Beam Discovers “Critical Vulnerability” in Its Wallet Software

The developers behind the recently released privacy-oriented cryptocurrency Beam announced on Wednesday that a “critical vulnerability” has been spotted in its wallet software.

Beam’s official Twitter account encouraged users to uninstall the Beam wallet application as soon as they can and download again a patched version of the application from its website.

The GitHub account of the group has warned the public against using the wallet software, stating that “details for the vulnerability and the CVE will be published within a week to avoid exploits.”

The GitHub page further reiterates:

“[The] Vulnerability affects all previously released Beam Wallets both Desktop and CLI. DO NOT DELETE THE DATABASE or any other wallet data. The vulnerability DOES NOT affect wallet data, secret keys or passwords.”

The announcement states that the discovery of the vulnerability of the wallet software was done solely by the Beam development team and no outside sources have been involved in the matter. CTO Alex Romanov mentioned in a Discord post that “the issue was already fixed” and further assured that the vulnerability did not affect miners and nodes.

The problem occurred just days after Beam went live using the privacy tech Mimblewimble. Beam is the first cryptocurrency to utilize the technology that presumably allows untraceable and confidential transactions. Beam launched earlier than Grin, another adopter of the technology that plans to launch next Tuesday.