It Was Possible to Create Infinite ETH!


article image

Vladislav Sopov

Track live crypto price of 10000+ coins!


The leading Ethereum scaling solution would have allowed bad actors to create infinite ETH

Contents

Ethereum’s most popular second-layer scalability solution Optimism was vulnerable to the “Unbridled Optimism” attack — so were its forks, Boba and Metis.

Infinite Ethers for potential Optimism attackers

Seasoned developer Jay Freeman who is well-known as co-founder of Orchid and core developer of iOS Jailbreak and Cydia tools, released a detailed blog post on how Go-Ethereum fork Optimism could have been hacked.

According to his detailed explanation, a malicious actor could “mint” an arbitrary number of ETH tokens on any blockchain that utilizes Optimism Virtual Machine (OVM).

This could have been achieved by repeatedly triggering the SELFDESRUCT op-code on a contract with mainnet Ethers on balance. By doing so, attackers could increase their ETH holdings to infinite.

Related:  Mini Altcoin Season May Be Brewing With Chainlink and Three Crypto Assets Showing Signs of Accumulation: Analyst

Also, Optimism forks Boba and Metis were prone to similar attacks design.

Bug fixed, $2M bounty comes to white-hat hacker

As per the statement of the Optimism team, their experts confirmed that the bug was never exploited by ‘real’ hackers: as such, all of the users’ funds are safe.

An emergence patch was released to Optimism mainnet and Kovan testnet just hours after the bug was disclosed. All forks and bridge providers were alerted: they should update their software to L2Geth version v0.5.11 in order to keep their systems synchronized with Optimism.

The platform awarded the maximum bounty amount of $2,000,042 to Freeman through the Immunefi bug bounty instrument. The white-hat hacker announced he will cover the accident on Feb.18 during the ETHDenver conference.




Download MAXBIT Android App, Your best source of all crypto news!

Google Play

Source link