Ethereum Soft Fork Under Threat of DDoS Attacks
The situation around the attempts to bring back the lost assets of The DAO is gradually gaining farcical shades. This time, the soft fork proposed by Ethereum developers may never occur because yet another vulnerability has been discovered.
The soft fork in question is aimed at blocking target DAO address, so that the organization will not be able to effect any transactions. However, according to developer Felix Lange, the soft fork proposal released earlier, 1.4.8 Geth aka DAO Wars, incorporates a DDoS attack vector.
“An attack vector has been identified in the freshly released implementation of the DAO soft fork. The fork enactment code in geth (and other clients) allows execution of EVM code up to the block gas limit without paying for gas. This can slow down mining and prevent inclusion of legitimate transactions,” Lange wrote.
Security Alert – DoS Vulnerability in the Soft Fork Release (v1.4.8) https://t.co/5OYjAaICQx #blockchain
— Ethereum (@ethereum) June 28, 2016
Lange said that the developers are currently studying possible options, adding that unwanted consequences of the soft fork may be averted by voting against its implementation, and seeking an alternate optimal solution.
Lange stressed that the assets from the compromised autonomous organizations can’t be withdrawn until July 14, so there is no urgent need to do anything before any decisions have been made.
Lange recommended miners to go back to Geth 1.4.7 or launch Geth 1.4.8 without dao-soft-fork command so that no DDoS attack would take place.
The news on possible DDoS attack related to the discovered vulnerability immediately caused ETH to plunge even deeper. Over the course of the last 24 hours, the token has lost another 10% of its cost hitting the bottom at 0.0179 BTC / 1 ETH Tuesday night. At the time of writing, ETH is traded at the cost of around 0.0191 BTC ($12.13).
As ForkLog reported earlier, the voting on the soft fork commenced after Geth 1.4.8 and Parity 1.2.0 have been posted last Friday. In case miners endorse Ethereum soft fork, all assets at child DAO accounts will be suspended, with only a chosen few being able to access them. In that case, the assets will be returned after the voting on the hard fork.
The developers acknowledge that the soft fork and the hard fork are last resorts which may undermine Ethereum’s credibility in general.
Adamant Research editor-in-chief Tuur Demeester commented:
In my 5yrs in Bitcoin, I don't recall ever seeing a soft fork release followed by a warning to not implement it. https://t.co/fgw389N353
— Tuur Demeester (@TuurDemeester) June 28, 2016
Another, this time ironic comment came from Bitcoin Art Gallery:
#ethereum pic.twitter.com/wxbLOVma3Z
— Bitcoin Art Gallery (@btcArtGallery) June 29, 2016
ForkLog continues monitoring development of the affairs.
Subscribe to our Newsletter
<Subscribe
Related posts
- Whales Transfer Over 700K ETH in ‘Pre-Pump Positioning’
- Report: Hackers Took Advantage of ETH Mempool Congestion to Steal $8.3M MakerDAO
- New Report Reveals How Long Hackers Keep Using Compromised Accounts
- North Korean Hackers Create Crypto-Trading Apps to Steal Cryptocurrencies
- CipherTrace: Twitter Hackers Laundered Stolen Bitcoins Through Exchanges and Casinos
- 7th Hacker Congress in Prague to Seek Relief from Digital Totalitarianism
- Former GlobalHell Hacker: The Attack on Twitter Is Way Bigger than Anticipated
- UK, U.S., and Canada Accuse Russia of Hacking Attacks to Steal Secret Research on Covid-19 Vaccine