The team behind the privacy coin Firo has identified multiple Lelantus transactions that are “suspicious,” according to project steward Reuben Yap. In response, developers have activated their emergency switch to temporarily disable Lelantus to give them time to investigate and identify the issue. 

In a post last night announcing the issue, Yap wrote:

“Our core team is working with several parties, including engineers from Trail of Bits (who audited our Lelantus cryptographic library), another cryptographer and a black hat to identify the issue. We have made significant progress in narrowing down the cause and are working on a proof-of-concept code to verify that what we’ve found is the core issue before resuming Lelantus functionality. Our team is also determining a plan to restore Lelantus functionality with minimum impact.”

The Lelantus protocol was launched in mid-January 2021. It introduced “on-by-default” privacy and prompts users to anonymize their funds with the goal of ensuring transactions sent by official Firo wallets stay private. Transparent transactions will now have to be explicitly selected. It also allows for partial redemptions of Firo’s burn-and-redeem model, which previously had to be redeemed in full. 

This is the second in a pair of challenges that has arisen since the launch on Jan. 14. Less than a week later, Firo experienced a 51% attack that forced it to push a hotfix to address the issue. 

The Firo devs were able to disable the Lelantus protocol based on a previous vote that gave the core team the ability to temporarily “turn off and on features like Lelantus, chainlocks and instant send.”

“While we have taken practical precautions including audits and review, developing cutting-edge privacy tech comes with risk,” said Yap in last night’s post. “The safeguards we put in place in recognition of this has mitigated damage as the technology matures and becomes battle-tested.”

The Firo privacy coin is down 13.3% in the last 24 hours.