Security Issues Delay Ethereum Constantinople Upgrade

ByMichael Mislos

A security issue forced leaders around the Ethereum community to delay the Constantinople Hard Fork which is supposed to occur at block 7,080,00.

Photo for the Article - Security Issues Delay Ethereum Constantinople Upgrade

January 16, 2019. Ethereum cancels the upcoming Constantinople Upgrade to its blockchain network because of new security issues that have been identified just in time before the planned hard fork would have occurred.

ChainSecurity

ChainSecurity, a smart contract audit firm has identified an issue with the Ethereum Improvement Proposal (EIP) no. 1283. This proposal, when implemented, will adjust gas cost for the SSTORE Operation Code. Someone can use the vulnerability to steal ether from the “paymentsharer” contract. This is made possible because of reduced gas cost:

“Before Constantinople, every storage operation would cost at least 5000 gas. This far exceeded the gas stipend of 2300 sent along when calling a contract using transfer or send.

After Constantinople, storage operations which are changing “dirty” storage slots cost only 200 gas.”

Delay

Because of this, key leaders around the Ethereum community decided to delay the Constantinople Hard Fork which is supposed to occur at block 7,080,00. Anyone can check the current block here.

Miners, exchanges, node operators, and wallet services are advised to update to a new version of Geth and/or Parity instances when they are released.

Everyone else who holds ether in their wallets, whether hardware, paper, or MyEtherWallets, since they do not actively participate in the network by syncing or running a node, there is no need to do anything.

Timeline

At 3:09 am PT, the audit firm ChainSecurity disclosed the vulnerability on the Ethereum Foundation’s bug bounty program. The Ethereum Foundation asked ChainSecurity to disclose it to the public. Within the next 2 hours, members of the Ethereum Community, which comprises of client developers, stakeholders, wallet provides, node operators, Dapp developers, security researches, smart contract developers, and the media have discussed how to move forward. Because the amount of time needed to determine the risk of this vulnerability is longer than the number of hours before the planned Constantinople upgrade, the decision to postpone the fork has been reached.

Coins PH

Photo for the Article - Security Issues Delay Ethereum Constantinople Upgrade

In the Philippines, Coins.ph, which has a licensed Ethereum wallet service announced that they will not be halting ETH-related activities in the Coins PH app, a decision made since the Constantinople upgrade won’t be happening.

This article is originally published at BitPinas on January 16, 2019: Ethereum Constantinople Upgrade Delayed

The founder and Editor-in-Chief of BitPinas, Michael leads the editorial direction of the content and oversees all aspects of production and delivery. Michael holds cryptocurrencies - BTC, AXS, RON, and SLP.

Similar Posts

Philippines Central Bank Governor Who Pushes For Financial Inclusion, Electronic Cash Initiatives, Dies at 60

Under Gov. Espenilla, the BSP adopted a cautious but not prohibitive approach towards emerging fintech trends like cryptocurrencies, protecting the public’s interest while at the same time allowing the market to innovate and for the industry to take advantage of fintech’s benefits and efficiencies.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.