The entire Ethereum community has been awaiting the Constantinople hard fork for over a year now. The initial decision of the hard fork was made in the year of 2017 and the upgrade was scheduled to occur in late 2018. It was later postponed to January 2019 because of issues found in the Ropsten Testnet.
However, much to the expectations of the community, the hard fork was yet again delayed due to another security issue. This issue was bought to light on the eve of the hard fork, resulting in the key stakeholders taking the decision to prolong the upgrade. Additionally, the Parity and Geth team released a new version, which would revert Constantinople hard fork on the Ethereum network.
|Apple's Secret Project|
|Apple Quietly Leases 5,000 Acre |
Abandoned Military Base
|The Motley Fool|
Importantly, the issue was found in one of the Ethereum Improvement Protocols [EIP], the net gas metering for SSTORE without dirty maps, and was brought to light by an audit platform for smart contracts, ChainSecurity. The platform pointed that the Constantinople upgrade would open doors for a Reentrancy attack. Based on the report by the team, smart contracts that are not currently vulnerable would become vulnerable to the attack after the upgrade.
According to the latest video by Ivan on Tech, the Youtuber explained the attack as “a smart contract [name it A] makes payment to another smart contract [name it B], smart contract B will have a chance to call another function in smart contract A, thereby gaining control over what happens next and can execute any code”.
The vulnerability exists even now, but cannot be carried out because of high gas limit, which is required to change the storage of another smart contract. The Youtuber, explained:
“Because when smart contract B can change storage of smart contract A, then this is when they can start messing with internal working of smart contract A and basically mess up the execution and steal funds.”
This is now a problem because the Ethereum Improvement Protocol proposes to make the storage cost cheaper, aimed at benefiting the developers. This, thereby, reintroduces the attack that was earlier prevented because of the higher gas costs.
During the ConstantiNOPEle watch party, one of the members of the Foundation, Hudson Jameson, stated that there is an Ethereum Improvement Protocol introduced to fix the issues found in EIP 1283. He further stated that the two developers are currently working with the Parity team and with Nick Johnson to have the EIP implemented. He said:
“That doesn’t mean the EIP is going in, it might be left out completely in the future fork […] There are stuff in the EIP that would make the stuff more friendly. “
Ripple Labs, the company behind XRP, has given for free some 1 billion XRP, worth $270 million, to a company… Read More
The vast majority of the world’s cryptocurrency trading volume is in the hands of “lower quality exchanges”, while the world’s… Read More
In many countries, including Palestine and the entire world at large, Bitcoin is used more by civilians than some bankers… Read More
Very rich person Investor Tim Draper Claims Bitcoin Prices Will Hike up to $250,000 by 2022Bitcoin (BTC) may proceed to… Read More
Risk Disclaimer - By using this web site you agree to its terms and conditions. All materials, including but not… Read More
Apple stock is brushing off a decline in iPhone sales while continuing to make gains in 2019. | Source: REUTERS/Joshua… Read More