Ethereum Constantinople Fork Delayed After Vulnerabilities Detected

Ethereum’s Constantinople upgrade Delayed

The release date of Ethereum’s Constantinople upgrade, which is set to enhance the Ethereum network, has been postponed several times. This upgrade was scheduled to go into effect this month. Zurich-based blockchain security firm ChainSecurity—a smart contract auditing and security firm—detected a critical bug in Ethereum’s code changes on Jan 15th 2019 which was introduced by the Constantinople hard fork upgrade.

The vulnerability would allow funds to be stolen from smart contracts that utilize opcodes (the portion of a machine language instruction that specifies the operation to be performed.)

- Advertisement -

ChainSecurity Wrote on their Medium Blog:

“The upcoming Constantinople Upgrade for the Ethereum network introduces cheaper gas cost for certain SSTORE operations. As an unwanted side effect, this enables reentrancy attacks when using address.transfer(…) or address.send(…) in Solidity smart contracts. Previously these functions were considered reentrancy-safe, which they aren’t any longer.”

The decision to delay the hard fork was taken collectively during an on-call discussion between Security researchers, Ethereum stakeholders, Ethereum client developers, Smart contract owners/developers, Wallet providers, Node operators, Dapp developers and the Media.

The Ethereum Foundation issued an emergency announcement to coordinate necessary precautions. Anyone running a node, including exchanges, miners, and wallet services, will need to update to a new version of Geth or Parity before block 7,080,000, which will occur approximately on Jan 16th 2019 04:00 UTC. The Ethereum price trend remains bearish.

According to the announcement, individuals simply holding or interacting with Ethereum do not need to do anything

- Advertisement -

Security researchers like ChainSecurity and TrailOfBits ran (and are still running) analysis across the entire blockchain.

These kinds of risks are inevitable. ChainSecurity acted quickly, before the hard fork.

This story is developing. Please check back for updates.

- Advertisement -

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.