The developers behind the peer-to-peer cryptocurrency trading platform Bisq temporarily disabled the services after discovering a critical security vulnerability.
Formerly known as Bitsquare, Bisq is a decentralized exchange (DEX) that allows crypto-to-fiat transactions without a formal intermediary. In a community announcement on April 8, the developers said they were investigating the vulnerability and told users:
“If you currently have active transactions, do NOT send money.”
The developers add that it is “especially important” for users not to send money if they are involved in any of the transactions included in a provided list of specific multisig transactions.
As a decentralized exchange, the intervention of the developers is not airtight. Following on from the original post, they wrote:
“To remove confusion, yes, Bisq is a well-distributed peer-to-peer network. So you can ignore the latest alert key functionality that blocks trading. But we strongly advise against doing this for your own safety. ‘
The developers promise to release more details when they can, and indicate that all existing transactions cannot be completed until they release v1.3.0 of the application. “Please hold on tight,” they emphasized, noting that user fees are not at risk due to Bisq’s security model.
As previously reported, Bisq’s popularity last year overshadowed the strong P2P platform LocalBitcoins, after the latter abruptly revoked the option for users to meet and conduct cash transactions.
In February, LocalBitcoins hit a seven-year low in total trading volume – a clear sign of continued user uncertainty in response to a series of incidents and allegations. In January, the platform hit a two-year low for weekly volumes in China.