Ethereum-Based “Stock” Exchange DX Plagued with Security Issues
The highly anticipated Ethereum-based “stock” exchange, DX, launched this week! Despite the vast enthusiasm for the project, problems were immediately discovered regarding the company’s security. The launch on January 7th was only a soft launch, but traders aren’t pleased with the lack of security the platform has initially provided.
— DX.Exchange (@DXdotExchange) January 7, 2019
At launch, the exchange reported a few outages as the site couldn’t handle the traffic that was being brought to it. What intrigued most investors was DX’s promise that it would have major tech stocks like Apple and Tesla on the exchange from the start. To bypass US security laws, the Ethereum-based exchange is not open to US residents.
However, DX’s CEO and co-founder recently just made claims that the exchange will hit the US sometime this year. How they will get that approved by the SEC is beyond me. Especially considering the public companies being listed on the exchange don’t benefit whatsoever from the listing.
DX’s soft launch exposed an array of issues with the platform that investors weren’t pleased with.
Ouch that one looks bad!!!!!
FA analysis = pretty basic for 2019.
TA = not enough data yet.
Mcap = heavily over valued.
I’d be looking to dump that one for something with way way way better risk:reward. You’ll be lucky to hit a 300% on that during #altszn.
— JESSE ℂOUℂℍ (@jessecouch) January 7, 2019
An anonymous trader told CCN that he created a dummy account of the site, in order to test its robustness, and discovered shocking details. Allegedly, the trader found that the request he sent from his browser to the exchange included information about the authenticated token and the user’s details to access the account.
In addition to the private and public keys, the information included the password reset link. Basically, the trader could fully access any affected account of the user’s account if it wasn’t already logged out of. Furthermore, he found he could access some accounts even after the user had logged out.
The Ethereum-based exchange quickly caught wind of this and took action.
WE SCHEDULED FOR TODAY AT 11:00 AM (ESTONIA TIME ZONE) A MAINTENANCE UPDATE TO IMPROVE OUR PLATFORM FUNCTIONALITY AND PERFORM SEVERAL BUG FIXES AND UPDATES. THE PLATFORM WILL COME BACK FULLY FUNCTIONAL AFTER FEW MINUTES. THANK YOU FOR YOUR PATIENCE
— DX.Exchange (@DXdotExchange) January 9, 2019
Shortly after, DX published a blog post of the incident addressing the patches placed in their security issues. If you live outside the US and were considering trading on the DX platform, I strongly recommend you hold off—for now.
Featured Image: Depositphotos © Cpifbg13