Friday, March 25, 2022
HomeEthereumImportant bug in Ethereum L2 Optimism, $2M bounty paid

Important bug in Ethereum L2 Optimism, $2M bounty paid

Ethereum Layer-2 resolution Optimism has fastened a vital software program bug in considered one of its good contracts on Ethereum. On February 2nd, the Optimism staff was alerted by Jay Freeman of a vital bug in Optimism’s fork of the Ethereum Geth shopper software program. As per the Optimism announcement “Funds Are Safu.”

The bug made it attainable for a malicious hacker to create ETH on Optimism by “repeatedly triggering the “SELF-DESTRUCT” opcode on a contract that held an ETH stability.” Opcodes are various kinds of directions that may run on the Ethereum Digital Machine (EVM) execution surroundings. 

Bug triggered by Etherscan worker

Evaluation of Optimism’s blockchain historical past carried out by the Optimism staff confirmed that the bug was not exploited. The bug appears to have been by accident triggered on one event by an worker on the in style block explorer Etherscan. As per the report, “no usable extra ETH was generated.”

Based on the announcement, inside hours of affirmation, the Optimism staff developed and deployed a repair on the Kovan and Mainnet networks, mending the bug, and despatched alerts to groups growing susceptible Optimism forks and to L1-L2 bridge suppliers. Aside from the announcement, the Optimism staff has additionally printed an in depth breakdown of the incident.

As a part of Optimism’s Immunefi bug bounty program, the utmost quantity of simply over $2 million was paid out to Jay Freeman. The truth that the utmost quantity was paid, signifies the seriousness of the bug. The announcement doesn’t, nonetheless, speculate on attainable damages if the bug had been exploited by a malicious hacker.

Rising DeFi ecosystem makes safety advanced

Based on Optimism’s weblog publish, defending the DeFi ecosystem towards safety points is changing into more and more advanced, to a big extent as a direct consequence of decentralization itself.

The publish reads:

“it’s clear that the ecosystem will quickly be far too giant for this to stay sensible. We’ll be updating our disclosure protocol to extra carefully match Geth’s within the close to future,”

The publish additionally factors to the significance of bug bounty applications. 

The Optimism staff is presently within the technique of specifying and constructing the following main launch, Optimism: Bedrock Version. Based on Optimism, Bedrock Version will considerably cut back the distinction within the code base between Optimism’s Geth fork, and the “official” go-ethereum shopper. Not having to switch as a lot of the unique code makes it much less more likely to introduce bugs.


CryptoSlate E-newsletter

That includes a abstract of an important each day tales on this planet of crypto, DeFi, NFTs and extra.

Get an edge on the cryptoasset market

Entry extra crypto insights and context in each article as a paid member of CryptoSlate Edge.

On-chain evaluation

Worth snapshots

Extra context

Be part of now for $19/month Discover all advantages



Please enter your comment!
Please enter your name here

Most Popular

Recent Comments