A flaw in the TRON (TRX) wallet could have led to a network-wide freeze, showed a recent disclosure on HackerOne, the bug bounty service that is used widely by cryptocurrency projects. A wallet feature allowed any user with a single machine to consume the resources of multiple SuperRepresentatives, essentially breaking the network consensus and freezing transactions.
“A single request to submit a post to /wallet/deploycontract with several megabytes of bytecode along with CPU intensive long parsing will consume CPU for about 10 minutes while still holding several megabytes of bytecode in heap. With enough requests (lets say 1K-10K depending upon avai...