurs within the verify process CodeUnitVerifier::verify_script(config, script)? ; function. The vulnerability occurs during stack security checks.

“Since this vulnerability occurs in the Move execution module, for nodes on the chain, if the bytecode code is executed, it will cause a DoS attack. In severe cases, the Aptos network can be completely stopped, which will cause incalculable damage, and have a serious impact on the stability of the node,” the researchers stated.

Numen Cyber Labs experts said they told Aptos about the problem, and they fixed the bug. It is not known how Sui is dealing with the glitch.