Coinbase’s new venture capital fund has announced a strategic investment in Compound, a startup that is building money market accounts for cryptocurrency investors.
Compound is the first project to receive venture funding from Coinbase as part of the company’s new efforts for fostering blockchain innovation. As CCN reported, Coinbase announced the new venture fund to incubate early-stage startups in the exploding industry.
Coinbase’s funding is part of a larger $8.2 million seed funding round, which pools other backers including Bain Capital Ventures, Andreessen Horowitz and Polychain Capital, with participation from Transmedia Capital, Compound Ventures, Abstract Ventures, Danhua Capital.
While other coin and token projects have debated ways to generate interest or dividend income, Compound has run with the idea. In a blog update, Salil Deshpande, Managing Director at Bain Capital Ventures, he states that current lending solutions for cryptoassets “are not good enough: they are either centralized and have substantial counterpart risk, or require robust order books for each type of cryptoasset, which generally do not exist.”
Compound’s mission is to put cryptoassets to work that now “sit idle on exchanges and in wallets, yielding no interest,” according Founder Robert Leshner in a blog update about the funding announcement.
“…when Compound launches it’s [sic] first money markets on the Ethereum blockchain, individuals, institutions and applications will earn interest on Ether, stablecoins and utility tokens, with complete liquidity — similar to the overnight rate for dollars and government currencies.”
The core technology behind Compound is a decentralized blockchain infrastructure that is centered around a series of open-source smart contracts. As part of the smart contracts, the interest rates for each asset adjust dynamically in response to the borrowing demand for that asset. An algorithm makes these adjustments in real time, according to the project’s whitepaper.
Compound hopes to attract borrowers such as hedge funds, sophisticated speculators, and other Ethereum applications.
As Compound’s technology aligns closely with Coinbase’s entrenched status as a company that is revolutionizing traditional finance, it is no small wonder why it has received the firm’s backing. The company’s target market of institutional investors is in line with Coinbase’s recent rolling out of a suite of tools for only these clients, as CCN reported on May 15.
Compound’s core technology also eases reporting, since each money market is transparent, auditable, and completely predictable. Coinbase itself has also worked hard on institutional-grade reporting as part of efforts for becoming an SEC-regulated brokerage.
Mozilla Closes Holes That Led to Coinbase Hacks
19-11707 – first appeared in April 15 and hackers used them to spear-phish Coinbase employees. When they visited sites linked in the email the browser would download a piece of spyware to steal logins and other data.
Some detail from the exploit suggests that the bug could escalate privileges outside of the “sandbox” where most Mozilla code runs:
Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed parent process opening web content chosen by a compromised child process. When combined with additional vulnerabilities this could result in executing arbitrary code on the user’s computer.
The two vulnerabilities combined to create a perfect storm, allowing hackers to run malware installers instantly. Researchers discovered the exploits on April 15 and they suspect that hackers saw them in Mozilla’s Bugzilla bug tracking database and exploited them before they could be patched. The hack did not effect Coinbase users.
Mozilla is asking users to update their browsers in order close these holes.
Coinbase CFO on speculative trading, Facebook’s Libra runs into trademark trouble and more
Crypto News – 22 June
Bitcoin now being embraced by the masses? As charted out by cryptocurrency analyst Kevin Rooke, BTC’s use the number of addresses holding the coin is “spreading”
Read more at https://bit.ly/31GKE8C
Kraken issues phishing warning: The Jesse Powell-led exchange sounded a warning to its customers that a “scam” involving the use a lookalike Punycode was in the works
Read more at https://bit.ly/2Xs5rO0
Tron DApps surge: Tron’s DApp surpassed EOS and Ethereum in weekly trading volume
Read more at https://bit.ly/2X0a4iY
Shelley goes live: In a recent development, Cardano released its Shelley testnet on June 21
Read more at https://bit.ly/2Y1AAVw
eToro tests Libra blockchain: According to the GitHub post, the team used specification targeting Ethereum blockchain to write and execute basic implementation to create a digital asset on Libra blockchain
Read more at https://bit.ly/2ZAP7I5
Google UX expert joins Bakkt: Former Google UX expert, Chris Peterson has hopped on to the Bitcoin Futures Exchange, Bakkt, to develop its upcoming project Bakkt Pay
Read more at https://bit.ly/2IWWzXm
Recent Firefox zero-day attack targeted Coinbase employees
It is being reported by ZDNet that the recent announcement made by Mozilla to update Firefox due to a vulnerability came from a specific attack that was unleashed against both Coinbase as well as other exchanges. Fortunately the attack was deterred and all funds are still safe.
Coinbase originally detected the attack on Monday and subsequently announced the following to Mozilla:
“On Monday, Coinbase detected & blocked an attempt by an attacker to leverage the reported 0-day, along with a separate 0-day Firefox sandbox escape, to target Coinbase employees.”
This is what prompted Mozilla to issue a patch for the code and immediately warn all users to update. What makes the story stranger though, is the fact that the exploit was originally on April 15th by Groß, a security researcher with Google Project Zero security team.
The article compiles a list of scenarios in which the attackers could have found out about the exploit, despite Mozilla not having disclosed the information yet:
“- the attackers discovered the same RCE bug on their own
– they obtained the info from an insider with access to Mozilla’s security bugs portal
– they compromised a Mozilla employee’s account and accessed the Bugzilla portal’s security section
– or, they hacked the Bugzilla portal, similar to an incident from 2015″
While it is unclear how it happened, what is important is that the software has been patched and Coinbase was able to intercept the attack before any issues arose. Philip Martin, a member of the Coinbase security team, is quoted:
“We walked back the entire attack, recovered and reported the 0-day to Firefox, pulled apart the malware and [infrastructure] used in the attack, and are working with various orgs to continue burning down [the] attacker’s infrastructure and digging into the attacker involved.”
For now, all is well, but this could have led to a major hack of one of the largest and most popular crypto exchanges out there. Will we see further attacks? Stick with Chepicap for all updates!
Help Chepicap to get listed in the Delta Portfolio App by voting HERE!