Binance Chain was hacked with almost $600M of asset value with roughly $90M being moved out of the Binance ecosystem. In this writeup, we write an analysis of the exploit used and suggest fixes.
Thanks a lot for the write-up!
I'm having trouble understanding how the attack works in detail, though.
The problem is that I can't make sense of the example. First of all, in the first diagram, it says that left = nil but there is a left tree. What does that mean?
Also, the example should have 4 leaves but I can only see 2. Where are the other 2?
I think it would help if you provided a minimal example of a complete tree and the changes made during the attack.