The system update meant to save the tokens stolen from the platform during the recent attack has exposed a vulnerability potentially dangerous for the ecosystem, claims a member of Ethereum team Felix Lange.
The fork enactment code in Geth and other clients turned out to contain a previously undetected attack vector that allows execution of the Ethereum Virtual Machine Code reaching the block gas limit without paying for gas (the internal pricing for running transactions in the system). This vulnerability can slow down mining and block legitimate transactions.
“Available options are being considered. The community can avoid any negative consequences of the soft fork by voting against it until a better solution has been found,” developer Felix Lange writes on the company’s blog.
Lange reminded that in any case, “no funds can be retrieved from the affected DAOs until July 14th 2016,” and therefore, “there is no immediate urgency to block transactions while further proposals are being worked out.”
Another Ethereum developer, Fabian Vogelsteller, suggested a hard fork solution as an alternative to “doing nothing.”
The Soft Fork is called off, as you can see here: https://t.co/GAp8PJLf8z
— Fabian Vogelsteller (@feindura) June 29, 2016
This makes a #HardFork the only option to recover 3-12% of all ETH
The option means cancelling some operations previously performed within Ethereum network. This measure, however, brings obvious risks to the system’s reputation because, as some community members have pointed out, it will undermine the trust in the reliability of the network.
After draining more than $150 mln worth of ether, the violator moved the funds into a newly created child DAO. A few days ago Ethereum developers launched a vote on a soft fork that they proposed as a slower but safer way to return the funds. The vote is being carried out by miners through the updated Geth code that allows lowering the block gas limit. If the limit goes down to 4 mln units, the soft work would be implemented; if it stays on a higher level, the soft fork would be rejected and The DAO funds released.
To adopt the soft fork, 51% of the total hashrate in Ethereum ecosystem must vote. The referendum is expected to end on 30 June when a note with block #1800000 enters the blockchain.
Ludmila Brus
