Ethereum’s Constantinople Hard Fork Delayed Due to Discovery of Critical Bug, ETH Price Drops Over 7%

Siamak Masnavi

On Tuesday (January 15th), Zurich-based blockchain security firm ChainSecurity announced that it had discovered a critical bug in Ethereum's code changes for the Constantinople upgrade that could leave some smart contracts vulnerable to attacks that could lead to loss of user funds. This means that the Constantinople hard fork, which was expected to be activated around 20:00 PT on January 16th (i.e. 04:00 UTC on January 17th) at block number 7,080,000, has had to be delayed.

ChainSecurity offers three types of services:

  • smart contract audits (based on its "proprietary audit platform");
  • a secuity audit platform (a set of "automated tools for developers and auditors" -- this takes a smart contract and its formal specification as inputs and produces a security report as the output; and
  • security monitoring ("ideal for exchanges and response teams") -- this type of monitoring "inspects smart contracts on-chain to ensure compliance and absence of security exploits".

ChainSecurity's Medium blog post, which was published around 16:00 UTC on January 15th, was titled "Constantinople enables new Reentrancy Attack." Here is the summary of the critical vulnerability that ChainSecurity had discovered:

"The upcoming Constantinople Upgrade for the ethereum network introduces cheaper gas cost for certain SSTORE operations. As an unwanted side effect, this enables reentrancy attacks when using address.transfer(...) or address.send(...) in Solidity smart contracts. Previously these functions were considered reentrancy-safe, which they aren’t any longer."

So, basically, ChainSecurity was saying that the implementation of one of the Constantinople's five main changes, Ethereum Improvement Proposal (EIP) 1283 contained a critical bug. This discovery led to Ethereum's core developers, as well as other key stakeholders such as Ethereum creator Vitalik Buterin, speaking via Zoom audio call and agreeing to delay the hard fork while they studied this issue, with a further meeting scheduled for this Friday to decide on a new fork date.

This is how the Ethereum Foundation announced (at 21:45 on January 15th) the news about the postponement of the Constantinople hard fork:

Ethereum Foundation's blog post had this avice for anyone running a node:

"Out of an abundance of caution, key stakeholders around the Ethereum community have determined that the best course of action will be to delay the planned Constantinople fork that would have occurred at block 7,080,000 on January 16, 2019. This will require anyone running a node (node operators, exchanges, miners, wallet services, etc…) to update to a new version of Geth or Parity before block 7,080,000. Block 7,080,000 will occur in approximately 32 hours from the time of this publishing or at approximately January 16, 8:00pm PT / January 16, 11:00pm ET / January 17, 4:00am GMT."

This blog post pointed out that "if you are a person who simply interacts with Ethereum (you do not run a node), you do not need to do anything." This includes smart contract owners (since "the change that would introduce this potential vulnerability will not be enabled").

As for those running an Ethereum node, it advised them to update their "Geth and/or Parity instances when they are released." (These new releases should become available by around 02:00 UTC on January 16th.)

At press time, according to CryptoCompare, ETH is trading at $120.15, down 7.31% in the past 24-hour period.

Featured Image Credit: Photo via Pexels.com

Ethereum and XRP Could Power Central Bank Digital Currencies, Bank of France Says

Michael LaVere
  • Bank of France is launching a pilot program to explore the use of digital currencies. 
  • Bank says ethereum and xrp could potentially be used to power central bank currencies. 

The Bank of France says Ethereum and XRP could be used to power central bank digital currencies in the future. 

According to a document published Mar. 30, France’s central bank is launching an experimental program to investigate the potential use of a digital currency for interbank settlements. The bank has opened applications for interested parties to participate in the pilot program, with an emphasis on creating innovative technologies rather than replacing fiat. 

The document reads, 

The challenge of these experiments is not to replace these two existing forms of central money, but to identify how innovative technologies could improve the efficiency and fluidity of payment systems and financial infrastructures, allowing a better financial sector to ensure the smooth financing of the economy.

The Bank of France intends to analyze the use of existing cryptocurrencies to power central bank digital currencies. According to an internal report, the bank has touted the use of ethereum and xrp, in particular. 

The report reads, 

Since the attributes of a unit of the wholesale CBDC (file representing the currency unit, keys enabling use) may be integrated in a cryptoasset circulating on another blockchain, which is possible on Ethereum and Ripple, for example, it would then become possible to use the unit on this blockchain.

The experimental project was first announced by Bank of France governor François Villeroy de Galhau in December 2019 as part of a plan to make the country the first to issue a digital currency.

Featured Image Credit: Photo via Pixabay.com