Categories: Ethereum

Sergio Demian Lerner Says the Constantinople Bug “Was Evident and Well-Known”

Click here to view original web page at

A long time crypto security researcher has come out to say the Constantinople bug was revealed months ago. Sergio Demian Lerner says:

“At Coinspect we discussed a months ago the “vulnerability” that today blocked Ethereum hard-fork. We knew that some contracts would break on EIP1283. In fact we had created an example contract that was vulnerable. We thought this was evident and well-known.”

Lerner links to a tweet from September which says: “Stop assuming Solidity send() is safe from reentrancy. It’s not. A low level CALL without value transfer can call back passing a little less than 2300 gas. Always use a logic lock to protect from reentrancy.”

He did not, however, inform the Ethereum Foundation of it, stating: “I was sure the devs knew. And I’m still sure. Probably no useful contract will break in practice. But they decided to redo the risk assessment 36 hours before the fork.”

He does have some 15,000 Twitter followers, some of them eth protocol devs. Raising the question of why this bug wasn’t caught before the very last minute.

The answer may be because the piece of code responsible for the bug was included in the last minute. As you may recall, Constantinople was planned for mid-November, but a testnet bug put it back. Now Trail of Bits says:

“EIP-1283 was initially proposed on August 1, 2018. It was accepted on November 28, 2018.” Thus after the fork was postponed due to a previous bug which needed to be fixed, they included new code.

The Metropolis devs called all of December off because Christmas, making it unclear whether there was any testing during that period and/or any testing of this specific code.

Vitalik Buterin said the problem here was “interaction” between different new features which when “cross-communicating” sort of give rise to different behaviors than on their own.

In other words, there was a failure of testing presumably because this was included at the very last minute. That further means there was no audit of Metropolis. Not that one was needed for this bug as apparently it “was evident.”


“At Coinspect we discussed a months ago […]


Illuminati, Mason, Anonymous I'll never tell. I can tell you this, global power is shifting and those who have the new intelligence are working to acquire this new force. You matter naught except to yourself, therefore prepare for the least expected and make your place in the new world order.

Disqus Comments Loading...
Published by

Recent Posts

Ripple Gives One Billion XRP to Former CTO Startup, Plus Paying For Publicity

Ripple Labs, the company behind XRP, has given for free some 1 billion XRP, worth $270 million, to a company… Read More

27 mins ago

54% of Bitcoin Volume on “Lower Quality Exchanges”: Report

The vast majority of the world’s cryptocurrency trading volume is in the hands of “lower quality exchanges”, while the world’s… Read More

27 mins ago

Bitcoin is Used more by Civilians than Some Bankers, Lawmakers or Terrorists

In many countries, including Palestine and the entire world at large, Bitcoin is used more by civilians than some bankers… Read More

27 mins ago

Billionaire Investor Tim Draper Claims Bitcoin Prices Will Hike Upto $250,000 By 2022

Very rich person Investor Tim Draper Claims Bitcoin Prices Will Hike up to $250,000 by 2022Bitcoin (BTC) may proceed to… Read More

27 mins ago

Bitcoin (BTC) mining giant Bitmain firm announces purchasing more crypto mining chips that subject to a potential profit of $1.2 billion

Risk Disclaimer - By using this web site you agree to its terms and conditions. All materials, including but not… Read More

27 mins ago

Squeaky-Clean Apple Is Quietly Pummeling Its FAANG Stock Buddies

Apple stock is brushing off a decline in iPhone sales while continuing to make gains in 2019. | Source: REUTERS/Joshua… Read More

28 mins ago

This website uses cookies. We use these cookies to collect data about your interaction with our website for the purpose of continuously improving your experience with our site. For more information we encourage you to read our privacy policy.

Read More