Technology
Ethereum upgrade delayed over security vulnerability
Ethereum’s Constantinople upgrade, which was supposed to kick in on Thursday, Jan 16, is getting delayed.
According to the official Ethereum blog, the delay is due to a potential security vulnerability identified by security audit company ChainSecurity on Jan. 15.
The security bug could potentially make some smart contracts on Ethereum vulnerable to a so-called “re-entrancy attack,” enabling an attacker to steal other people’s ether.
The bug is explained in detail in a blog post by ChainSecurity. The important bit is that, since Constantinople was delayed, no smart contracts are vulnerable at this point. In fact, a scan of Ethereum’s blockchain by ChainSecurity did not find any contracts that would be vulnerable even if the upgrade went through, but Ethereum’s developers still decided to mitigate the risk by delaying the upgrade.
“Because the risk is non-zero and the amount of time required to determine the risk with confidence is longer the amount of time available before the planned Constantinople upgrade, a decision was reached to postpone the fork out of an abundance of caution,” Ethereum developer Hudson Jameson wrote in a blog post Tuesday.
For most end-users — i.e. owners of ether or users of dApps on the platform — there is no need to do anything following this news. Users who run nodes or mining operations should follow the instructions here.
Constantinople was an important upgrade of Ethereum which was supposed to make the network a bit more efficient and pave the way for future upgrades, most importantly switching to a proof-of-stake consensus algorithm later this year. There’s no new date set for the Constantinople upgrade at this point.
This is not the first time Constantinople has been delayed. The upgrade was originally scheduled to go live in November 2018, but was postponed due to bugs.
Disclosure: The author of this text owns, or has recently owned, a number of cryptocurrencies, including BTC and ETH.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
-
Business6 days ago
Langdock raises $3M with General Catalyst to help businesses avoid vendor lock-in with LLMs
-
Entertainment6 days ago
What Robert Durst did: Everything to know ahead of ‘The Jinx: Part 2’
-
Entertainment5 days ago
This nova is on the verge of exploding. You could see it any day now.
-
Business5 days ago
India’s election overshadowed by the rise of online misinformation
-
Business5 days ago
This camera trades pictures for AI poetry
-
Business6 days ago
CesiumAstro claims former exec spilled trade secrets to upstart competitor AnySignal
-
Business4 days ago
TikTok Shop expands its secondhand luxury fashion offering to the UK
-
Business7 days ago
Internet users are getting younger; now the UK is weighing up if AI can help protect them