Researchers have uncovered details about a critical flaw currently being patched in the Move virtual machine that powers the Aptos blockchain network.
The vulnerability “can crash Aptos nodes and cause a denial of service,” says Singapore-based Numen Cyber โโLabs. Said In a technical article published earlier this month.
Aptos is Newcomer in the blockchain space launch this is mainnet October 17, 2022. It has its roots in the Diem stablecoin payment system proposed by Meta (formerly Facebook), Novi.
The network is built using a platform-agnostic programming language. movea Rust-based system. design Implement and execute smart contracts in a secure manner runtime environmentMove Virtual Machine (aka MoveVM).
of Vulnerability Identified by Numen Cyber โโLabs is the Move language validation module (“stack_usage_verifier.rs“), the component to verify bytecode instructions Before running on MoveVM.
In particular, Integer overflow vulnerability in the stack base Web3 programming language that causes undefined behavior and can crash.
Since this vulnerability occurs in the Move execution module, when the bytecode code is executed against any node on the chain, [Denial-of-Service] attack,โ the cybersecurity firm explained.
โIn severe cases, the Aptos network could come to a complete outage, causing immeasurable damage and severely impacting node stability.โ
