Disclosed: Ethereum 'Lived' With a Major Threat for 18 Months
Here's what we knew: Ethereum (ETH) executed the Berlin hardfork last month. Here's what we didn't know: it came with a solution that lowered the risk of a major DoS attack, looming over the network for more than a year and a half.
According to the May 18 post written by Ethereum developer Péter Szilágyi and the Security Lead at the Ethereum Foundation Martin Holst Swende, the Foundation "officially disclose[d] a severe threat against the Ethereum platform, which was a clear and present danger up until the Berlin hardfork."
This vulnerability has been an "open secret" for a long time, they said, publicly disclosed by mistake at least once. As the Berlin upgrade is done, and Geth nodes are using snapshots by default, "we estimate that the threat is low enough that transparency trumps, and it’s time to make a full disclosure about the works behind the scenes," said the report.
They added that it's "important that the community is given a chance to understand the reasoning behind changes that negatively affect the user experience, such as raising gas costs and limiting refunds."
The report shortly went into technical details, explaining that the Ethereum state consists of a patricia-merkle trie, and as new accounts are added to the network, new "leaves" form, so to say, with the trie becoming denser.
Furthermore, as the network grew, new Ethereum Improvement Proposals (EIPs) were introduced to increase the gas prices for operations that access the trie, and to protect against DoS attacks. One of these was EIP-1884, activated in December 2019, during the Istanbul upgrade.
But in October 2019, an exploit was 'weaponized' by Ethereum security researchers Hubert Ritzdorf, Matthias Egli, and Daniel Perez, and submitted to the Ethereum bug bounty program. It was then discovered that "the changes in EIP 1884 were definitely making an impact at reducing the effects of the attack, but it was nowhere near sufficient."
Developers from Geth, Parity, and Aleth were informed about the submission that same day on a channel dedicated to cross-client security, said the report, adding that Ethereum Classic (ETC) developers also received the report. But Parity Ethereum soon left, and a new client coordination channel was created with Geth, Nethermind, OpenEthereum, and Besu.
"As 2019 were drawing to a close, we knew that we had larger problems than we had previously anticipated, where malicious transactions could lead to blocktimes in the minute-range."
Additionally, developers were already unhappy about EIP-1884 which had made a certain contract-flows break, and "users and miners alike were sorely itching for raised block gas limits."
There were two approaches to a solution:
- trying to solve the problem at the protocol layer, preferably without breaking contracts and without penalizing 'good' behavior, but managing to prevent attacks;
- solving it through software engineering, by changing the data models and structures within the clients.
On April 15 this year, after several rejected proposals, EIP-2929 and its companion EIP-2930 went live with the Berlin upgrade - which do not break any contract flows and which raised gas prices "only for things not already accessed" to prevent the attack.
It's relevant to note that this isn't the first time we're seeing a threat disclosed a couple of years after it had been discovered, and developers argue it's for a very good reason.
As reported, in September 2020, a research paper revealed that Bitcoin (BTC) had harbored a severe denial-of-service vulnerability - which was discovered and patched back in June 2018, without the public knowing for two years.
Per developers speaking to Cryptonews.com at the time, keeping software bugs a closely guarded secret - swiftly notifying only a few essential developers/code owners or maintainers via encrypted messages - at least until a fix is rolled out, is in the best interests of the network and its users.
At 11:47 UTC, ETH is trading at USD 2,683. It dropped 24% in 24 hours, 36% in a week, and 39% from its all-time high of USD 4,357 (per Coingecko).
- Why Ethereum is Far From ‘Ultrasound Money’
- Ethereum Won't Hide From Quantum Computers Behind PoS Shield
- Proof-of-Disagreement: Bitcoin's Work vs. Ethereum's Planned Staking