An Ethereum transaction privacy platform, Tornado.cash, has exposed transaction details of some of its users due to a UI bug.
Those affected in the ordeal were closed to a hundred with their supposed-hidden information revealed unintentionally by the platform.
The trustless smart contract-based Ethereum mixer, Tornado.cash, which boasts of completely secured transaction, said it received a vulnerability report on its UI from @epheph.
The vulnerability report highlighted that just 12 users and a total of 13.2 ETH (2,416.00 United States Dollar) got affected in the process.
The platform enjoined those who made deposit through the twelve addresses stated below to withdraw their notes as soon as possible, urging them to make immediate re-deposit as a new note since the bug has been fixed.
“Additionally, 86 deposits, that were already withdrawn, might have their privacy compromised,” Tornado.cash said in an update, however, the project stated that all other deposits are secured since the bugs have been fixed.
“Since the issue was only on the UI side, smart contracts remained safe,” the update stated.
Tornado.cash is one of the project financed through the Gitcoin Grant. The platform recently received $31,200 as the biggest winner of the grant this time around.
Gitcoin which is an Ethereum-based platform focused on crowdfunding for open-source software projects. Gitcoin Grants is a pool of fund set aside to finance some voted Ethereum projects.
Ethereum’s Vitalik Buterin Supports Tornado.cash
In his recent review of Gitcoin Grants recipients, Vitalik Buterin, the co-founder of Ethereum, said Tornado.cash became popular in the Ethereum community owing to the need for a high level of blockchain privacy.
“If they continue receiving such an amount every two months then this would allow them to pay two people $7,800 per month each – meaning that the hoped-for milestone of seeing the first “quadratic freelancer” may have already been reached,” Vitalik said about the project.