Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
TRON DAO Completes Security Assessment Conducted by ChainSecurity, Strengthening Network Integrity

TRON DAO Completes Security Assessment Conducted by ChainSecurity, Strengthening Network Integrity

The BlockThe Block2024/09/29 16:00
By:The Block

Geneva, Switzerland – September 30, 2024 – TRON DAO has successfully completed a security assessment of its Java-Tron client, conducted by leading blockchain security firm ChainSecurity . The assessment, which focused on key components such as the TRON Virtual Machine (TVM), consensus mechanisms, and Peer-to-Peer (P2P) interactions, aimed to proactively identify and resolve any vulnerabilities that could potentially affect the TRON blockchain’s performance, including transaction execution, block generation, and consensus operations.

Key Findings and Solutions

ChainSecurity uncovered several vulnerabilities that, if exploited, could have impacted network performance or even caused disruptions. The TRON development team acted swiftly to address these issues. Below are some of the most notable findings and the solutions that were implemented to ensure network stability and security:

1. PBFT Messages Creating State Expansion

A significant issue was found with PBFT (Practical Byzantine Fault Tolerance) messages, which could have caused unbounded memory expansion, potentially leading to a Denial-of-Service (DoS) attack.

Solution: The system was updated to ensure PBFT messages are only processed when PBFT is enabled, preventing excessive memory consumption.

2. Unpermissioned Censoring of Fork Blocks

An attacker could have censored legitimate fork blocks by creating a fork chain with fake blocks. Upon detection, the entire fork, including valid blocks, would have been discarded.

Solution: The new code now filters out blocks from invalid producers before processing, ensuring network consistency.

3. Resource Consumption by Blocks Not Signed by Witnesses

The assessment revealed that blocks without witness signatures were still being processed, consuming valuable resources such as memory, storage, and CPU.

Solution: Blocks failing the signature check are now discarded immediately, preventing unnecessary resource usage and safeguarding network performance.

TRON DAO’s Commitment to Security

Commenting on the collaboration, a Founding Partner & Head of Sales, Emilie Raffo from ChainSecurity said: "It's always a pleasure getting on-boarded into new ecosystems and being able to provide value. We worked closely with the TRON team to identify and resolve vulnerabilities, strengthening the network’s overall security and performance. We look forward to many more years of fruitful collaboration to secure the TRON ecosystem."

Dave Uhryniak, Community Spokesperson for TRON DAO, further stated: “Security is paramount to the growth and trust within any blockchain ecosystem. ChainSecurity’s security assessment of TRON has further strengthened our network’s resilience, ensuring that we continue to provide a secure and efficient platform for our global user base. This marks another milestone in our ongoing commitment to enhance the safety and reliability of the TRON network.”

TRON DAO’s collaboration with ChainSecurity highlights its dedication to proactively identifying and resolving security challenges. This security assessment reinforces TRON’s commitment to protecting user assets and data across its network.

Enhanced Security for TRON’s Ecosystem

With these issues identified and resolved, TRON’s security infrastructure has been significantly strengthened, ensuring that the network continues to operate at an optimal level. ChainSecurity’s assessment reaffirms TRON’s dedication to maintaining the highest standards of security, providing a safe and reliable environment for its global user base.

 

Want to Learn More?

For a detailed breakdown of the findings and solutions, check out the full security assessment report: ChainSecurity Java-Tron Security Assessment Report .

 

About TRON DAO

TRON DAO is a community-governed DAO dedicated to accelerating the decentralization of the internet via blockchain technology and dApps.

Founded in September 2017 by H.E. Justin Sun, the TRON network has continued to deliver impressive achievements since MainNet launch in May 2018. July 2018 also marked the ecosystem integration of BitTorrent, a pioneer in decentralized Web3 services boasting over 100 million monthly active users. The TRON network has gained incredible traction in recent years. As of September 2024, it has over 256 million total user accounts on the blockchain, more than 8 billion total transactions, and over $20 billion in total value locked (TVL), as reported on TRONSCAN. 

In addition, TRON hosts the largest circulating supply of USD Tether (USDT) stablecoin across the globe, overtaking USDT on Ethereum since April 2021. The TRON network completed full decentralization in December 2021 and is now a community-governed DAO. Most recently in October 2022, TRON was designated as the national blockchain for the Commonwealth of Dominica, which marks the first time a major public blockchain partnered with a sovereign nation to develop its national blockchain infrastructure. On top of the government’s endorsement to issue Dominica Coin (“DMC”), a blockchain-based fan token to help promote Dominica’s global fanfare, seven existing TRON-based tokens - TRX, BTT, NFT, JST, USDD, USDT, TUSD, have been granted statutory status as authorized digital currency and medium of exchange in the country.

TRONNetwork | TRONDAO | Twitter | YouTube | Telegram | Discord | Reddit | GitHub | Medium | Forum

 

Media Contact

Yeweon Park

[email protected]

 

About ChainSecurity 

ChainSecurity is among the oldest and most trusted smart contract audit companies. Their team conducts smart contract audits since 2017 and is trusted by long-term partners, such as MakerDAO, Circle, Curve, Lido, TRON, Compound, Yearn, Tether, Argent, FUEL and others.

In addition to its history of responsible vulnerability disclosures, in the Ethereum protocol itself and in live smart contract code, ChainSecurity has a history of developing new security tools and discovering new types of vulnerabilities.

 

Media Contact

ChainSecurity Marketing Team

[email protected]

 

This post is commissioned by TRON DAO and does not serve as a testimonial or endorsement by The Block. This post is for informational purposes only and should not be relied upon as a basis for investment, tax, legal or other advice. You should conduct your own research and consult independent counsel and advisors on the matters discussed within this post. Past performance of any asset is not indicative of future results.


0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

Bitcoin is about to break 100,000 dollars, while altcoins are underwhelming

Market liquidity shows a trend of centralization, and the sentiment for crypto compliance still needs to be realized.

Chaincatcher2024/11/21 12:00

TikTok Meme is here: After spending a night watching videos, my account lost 50%

Can TikTok serve as a traffic hub to attract a large number of Web2 users into Web3?

Chaincatcher2024/11/21 12:00

The popular TikTok meme has a value of 600 million dollars in the cryptocurrency world, reviewing Chillguy's rapid rise to fame

"That year I had my hands in my pockets, not knowing what a rival was."

Chaincatcher2024/11/21 12:00

What the US election outcome spurred in crypto land

Senator Cynthia Lummis hopes a US strategic bitcoin reserve can be teed up for “adoption in 2025”

Blockworks2024/11/21 11:11