Bitcoin, Crypto currency, Blockchain

Security gap! Ethereum Hard Fork moved

The eagerly-awaited Ethereum Upgrade Constantinople had to be postponed due to a severe security vulnerability. It was found a critical vulnerability in the Code. As the Ethereum Blog reported the safety was identified gap by the Security Audit company chain security.

If the Ethereum Improvement Proposal (EIP) would have been executed in 1283, it would offer attackers a way to steal the Assets of the user. Therefore, the Ethereum developers of the displacement of the Hard Forks have agreed to provisionally.

Ethereum Constantinople

As previously reported, is reduced with the Constantinople Hard Fork, the Mining reward of Ethereum 3 ETH/Block 2 ETH/Block. This is a reduction of 33%. It was planned that the Hard Fork is performed at Block 7.080.000.

Constantinople is the Name of the next Ethereum System Upgrade, which is carried out in the Form of a Hard Forks. It is part of the multi-stage development in the direction of Serenity. The Serenity Upgrade will introduce some of the more advanced rules, the most important Change is the switch to Proof of Stake. On 6. December 2018 decided the Ethereum core developer, with Constantinople continue to be realized at Block 7.080.000. The current block time is around 14.5 seconds.

What’s the security gap?

The Security Audit company chain security found that the expected Constantinople to Upgrade for the Ethereum network includes lower gas costs for some SSTORE actions. As an unwanted side-effect of the repeat attacks in the use of address.transfer (….) or address.send (….) in Solidity, Smart Contracts, that means that a Smart Contract is used multiple times. Previously, these functions were no longer considered safe, what you are now.

The Code forms a secure support for the distribution of Repositories. Two companies can at the same time to retrieve the funds. You are able to share and to receive a payment if your details match. An attacker will form such a Pair, where the primary address of the Contract of the attacker and the next address is the account of the attacker. For this, the attacker pays a bit of money in the contract.

In other words, the attacker can
Payment sharer Contract Ether for other people to steal. The official Blog of chain security reported:

Two parties can work together to get the resources and then decide how they should be divided. If both parties agree, you can have the means to pay.
An attacker will form such a Pair, where the primary address of the Contract of the attacker and the next address is the account of the attacker. For this, the attacker pays a bit of money in the contract.

What Reentrancy “attacks”

One of the greatest threats to the invocation of external contracts is that the can only have institutional control over the Contract and make Changes to the data, not requested by the calling function. This Bug can take many different forms. In other words, the “reentrancy” (re-entry) Status of the time, an attacker call the function of any contract, and may again in the contract is before the call – or executed multiple times. Specifically in the case of a paid-for functionality is particularly harmful.

A new date for the Hard Fork is set at the next Ethereum Developer Meeting on Friday (18.01.2019). Among the members who have made the decision to move the Form, were Ethereum co-founder Vitalik Buterin, the developer of Hudson Jameson, Nick Johnson, and Evan Van Ness, as well as the Parity Release Manager Afri Schoedon.

This is not the first Time that the Upgrade is postponed. Originally, it was for November of 2018 it is planned, but implementation has been hampered by network error. Ethereums Constantinople Upgrade is part of the process towards a Proof-of-Stake consensus algorithm in the course of the year 2019. The Upgrade will increase the processing rates, the Design of the network improve as the Data Warehouse, Monet is linearized, and the Mining prices of $3/Block on $2/Block to reduce.

The security company further stated that a Scan of the Ethereum Blockchain using the above eveem.org accessible data discovered not attacked Smart Contracts. The company works with members of the ethsecurity.org in order to develop this Scan of the not yet decompiled Smart Contracts.

The contribution of chain security also revealed that currently, in front of Constantinople, the costs for storage are services at about 5000 Gas. This is significantly higher than the cost of 2300 Gas, which are normally invoked during the execution of the Transfer or Send function of Smart Contracts. After performing the upgrade, the execution of a transaction only costs 200 Gas. An attacker can then take over, however, for 2300 Gas control of the variables of the Smart Contracts.

Follow us on Twitter, Instagram, Facebook, Steemit and the Telegram News channel or Newsletter .

You would this article like to comment on? Then come to our Telegram discussion group .

Do you have a passion for the topics of Bitcoin, Blockchain and crypto-currencies? You have Talent as a writer and desire to work in a Team with other crypto-enthusiastic people to work? Get in touch with us and become part of our team! Send us a short application to marcel@cryptoticker.io! We look forward to your applications.

Leave a Comment