ShadowCash is a cryptocurrency of the very ambitious Shadow Project which claims to provide “near-instant, untraceable, unlinkable and trustless transactions”.
A user that goes by “shnoe” who is a part of the Monero Research Lab, awaits a bounty payment ($1500 according to the bounty page) after applying for a bounty for finding a bug that reveals ShadowCash is mathematically broken. Through his detailed blog post, it is shown that an adversary can find out who signed a transaction and thus deanonymize them.
ShadowCash implemented ring signatures for signature obfuscation, but apparently the implementation was done incorrectly. Documentation for the ShadowCore API says that “The ring signatures are a crucial part to anonymize the sender of a transaction.” A proof of concept that exploits this bug, along with a text file of the results of the proof of concept can be found on shnoe’s Github repository. This would mean that all ShadowCash transactions are not really anonymous.
The Shadow Project denies these deanonymization claims in a blog post saying “We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction. We will of course keep looking into the claim and come up with a detailed report as soon as possible.”
The project has written off this bug as FUD (fear, uncertainty, and doubt) and will not be awarding the bounty.
This disclosure has come under fire because it was done publicly instead of notifying the developers privately, it is speculated that the reasoning for this was because of the implications this bug has and that the users should know about it.
If there’s anything to take away from this, it’s that you should choose what software you use wisely.