By Nathan Ferguson
The developers from Optimism (a scaling startup based on Layer 2 of Ethereum) declared that the identification, as well as the subsequent patching of a serious bug, has been carried out during this month’s early days. The bug, having the potential to let the hackers create numerous amounts of ETH in the balance of Optimism account, was primarily pointed out by Jay Freeman – a developer of Cydia (a software for iOS jailbreak) as well as a white-hat hacker.
In a comprehensive blog post, it was explained on the behalf of Freeman that the respective bug would permit the attacker to duplicate the funds by utilizing a go-Ethereum fork called OVM 2.0 on any chain. For carrying out these endeavors, a considerably big amount of nearly $2,000,042 (in terms of bug bounties given up till now) was awarded to Freeman. As per the team of Optimism, the respective bug would make the replication of funds possible by again and again generating SELF-DESTRUCT opcode over a contract holding ETH balance.
The team of Optimism noted in a post that the chain history identified that no exploitation has been done over the respective bug, except for its accidental activation on the behalf of a staffer at Etherscan (a data startup of Ethereum), however, no excessive manipulation was carried out. A solution to resolve the problem was tested as well as implemented to the Mainnet and Kovan networks of Optimism (along with the entire of the infrastructure providers) just in some hours of the confirmation, as stated by the team while it thanked Alchemy, QuickNode, and Infura for their quick response times.
The team added that they informed several forks of Optimism as well as bridge providers regarding the issue and all of the respective projects then implemented the necessary fix. In the previous year, the whitelist was removed by Optimism, permitting the developers to initiate constructing projects over the network. In advance of this, only some particular projects like Synthetix and Uniswap could access the network. This restriction made it convenient for the developers to find out as well as fix the likely bugs.
Optimism utilizes optimistic rollups to aggregate the transaction (which are external to the blockchain of Ethereum). This assists in minimizing slippage, lowering transaction charges, as well as broadly enhancing the transaction speeds. Nonetheless, as clarified by this bug – even though several improvements related to efficiency are provided by the protocols based on Layer 2 – a common concerning point has still been the security.