Developers Discover Vulnerability In Constantinople Code Again
Specialists of the Ethereum Foundation discovered another problem during the preparation for the Constantinople hard fork, Trustnodes reports.
The vulnerability can affect a number of smart contracts that can self-destruct. First of all, it concerns the Create2 command. It can replace a liquidated smart contract and make changes to its existing rules. As a result, users of the network risk losing their money.
In the current version of the protocol, the self-destruction function does not cause any problems, but if the network is updated, it will become vulnerable and can be used to steal all allocated tokens of a smart contract, Jason Carver, a company specialist, stated.
All clients of the network are advised to examine the code of a smart contract seriously and pay particular attention to the function of its self-destruction. If such is found, then it is recommended not to work with the code.
The developers began to look for technological solutions to this vulnerability. As an option, setting additional protection against the probability of replay in Create2 is considered.
According to the experts of the Ethereum Foundation, work on eliminating the vulnerability should not affect the start time of the Constantinople hard fork, which is supposed to be conducted in the last days of February 2019.
As previously reported, the daily ether mining was almost halved to 13,000 because of the bomb difficulty.