• Latest
Ethereum Clients Release New Software In Wake of Hard Fork Delay

Ethereum Clients Release New Software In Wake of Hard Fork Delay

January 16, 2019
ygg sea surpasses 10,000 scholarships in just six months of launch

YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch

May 6, 2022
mintable launches industry changing gas free minting service on ethereum

Mintable Launches Industry Changing Gas Free Minting Service on Ethereum

May 1, 2022
5 projects enabling smart contract development on bitcoin

5 Projects Enabling Smart Contract Development on Bitcoin

April 29, 2022
bitcoin atm installed in mexico's senate building

Bitcoin ATM installed in Mexico’s Senate Building

April 27, 2022
cross chain services play a crucial role in facilitating continued adoption of defi applications

Cross-Chain Services Play a Crucial Role in Facilitating Continued Adoption of DeFi Applications

April 26, 2022
justin sun launches usdd, integrating the blockchain world and the real world with the decentralized stablecoin

Justin Sun Launches USDD, Integrating the Blockchain World and the Real World with the Decentralized Stablecoin

April 25, 2022
nfts: the next musical revolution

NFTs: The Next Musical Revolution

April 24, 2022
things you should know before investing in nfts

Things You Should Know Before Investing in NFTs

April 24, 2022
what are wrapped tokens?

What Are Wrapped Tokens?

April 23, 2022
what is the future of ethereum (eth)?

What is the future of Ethereum (ETH)?

April 22, 2022
green gaming

Everything You Need to Know About Play-to-Earn on Algorand in 2022

April 21, 2022
$ape going bananas as rumors of upcoming land sale of bayc metaverse gather momentum

$APE Going Bananas As Rumors of Upcoming Land Sale of BAYC Metaverse Gather Momentum

April 21, 2022
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
CoinNewsDaily
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
No Result
View All Result
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining
No Result
View All Result
CoinNewsDaily
No Result
View All Result
Home Tech

Ethereum Clients Release New Software In Wake of Hard Fork Delay

coinnewsdaily by coinnewsdaily
January 16, 2019
in Tech
0
Ethereum Clients Release New Software In Wake of Hard Fork Delay
190
SHARES
1.5k
VIEWS
Share on FacebookShare on Twitter

Related articles

ygg sea surpasses 10,000 scholarships in just six months of launch

YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch

May 6, 2022
5 projects enabling smart contract development on bitcoin

5 Projects Enabling Smart Contract Development on Bitcoin

April 29, 2022

Major ethereum clients, including Go-Ethereum (Geth) and Parity, have released software updates following an earlier decision to delay the planned system-wide upgrade dubbed Constantinople.

The upgrade was postponed Tuesday during a developers call, a move that came after blockchain audit firm Chain Security discovered a security vulnerability in Ethereum Improvement Proposal (EIP) 1283, one of the planned changes included in Constantinople. If exploited, the bug would have allowed for “reentrance attacks,” allowing malicious actors to withdraw funds from the same source multiple times.

A new activation block for the upgrade will be decided during another call later this week.

In order to prevent the fork from happening – given that some of the software clients on the network had already been updated ahead of the fork – developers of the major ethereum implementations moved to publish new versions.

Geth released an emergency hotfix (version 1.8.21) designed to delay the upgrade, though developer Péter Szilágyi noted that users who do not wish to upgrade to the new version of the client can also downgrade their existing clients to version 1.8.19 or continue running the current version (1.8.20) with an override.

Parity clients can similarly either upgrade their existing clients to 2.2.7 (the stable release) or 2.3.0 (a beta release) or otherwise downgrade to 2.2.4 (beta).

Parity Technologies head of security Kirill Pimenov, speaking in an ethereum core developers chat on Gitter, said he recommended users upgrade to the new release, rather than downgrade to an older version, explaining:

“I want to restate — downgrading Parity to pre-Constantinople versions is a bad idea, we don’t recommend that to anyone. Theoretically it should even work, but we don’t want to deal with that mess.”

Similarly, Parity release manager Afri Schoedon told CoinDesk that he recommends 2.2.7, though the other two should work as well.

In a blog post, core developer Hudson Jameson wrote that anyone who does not run a node or otherwise participate in the network does not need to do anything.

Smart contract owners do not need to do anything either, though “you may choose to examine the analysis of the potential vulnerability and check your contracts,” he wrote.

However, he pointed out that the change that could introduce the potential issue will not be enabled.

As of the blog post’s publication, security researchers with ChainSecurity, who initially discovered the bug, and TrailOfBits are analyzing the overall blockchain.

Reentrance attacks

So far, no instances of the vulnerability have been discovered in live contracts. However, Jameson noted that “there is still a non-zero risk that some contracts could be affected.”

In order for transfers on ethereum to avoid reentrance attacks, a small amount of ether called gas is paid which prevents attackers from repurposing a transfer to steal funds.

However, as explained to CoinDesk by Hubert Ritzdorf – the individual who found the vulnerability and CTO of Chain Security – a “side effect” of EIP 1283 ensures attackers can leverage this small amount of gas for malicious purposes.

“The difference is before you couldn’t do something malicious with this little bit of gas, you could do something useful but not something malicious and now because some of the operations became cheaper, now you can do something malicious with this little bit of gas,” said Ritzdorf.

And though the issue of reentrancy is always on the minds of smart contract developers coding in Solidity on ethereum, Matthias Egli – COO of Chain Security – explained that core developers strictly looking at the mechanics of the virtual machine couldn’t have easily spotted this vulnerability.

He told CoinDesk:

“It’s a Solidity thing, it’s not an [ethereum virtual machine] core thing that in practice allowed this attack. That was part of this disconnect that in practice small changes to gas cost will allow new kind of attacks which wasn’t considered before.”

What’s more, Ritzdorf added that the fix to this issue isn’t as easy as updating ethereum’s gas cost limits, explaining that “if we change this amount to a small number now then we would fix the vulnerability but we would also break many existing [smart] contracts.”

As such, for the time being, a delay to Constantinople was the right call by core developers according to Egli.

“It was the right decision because it at least buys some time for researchers to evaluate the real world impact. With high likelihood, this [EIP] will be taken back and not included in the upcoming hard fork which is now delayed by perhaps a month,” he contended.

Next steps

As of press time, developers are contacting exchanges, wallets, mining pools and other groups which use or interact with the ethereum network.

Core developers plan to discuss longer-term steps – including when to execute Constantinople and how to fix the bug in EIP 1283 – during another call on Jan. 18.

Multiple developers suggested initiating some sort of bug bounty program focused on analyzing the code, in order to ensure future bugs are discovered well in advance, rather than “right before [hard fork] day.”

Szilágyi noted that the EIP had been available for review for nearly a year, adding that “maybe it’s not a bad idea to do some grants for more focused eyes.”

Code image via Shutterstock



Credit: Source link

Tags: Crypto Tech
Share76Tweet48
Previous Post

New Zealand Crypto Exchange Cryptopia Goes Offline Citing Major Hack

Next Post

Ethereum’s Constantinople Upgrade Faces Delay Due to Security Vulnerability

coinnewsdaily

coinnewsdaily

CoinNewsDaily.com is an online Crypto Coin News Website that aims to provide latest trendy news from market and around the world.

Related Posts

ygg sea surpasses 10,000 scholarships in just six months of launch
Alt Coin

YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch

May 6, 2022
5 projects enabling smart contract development on bitcoin
Alt Coin

5 Projects Enabling Smart Contract Development on Bitcoin

April 29, 2022
bitcoin atm installed in mexico's senate building
Bitcoin

Bitcoin ATM installed in Mexico’s Senate Building

April 27, 2022
cross chain services play a crucial role in facilitating continued adoption of defi applications
Alt Coin

Cross-Chain Services Play a Crucial Role in Facilitating Continued Adoption of DeFi Applications

April 26, 2022
green gaming
Business

Everything You Need to Know About Play-to-Earn on Algorand in 2022

April 21, 2022
axie infinity: what are the minimum android phone requirements to play on mobile
Alt Coin

Axie Infinity: What Are the Minimum Android Phone Requirements to Play on Mobile

April 21, 2022
Load More
Next Post
Ethereum’s Constantinople Upgrade Faces Delay Due to Security Vulnerability

Ethereum's Constantinople Upgrade Faces Delay Due to Security Vulnerability

Categories

  • Alt Coin
  • Bitcoin
  • Business
  • Ethereum
  • ICO
  • Litecoin
  • Mining
  • NFT
  • Ripple
  • Tech
  • Trading

What New here?

  • YGG SEA Surpasses 10,000 Scholarships in Just Six Months of Launch
  • Mintable Launches Industry Changing Gas Free Minting Service on Ethereum
  • 5 Projects Enabling Smart Contract Development on Bitcoin

Subscribe to Get More!

Loading
  • About Us
  • Contact Us
  • Privacy & Policy

© 2018-2021 CoinNewsDaily.com by CoinNewsDaily Inc. Crafted with Love by iFtiDev

No Result
View All Result
  • Home
  • Coin Market Cap
  • Bitcoin
  • Ethereum
  • Ripple
  • Litecoin
  • Alt Coin
  • Business
  • Trading
  • Mining

© 2018-2021 CoinNewsDaily.com by CoinNewsDaily Inc. Crafted with Love by iFtiDev

  • bitcoinBitcoin(BTC)$23,036.000.21%
  • ethereumEthereum(ETH)$1,579.740.24%
  • tetherTether(USDT)$1.000.19%
  • binancecoinBNB(BNB)$306.930.78%
  • rippleXRP(XRP)$0.4115870.90%
  • cardanoCardano(ADA)$0.3859621.68%
  • dogecoinDogecoin(DOGE)$0.0890553.41%
  • matic-networkPolygon(MATIC)$1.162.31%
  • okbOKB(OKB)$38.707.94%
  • solanaSolana(SOL)$24.190.91%
  • polkadotPolkadot(DOT)$6.450.54%
  • shiba-inuShiba Inu(SHIB)$0.0000122.74%
  • litecoinLitecoin(LTC)$88.290.82%
  • tronTRON(TRX)$0.062609-0.43%
  • daiDai(DAI)$1.000.03%
  • cosmosCosmos Hub(ATOM)$13.362.02%
  • chainlinkChainlink(LINK)$7.260.74%
  • leo-tokenLEO Token(LEO)$3.76-2.09%
  • moneroMonero(XMR)$182.394.34%
  • ethereum-classicEthereum Classic(ETC)$21.790.41%
  • bitcoin-cashBitcoin Cash(BCH)$133.16-1.29%
  • stellarStellar(XLM)$0.0928151.14%
  • crypto-com-chainCronos(CRO)$0.0811511.00%
  • filecoinFilecoin(FIL)$5.28-0.43%
  • algorandAlgorand(ALGO)$0.2578562.78%
  • vechainVeChain(VET)$0.024043-0.86%
  • internet-computerInternet Computer(ICP)$5.95-0.85%
  • aaveAave(AAVE)$85.14-3.35%
  • eosEOS(EOS)$1.09-2.45%
  • elrond-erd-2MultiversX(EGLD)$44.481.52%
  • theta-tokenTheta Network(THETA)$1.09-1.78%
  • tezosTezos(XTZ)$1.11-0.21%
  • paxos-standardPax Dollar(USDP)$1.00-0.24%
  • bitcoin-cash-svBitcoin SV(BSV)$43.48-2.06%
  • huobi-tokenHuobi(HT)$5.090.56%
  • havvenSynthetix Network(SNX)$2.46-1.94%
  • pancakeswap-tokenPancakeSwap(CAKE)$3.990.75%
  • iotaIOTA(MIOTA)$0.236236-2.45%
  • makerMaker(MKR)$658.640.45%
  • zcashZcash(ZEC)$45.26-1.31%
  • neoNEO(NEO)$8.210.12%
  • dashDash(DASH)$50.73-0.14%
  • zilliqaZilliqa(ZIL)$0.0297474.04%
  • basic-attention-tokenBasic Attention(BAT)$0.260705-0.46%
  • compound-governance-tokenCompound(COMP)$56.473.71%
  • Elrond ERDElrond ERD(ERD)$0.0259290.00%
  • nemNEM(XEM)$0.038845-2.17%
  • kusamaKusama(KSM)$36.632.43%
  • bitcoin-goldBitcoin Gold(BTG)$17.08-2.24%
  • wavesWaves(WAVES)$2.791.50%
  • qtumQtum(QTUM)$2.64-1.79%
  • ftx-tokenFTX(FTT)$1.89-21.50%
  • sushiSushi(SUSHI)$1.30-0.86%
  • yearn-financeyearn.finance(YFI)$7,623.750.54%
  • golemGolem(GLM)$0.2472210.15%
  • omisegoOMG Network(OMG)$1.490.96%
  • ontologyOntology(ONT)$0.214722-1.51%
  • digibyteDigiByte(DGB)$0.010769-1.76%
  • umaUMA(UMA)$2.04-1.16%
  • ethlendAave [OLD](LEND)$0.53-3.08%
  • UniswapUniswap(UNI)$2.4438.80%