Ethereum Constantinople Upgrade Delayed for Security Reasons

This was announced today on Ethereum’s official blog by one of their leading developers Hudson Jameson.

ChainSecurity, smart contracts auditing platform, found a Constantinople related security risk which prompted the Ethereum developers to postpone the upgrade.

“Out of an abundance of caution, key stakeholders around the Ethereum community have determined that the best course of action will be to delay the planned Constantinople fork that would have occurred at block 7,080,000 on January 16, 2019.

This will require anyone running a node (node operators, exchanges, miners, wallet services, etc…) to update to a new version of Geth or Parity before block 7,080,000. Block 7,080,000 will occur in approximately 32 hours from the time of this publishing or at approximately January 16, 8:00pm PT / January 16, 11:00pm ET / January 17, 4:00am GMT.”

Holders that keep their ETH in cold wallets do not need to do anything, nor do smart contract developers. The only network participants that need to take action are miners, exchanges and other node operators.

What security risk did ChainSecurity find?

The issue was publicized on their blog earlier today:

“The upcoming ConstantinopleUpgrade for the ethereum network introducescheaper gas cost for certain SSTORE operations. As an unwanted side effect, this enables reentrancy attacks when using address.transfer(...) oraddress.send(...) in Solidity smart contracts. Previously these functions were considered reentrancy-safe, which they aren’t any longer. “

After Constantinople, storage operations which are changing “dirty” storage slots cost only 200 gas instead of the current 5000 gas.. To cause a storage slot to be dirty, it has to be changed during the ongoing transaction and this can often be achieved by an attacker contract through calling some public function which changes the required variable. 

intelligent crypto
How are  regular people making returns of as much as 27,144% in a year?  By picking the right coin at the right time - click the button to learn more.
Crypto arbitration still works like a charm, if you do it right! Check out Bitsgap, leading crypto arbitrage bot to learn the best way of doing it.

CaptainAltcoin's writers and guest post authors may or may not have a vested interest in any of the mentioned projects and businesses. None of the content on CaptainAltcoin is investment advice nor is it a replacement for advice from a certified financial planner. The views expressed in this article are those of the author and do not necessarily reflect the official policy or position of CaptainAltcoin.com

Rene Peters

Rene Peters

Rene Peters is editor-in-chief of CaptainAltcoin and is responsible for editorial planning and business development. After his training as an accountant, he studied diplomacy and economics and held various positions in one of the management consultancies and in couple of digital marketing agencies. He is particularly interested in the long-term implications of blockchain technology for politics, society and the economy.

We will be happy to hear your thoughts

Leave a reply

CaptainAltcoin
Logo