A potential vulnerability was found in Darkcoin yesterday, which would allow pool operators to not pay part of the block rewards to DRK masternodes. As masternodes are an integral part of the Darkcoin network, this issue needed to be addressed as soon as possible. A client update will be released very soon, so make sure to upgrade your clients.
The Darkcoin vulnerability was found by the Spreadcoin developer, when doing a random inspection of the DRK code in regards to masternodes and Darksend. According to Mr. Spread, Darkcoin pool operators could bypass paying part of the block rewards to DRK masternodes.
Before the new client was released, the Darkcoin wallet would check two things : whether or not there is a payment to the masternode, and whether or not there is a payment for the same amount as the masternode payment should be (30%),
However, there was no check in place to verify both payments are one and the same. Technically, a block could be generated by the mining pool, and pool owners could pay 0.0000001 DRK to the masternode (30%) and the remainder to yourself as separate coinbase outputs.
The Darkcoin developers were on the ball with this one, and fixed the vulnerability within a few hours of testing and compiling a new source code. You can find the GitHub commits here, and see for yourself how the change has been implemented. The new clients for Windows and Mac are being compiled as we speak, and should be available for download soon.