Coinbase’s trading infrastructure was found to be vulnerable to a flaw. It happened Friday afternoon. Done by the anonymous online white-hat hacker Tree of Alpha. Traders using the company’s new Advanced Trading platform were also temporarily unable to conduct business.
Around 1 p.m. ET on Friday, @Tree of Alpha piqued the interest of Coinbase executives. Done by tweeting that they had discovered a “possibly market-nuking” issue. Also, it was filing a HackerOne report.
HackerOne is a network that manages bug bounty schemes for businesses such as Coinbase.
The Hacker
According to the white-hat hacker, the weakness was significant. It also might enable devious individuals to push all Coinbase order books to unreasonable rates.
Coinbase is among the biggest crypto exchanges. Oracles use its price data as inputs. Additionally, it establishes the genuine pricing of tokens for services like DeFi networks.
After the original post generated concern in the cryptocurrency community, Tree of Alpha sent a follow-up tweet. Moreover, according to the Coinbase statement, no real Coinbase repositories were accessed.
Coinbase Reaction
Within two hours following the Tree of Alpha’s original tweet, the Coinbase Support Twitter account posted. It reported that Coinbase was suspending transactions. It will use new Advanced Trading platform. They cited it as a technical issues. Additionally, the fact that the service will continue to operate. There will be no new purchases approved. It is only available to a limited number of customers.
Coinbase tweeted at roughly 6 p.m. ET that it had re-enabled the entire operation for retail advanced trading.
Coinbase CEO Brian Armstrong expressed his gratitude for Tree of Alpha’s cooperation in a public post. He stated that Tree of Alpha was amazing. Also, he added on to say how grateful he was to the hacker for collaborating with their team. On top of that, is how much he appreciated how the cryptocurrency society assisted each other.
White-hat Hacker
This was not the first occasion Tree of Alpha has alerted important cryptocurrency organizations to flaws in their programming.
Tree of Alpha alerted CoinDesk last month about a problem with the platform’s content management system (CMS). The vulnerability enabled skilled programmers to examine the news stories of CoinDesk articles kept as drafts. Also, it allows them to make investment judgments relying on non-publicized data. Since then, the problem has been rectified.
Tree of Alpha also investigated Tesla’s webpage. Tweeting that the corporation was ready to accept cryptocurrency payments one day prior to CEO Elon Musk’s official Jan. 14 statement that Tesla items would be available for purchase in Dogecoin.
Tree of Alpha tests websites exposes data. When trading, it is possible to leverage your position. Now and then, the clever hacker discovers a serious weakness and reports it.
It was decided to look into their intentions more thoroughly. Specially for tweeting out an alpha (active return on investment). The hacker replied that they only expose and seek to block an alpha once it has grown too common. The Coinbase incident, on the other hand, was not an alpha. According to the hacker, this was a severe vulnerability that might have thrown the market into chaos.
