Technology
Ethereum upgrade delayed over security vulnerability
Ethereum’s Constantinople upgrade, which was supposed to kick in on Thursday, Jan 16, is getting delayed.
According to the official Ethereum blog, the delay is due to a potential security vulnerability identified by security audit company ChainSecurity on Jan. 15.
The security bug could potentially make some smart contracts on Ethereum vulnerable to a so-called “re-entrancy attack,” enabling an attacker to steal other people’s ether.
The bug is explained in detail in a blog post by ChainSecurity. The important bit is that, since Constantinople was delayed, no smart contracts are vulnerable at this point. In fact, a scan of Ethereum’s blockchain by ChainSecurity did not find any contracts that would be vulnerable even if the upgrade went through, but Ethereum’s developers still decided to mitigate the risk by delaying the upgrade.
“Because the risk is non-zero and the amount of time required to determine the risk with confidence is longer the amount of time available before the planned Constantinople upgrade, a decision was reached to postpone the fork out of an abundance of caution,” Ethereum developer Hudson Jameson wrote in a blog post Tuesday.
For most end-users — i.e. owners of ether or users of dApps on the platform — there is no need to do anything following this news. Users who run nodes or mining operations should follow the instructions here.
Constantinople was an important upgrade of Ethereum which was supposed to make the network a bit more efficient and pave the way for future upgrades, most importantly switching to a proof-of-stake consensus algorithm later this year. There’s no new date set for the Constantinople upgrade at this point.
This is not the first time Constantinople has been delayed. The upgrade was originally scheduled to go live in November 2018, but was postponed due to bugs.
Disclosure: The author of this text owns, or has recently owned, a number of cryptocurrencies, including BTC and ETH.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
-
Entertainment7 days ago
WordPress.org’s login page demands you pledge loyalty to pineapple pizza
-
Entertainment6 days ago
‘Mufasa: The Lion King’ review: Can Barry Jenkins break the Disney machine?
-
Entertainment6 days ago
OpenAI’s plan to make ChatGPT the ‘everything app’ has never been more clear
-
Entertainment5 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment6 days ago
How to watch NFL Christmas Gameday and Beyoncé halftime
-
Entertainment5 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment4 days ago
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
-
Entertainment4 days ago
CES 2025 preview: What to expect