Logic Bug: BETH coins are non-transferable due to immutable coinOwner mapping in spendCoin

[pythonmasterseo]

Status: [RETRACTED - PRIVATE DISCLOSURE]

I have redacted the technical details of this report. Public disclosure of logic vulnerabilities in a live privacy protocol poses a significant risk to user funds and the integrity of the system.

Summary:A logic flaw was identified in the spendCoin ownership assignment. This issue appears to have been overlooked in previous security reviews by Hashlock and yAudit. Given the potential impact on user assets, I have immediately moved the disclosure to a private channel to ensure a secure fix.

Action Taken:I have sent a full detailed report, including a Proof of Concept and the recommended fix, directly to the lead maintainer at keyvankambakhsh@gmail.com.

I apologize for the initial public post. My goal is to ensure the project's security remains robust while adhering to responsible disclosure practices.

Next Steps:I will wait for the team's response and confirmation of the fix before discussing any technical details publicly.