New Ethereum Critical Bug? Programmer explains.
Ethereum developers reported delay Constantinople hard fork due to a discovered reentrancy vulnerability in the security system, potentially allowing a reentrancy attack using smart contracts.
The presence of a critical error in the code of a planned change (EIP 1283), which reduces transaction costs for some operations, was reported by the audit company Chain Security. The loophole potentially allowed an attacker to steal cryptocurrency from smart contracts on the network by repeatedly requesting funds and transmitting false data about the fraudster’s actual ETH balance. Therefore, the developers decided to postpone the implementation of the system-wide update and hold a meeting on Friday to discuss further actions and agree on a new date..
Moving to Constantinople was supposed to take place on January 16 at block 7 080 000, so some clients on the network have already been updated. In order to avoid an inconsistent hard fork, emergency fixes have been released to postpone the changes. Users can also simply downgrade the client, but the developers do not recommend doing this, so as not to create a mess. Those who do not start the node or otherwise do not participate in the network do not need to do anything.
The project team has already contacted exchanges, mining pools, cryptocurrency wallets and other groups collaborating with the Ethereum network..
Lane Rettig, a member of the Ethereum core, considers Constantinople to be the most intense and controversial of all hard forks in the entire history of the project, and some developers have even suggested calling the changes a less controversial term. «renewal». The crypto community advised the team to test the code ahead of time, rather than on the eve of launch, as EIP 1283 was available for research for a year..
Due to the increased activity of hackers, companies began to spend more money and time on improving security systems, as well as more often integrating the blockchain. According to Gemalto research In 2018, the use of this technology to protect the IoT doubled.
text: Ivan Malichenko, photo: mrcoinpedia, unsplash