How This Ethereum Scaling Solution Fixed Critical Bug Before A Disaster

Share This Post

In earlier February, the team behind Ethereum layer 2 scaling solution Optimism received word on a critical bug that could allow a bad actor to “create ETH” on the network. The bug was part of the solution’s Geth fork and was discovered by Jay “saurik” Freeman, Head of Technology at Orchid Protocol.

Related Reading | How The Inventor Of Ethereum Predicted Wormhole’s $321M Security Breach

A bad actor could have leveraged the vulnerability on this Ethereum layer 2 solutions via the SELFDESTRUCT opcode on a contract that held funds in the underlying cryptocurrency, according to an official post. However, the bug was fixed without it ever being exploited.

The team behind Optimism conduced a chain history and discovered the bug was only triggered once, 40 days before being discovered, accidentally by an Etherscan employee. However, the person didn’t generate ETH, per the investigation conducted by Freeman. The team added:

A fix for the issue was tested and deployed to Optimism’s Kovan and Mainnet networks (including all infrastructure providers) within hours of confirmation.

Optimism forks were also alerted on the vulnerability and, as the team said, all applied the fix. In that sense, they call on everyone running a replica of their software to update to l2geth version 0.5.11 or risk un-synchronization with the rest of the network.

Freeman will receive the maximum bounty, estimated at $2 million, for his contribution to the Ethereum scaling solution. The team behind Optimism thanked him for “helping to keep Optimism safe”. They added the following on the new challenges that a growing project faces:

Today, between bridges, more providers, and even multiple mainnet forks of our codebase, it’s a different story. It’s great for decentralization, but it adds complexity to releases. And security releases bring even more complexity — we can’t immediately publish an obvious patch, or we risk someone reverse-engineering the vulnerability before anyone upgrades.

How To Attack An Ethereum Scaling Solution

Freeman published a detailed report on his discoveries, adding that the second layer solution was opened to an attack via their client, OVM 2.0 a fork of go-Ethereum referred to as l2geth. The Orchid Protocol, as he said, is a second layer scaling solution. So, his experience was invaluable when discovering the vulnerability of Optimism.

Freeman called the bug he discovered “Unbridle Optimism” and claimed it originated on the virtual machine executing smart contracts on the Optimism. By exploring it, a bad actor could produce ETH on “the far side of the bridge” connecting the L1, Ethereum, and its second layer. He wrote in his report:

(…) It is my contention that this is more dangerous than merely tricking the reserves into allowing a withdrawl. With the ability to sneakily print IOUs (known on Optimism as OETH) on the other side of the bridge, you still can try to (slowly) withdraw money from the reserves, but now it will look like a legitimate transfer, making it easier to go unnoticed.

The calamity might have spread to the entire Ethereum ecosystem as a bad actor could have been able to go into decentralized protocols using Optimism and “mess with their economies”, the report said. Thus, Freeman called it an “economic griefing attack” with the potential to jeopardize the “entire ledger”.

Related Reading | Hacker Exploits Vulnerability To Steal 801,601 MATIC Tokens From Polygon

As of press time, ETH’s price is $3,091 with a 4% loss in the past 24-hours.

Ethereum ETH ETHUSD
ETH moving sideways on the daily chart. Source: ETHUSD Tradingview
Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Binance Bitcoin Reserves Up 25%, Holding 40% of Global Market Share

The post Binance Bitcoin Reserves Up 25%, Holding 40% of Global Market Share appeared first on Coinpedia Fintech News Despite persistent fear, uncertainty, and doubt (FUD), Binance’s customer

India’s RBI Boosts Cross-Border Payments Platform with CBDC Integration

The post India’s RBI Boosts Cross-Border Payments Platform with CBDC Integration appeared first on Coinpedia Fintech News The Reserve Bank of India (RBI) is enhancing its cross-border payments

XRP Price Prediction For November 25

The post XRP Price Prediction For November 25 appeared first on Coinpedia Fintech News Ripple’s XRP is currently down by more than five percent and is trading near the $140 levels Majority of the

WBTC Flash Crash on Binance, Price Plunges to $5,200

The post WBTC Flash Crash on Binance, Price Plunges to $5,200 appeared first on Coinpedia Fintech News On November 23, 2024, Wrapped Bitcoin (WBTC) experienced a sudden flash crash on Binance,

Metaplanet Stock Soars After Securing Bitcoin Magazine Japan for Bitcoin Adoption

The post Metaplanet Stock Soars After Securing Bitcoin Magazine Japan for Bitcoin Adoption appeared first on Coinpedia Fintech News After signing a memorandum of understanding (MoU) with Bitcoin

Ethereum Price Poised for Gains: $3,600 Within Reach?

Ethereum price started a fresh increase above the $3,320 zone ETH is rising and aiming for more gains above the $3,500 resistance Ethereum started a fresh increase above the $3,300 and $3,320 levels