olalonde / proof-of-liabilities

Proof of Liabilities (PoL) is a scheme designed to let companies that accept monetary deposits from consumers (e.g. Bitcoin exchanges, gambling websites, online Bitcoin wallets, etc.) prove their total amount of deposits (their liabilities) without compromising the privacy of individual users.
http://olalonde.github.io/proof-of-liabilities
MIT License
106 stars 37 forks source link

Vulnerability in node-combining function #31

Open charlescharles opened 10 years ago

charlescharles commented 10 years ago

Hi @olalonde,

I think there is a vulnerability in the node combining function, node.hash = sha256(string(node.sum) + ...)). I've posted a thread on it on BTCTalk here: https://bitcointalk.org/index.php?topic=814935.0 -- please let me know if it's not clear!