Following the disclosure of materials connected to the Real Digital pilot project on GitHub by the Central Bank of Brazil engineers began investigating the code and found an alarming finding. They discovered the availability of numerous capabilities within the test version’s smart contract that might allow controllers to make major modifications to the Real Digital system .
Functions and Potential Changes
The detected functions go beyond the documented actions such as minting Real Digital tokens and enabling/disabling target accounts. Developers discovered new resources that might be implemented by authorized organizations by using reverse engineering techniques to the materials given by the Central Bank . These capabilities include the ability to freeze/unfreeze certain accounts, alter the financial balances of frozen accounts, move coins between addresses and create/burn coins at specified addresses .
Confirmation and Response
Several developers notably Pedro Magalhes confirmed the inclusion of these functions in the Real Digital code. When contacted for response the Central Bank recognized the feasibility of carrying out these activities, adding that similar features exist in the existing context of systems controlled by law and regulation such as SPB and Pix .
Pilot Project and Feedback
According to the Central Bank’s files the Real Digital pilot project is strictly for testing reasons and should not be used for real-world operations . The pilot project’s release seeks input and enables for the growth and modification of the documentation. Pedro Magalhes offered comments by employing reverse engineering techniques to investigate potential vulnerabilities in the Real Digital ABI.
Analysis and Recreation
Based on his analysis Magalhães successfully recreated the smart contract in Solidity which is the programming language used in the pilot project. This contract enables the execution of functions such as disabling/enabling accounts, adjusting frozen balances, transferring tokens with additional checks, creating/burning tokens, pausing/resuming token transfers and more.
You may be interested in:
- A Rewarding Career in Finance: Is Commercial Banks a Good Career Path?
- A Double Loss in Trading Markets: What to Do?
- Exploring the Facts and Considerations: Why DVC is a Bad Investment?
