Cryptocurrencies

Ethereum saved by accidental discovery

Ethereum’s potentially devastating flaw in its Constantinople fork was discovered by accident during a training exercise, it has been revealed.

The huge altcoin had been lining up the critical upgrade for yesterday morning, but the plug was pulled with hours to spare when a small team of developers in Switzerland stumbled upon a crucial security issue.

Had the problem gone unnoticed, Ethereum’s much-anticipated upgrade would have been left wide open to the very cyber attacks that the update was designed to prevent.

However, according to a Coin Rivet article for the Daily Express, it was in a small office in Zurich where the flaw that nearly brought Ethereum to its knees was discovered during a training session on Tuesday.

Caught his eye

Staff at ChainSecurity were preparing examples of how auditing crypto technology can be beneficial when one of the company’s founders – Dr Hubert Ritzdorf – saw something in the programming that caught his eye.

“We were looking at Constantinople from an internal training point of view to show people what auditing can do,” explained his colleague Matthias Egli.

“Hubert just happened to come across the flaw quite randomly which was very lucky for Ethereum as he happens to be one of the world’s best researchers in the security area.”

The tiny Swiss outfit flagged up the problem to the Ethereum Foundation which then mobilised its development team for an emergency meeting with multi-millionaire founder Vitalik Buterin.

“I was super impressed by their reaction – they immediately saw what was going on and brought more auditors in to verify our findings,” added Mr Egli.

“An hour or two later there were 50 people on a call and then, after some technical analysis, the decision was immediately made to delay Constantinople as the information was translated for clients around the world.

Incredible response

“It was an incredible response to witness and be a part of – I’ve seen how long it can take certain countries and businesses to reach consensus.”

Mr Egli – a hugely experience developer in this pace – also spoke of the excitement at witnessing how Vitalek Buterin and his team dealt with what was, potentially, a monumental disaster waiting to happen just hours before giving the green light to Constantinople.

“That’s the beautiful thing about this – we can talk easily with them, and Vitalik Buterin is very approachable about this,” he said.

“He actually mentioned that the reason for this happening was not the core Ethereum but the way Ethereum is used.

“He basically said we need to agree on what we’re going to change to keep it manageable, and after that the whole situation was just kept under control but happening with a really good speed.”

Mysterious hacker

The issue discovered by Dr Ritzdorf related to a throwback from the June 2016 ‘DAO incident’ when a mysterious hacker stole $50m from Ethereum. To beef up security Buterin’s developers forced through a handful of hard forks and an adjustment to the gas limits (Ethereum uses ‘gas’ as the execution fee for any operation conducted on its platform).

The defect uncovered in Zurich on Tuesday was connected to the gas limits and an underlying side effect of Constantinople which opened the crypto up for dangerous ‘re-entrancy’ attacks. Had the flaw not been found, and the upgrade gone ahead as planned yesterday, Ethereum would have been completely exposed to hackers.

Ethereum announced to the public on Wednesday that it would not be implementing Constantinople this week. It gave no indication of when the upgrade will be going ahead.

Darren Parkin

Darren Parkin is a highly experienced, award-winning editor with a background in daily newspapers. Once the UK’s youngest newspaper editor, he has spent more than three decades as a journalist, presenter and broadcaster. He was one of the first people to join the Coin Rivet team, and can often be found hosting, chairing or moderating cryptocurrency and blockchain events throughout the world. Away from the office, he is an outdoors instructor and adventurer. He recently set a world endurance record during a canoe expedition.

Disqus Comments Loading...

Recent Posts

Here is why Bitcoin is still a lucrative investment in 2024

Those who enter the market at this time may be surprised to hear that Bitcoin…

1 month ago

Zircuit Launches ZRC Token: Pioneering the Next Era of Decentralized Finance

George Town, Grand Cayman, 22nd November 2024, Chainwire

1 month ago

The surge of Bitcoin NFTs: Everything you should know about Bitcoin ordinals

From digital art to real-estate assets, NFTs have become a significant attraction for investors who…

2 months ago

MEXC Partners with Aptos to Launch Events Featuring a 1.5 Million USDT Prize Pool

Singapore, Singapore, 21st October 2024, Chainwire

2 months ago