fbpx

Resource

Mina JavaScript Client SDK New Release

Users of Mina JavaScript client-sdk should upgrade to the 1.0.1 release of the client-sdk urgently.

Summary: Users of Mina JavaScript client-sdk should upgrade to the 1.0.1 release of the client-sdk urgently. Out of an abundance of caution, users who generated private keys using the getKeys() function of the prior releases of the client-sdk should also immediately move any funds to an address that was generated by an alternative method, or by the new 1.0.1 release.

O(1) Labs — our ecosystem partner — recently discovered a vulnerability in the Mina JavaScript client-sdk where private key generation in some situations depends on poor entropy. This means that private keys generated under these situations are vulnerable to attacks by malicious actors, and with low probability, funds can be stolen. This has been patched and fixed in the 1.0.1 release of the client-sdk.

Developers and users who use the client-sdk should immediately upgrade to the new 1.0.1 release to fix this vulnerability. Users who have used either the client-sdk directly, or a product that depends on the client-sdk, should also immediately move their funds to an address that was generated by an alternative method, or the new 1.0.1 release.

More from our Blog

Community / 2022-09-27 / Mina Foundation
Meet the zkApp Builder — Marek Narozniak
Learn more about Marek and his first zero knowledge smart contract, LendApp.
Read more
Resource / 2022-09-26 / Mina Protocol
‘Berkeley’ Testnet Alpha Participation Guide
Read more
Ecosystem Update / 2022-09-20 / Mina Ecosystem Contributors
Mina Ecosystem Roadmap – Q3 2022
Read more
Learn / 2022-09-13 / Mina Foundation
Is Zero Knowledge Technology the Future of NFTs?
Read more

About the Tech

AboutTechCta

Mina uses advanced cryptography and recursive zk-SNARKs to deliver true decentralization at scale.

Get Started

GetStartedCta

Mina makes it simple to run a node, build and join the community.