industry

Bitcoin rival Ethereum saved from CYBER-ATTACK threat by THIS accidental discovery


The huge altcoin had planned a critical upgrade called ‘Constantinople’ to take place earlier today, but the plug was pulled with hours to spare when a small team of developers from a start-up business stumbled upon a crucial security issue. Had the problem gone unnoticed, Ethereum’s much-anticipated fork would have left the entire organisation wide open to the very cyber attacks that the upgrade was designed to prevent. However, it was in a small office in Switzerland where the flaw that nearly brought Ethereum to its knees was discovered during a training session on Tuesday. Staff at Zurich-based ChainSecurity were preparing some examples of how auditing crypto technology can work when one of the company’s founders – Dr Hubert Ritzdorf – saw something in the programming that caught his eye.

His colleague Matthias Egli saod: “We were looking at Constantinople from an internal training point of view to show people what auditing can do.

“Hubert just happened to come across the flaw quite randomly which was very lucky for Ethereum as he happens to be one of the world’s best researchers in the security area.”

The tiny Swiss outfit flagged up the problem to the Ethereum Foundation which then mobilised its development team for an emergency meeting with multi-millionaire founder Vitalik Buterin.

Mr Egli said: “I was super impressed by their reaction – they immediately saw what was going on and brought more auditors in to verify our findings.

“An hour or two later there were 50 people on a call and then, after some technical analysis, the decision was immediately made to delay Constantinople as the information was translated for clients around the world.

“It was an incredible response to witness and be a part of – I’ve seen how long it can take certain countries and businesses to reach consensus, but this was quite amazing.”

The issue discovered by Dr Ritzdorf related to a throwback from the June 2016 ‘DAO incident’ when a mysterious hacker took a whopping $50m out of Ethereum.

To beef up security Buterin’s developers forced through a handful of hard forks and an adjustment to the gas limits.

Ethereum uses ‘gas’ as the execution fee for any operation conducted on its platform.

The defect uncovered in Zurich on Tuesday afternoon was connected to the gas limits and an underlying side effect of Constantinople which opened the crypto up for dangerous ‘re-entrancy’ attacks.

Had the flaw not been found, and the upgrade gone ahead as planned this morning,

Ethereum would have been completely exposed to hackers.

Ethereum announced to the public yesterday that it would not be implementing Constantinople this week.

It gave no indication of when the upgrade will be going ahead.

Coin Rivet is a website bringing news, information, analysis, opinion and insight from the fast-moving blockchain world.



READ SOURCE

Leave a Reply

This website uses cookies. By continuing to use this site, you accept our use of cookies.