Vitaly Buterin sees no danger in the new vulnerability Ethereum

Ethereum co-founder Vitalik Buterin, like several other leading developers of the platform, does not see a serious security threat in the bug that was identified in the code of the upcoming Constantinople system upgrade.

Earlier it was reported that the detected vulnerability affects some smart contracts with the possibility of self-destruction. In particular, the function called Create2, assigned to EIP-1014, can replace the self-destructed smart contract, simultaneously changing the rules specified in it, which could potentially lead to loss of funds.

This question was raised at the last Ethereum video conference, and most of them believe that this possible attack vector does not pose a serious threat. Buterin also agreed with this opinion.

“Speaking about the future and thinking about such things as renting and deleting [data], we must remember that it may be possible to bring the contract to such a state when it turns out to be without the option of self-destruction … It’s not that we need to decide urgent over the next few weeks, although this needs to be remembered in the near future, when ETH 2.0 sharding will be linked to the virtual machine specifications, ”said Buterin.

Jason Carver, developer of the Ethereum Foundation, said earlier that the self-destruction function does not carry additional risks in the current version of the protocol, but after upgrading to Constantinople, the code can be used to steal all allocated tokens of the smart contract.

Among the possible technical solutions to this problem, the developers proposed to prescribe in the Create2 function additional protection against replaying.

It is expected that the identified bug and work to eliminate it will not affect the activation of the hard forks of Constantinople, which should take place in the last days of this February.

Subscribe to BlockchainJournal on Facebook !