As per an official statement released on December 24, the development team which is working behind altcoin Bitcoin Private (BTCP) has confirmed mining of around 2.04 million units of BTCP “that were never intended to exist on the blockchain,”
Coin Metrics which is digital assets analytics website had published in an article dated December 23 that an additional 2.04 million units of altcoin Bitcoin Private (BTCP) were secretly minted at the time of importing Bitcoin (BTC) chain data. These were worth around $3.9 million at the time of writing the article. According to the project’s white paper, the initial supply of BTCP is around 20.4 million coins, while post this secretly pre-mined BTCP, the count made “the initial supply to 22.6 million.”
Soon after receiving the reports, the BTCP core team “immediately launched an investigation to ascertain whether or not the alleged findings of an additional amount of BTCP coins were true.” As per a latest released official statement, the team post conducting an internal audit, the team said that Coin Metrics’ findings were “mathematically accurate.” The team also said that “However, at this time, the source, purpose, and recipient of this exploit is currently unknown to the Bitcoin Private Contribution Team.”
The BTCP team also mentioned that they had “no prior knowledge” of the issue until Coin Metrics’ released the report, disclosing the issue.
The released statement also added the sequence of the events about the issue, disclosing that eventually there was a bounty posted for a specific issue, which was subsequently accepted by a developer, who then became a BTCP developer and was “promoted to a contributor on GitHub, allowing him to merge pull requests.”
Further adding to the sequence, the statement said that the developer then completed the issue, merged their own code, and received their reward. The BTCP team also noticed that one line missing in the code “allow[ed] the fork mine to be exploited due to the nodes not properly verifying the falsified fork blocks.” Soon after the bounty was received, the developer left the BTCP project.
The statement reads: “As the code was open source, and the fork-mine was announced on Twitter, anyone with sufficient blockchain development knowledge could have exploited it.”
The BTCP is still not clear on whether those minted coins were used or transferred to exchange or stored elsewhere. Concluding on the issue the team added in its statement that: “this particular exploit could only be taken advantage of during the fork mine, which already occurred earlier this year. Therefore, it is impossible for this particular bug to exploit to occur again, nor can it be further exploited.”
At the time of writing the article, BTCP was trading at around $1.97, down close to 7 percent over the last 24 hours.