Source: AdobeStock / Sergey Nivens

It seems like a bug in older versions of the Ethereum (ETH) Geth client, namely versions v1.10.07 and earlier, caused a split.

“Between the newest geth and the older geth on the mainnet. Stay away from Txs for a while until confirmed unless you are sure you are undergoing the latest geth, “tweeted Andre Cronje, founder of Yearn Finance, advising,” Take a walk outside, us everyone needs it. “

A client is software that is used to run nodes and users download it and use it to verify transactions on the network. Clients keep the network secure and the data correct.

According to ethernodes.org, Geth is the most popular Ethereum client, accounting for 74.63% of network nodes. Of these, over 72% of the Geth nodes are running older versions of the client, which means that the bug can affect around 54% of the Ethereum nodes. An address was also identified by The Block Research as the address that exploited the bug.

ethernodesSource: ethernodes.org

According to Ethereum core developer Tim Beiko, Flexpool, BTC.com and Binance Pools seem to have “mined on the wrong Geth version”. The former appears to have reported the problem while developers “are in contact with the latter two,” Beiko said.

The bug can lead to double spend exploits where users spend cryptocurrency but the transaction is overwritten in an alternate chain.

However, Martin Swende, Security Lead at the Ethereum Foundation, said that “most miners have already been updated and the correct chain is also the longest (canon).”

Swende added that the “experiment with public announcements for hotfixes” “was successful in that most miners upgraded in time – so the cannon chain got longer than the bad chain”.

Meanwhile, Polygon (formerly – Matic Network) said that most of the validators have already updated to the latest Geth / Bor version on the Polygon PoS (Proof-of-Stake) mainnet. “The team is monitoring the network right now,” they said.

Details on the node upgrade to Bor on Polygon PoS can be found at https://t.co/IxWDlgp7or

– Polygon (@ 0xPolygon) August 27, 2021

The bug was originally discovered before August 24, 2021 and was immediately shared and confirmed by the Go Ethereum team. Sentnl, the team that discovered the bug during the Telos EVM audit, said the bug was “severe” and requested an “emergency hot patch.”

The developers of Go Ethereum then released a patch on August 24th, but it only works for those who have updated their nodes since then. The developers confirmed it again today:

just setting up my twttr

– jack⚡️ (@jack)

__

The @ go_ethereum team not only fixed a bug for #Ethereum, but also for the so-called Ethereum killers.

However, none of them will ask their users to update their nodes: thinking_face:

PS: Upgrade your geth nodes to 1.10.8! : raised_hands: https: //t.co/n2LHAr09dA

– Bitfly (@etherchain_org) August 24, 2021

All Ethereum node runners are encouraged to update their geth clients to v1.10.8.

At 15:23 UTC, ETH is trading at $ 3,248. It’s up 4.3% in a day and 3.3% in a week.

Further reactions:

just setting up my twttr

– jack⚡️ (@jack)

__

It seems that someone found and exploited the bug we fixed in @go_ethereum v1.10.8, which disconnected all geth nodes with previous versions from the network. If you are using v1.10.7 or earlier please update !!!

– MariusVanDerWijden (@vdWijden) August 27, 2021

__

just setting up my twttr

– jack⚡️ (@jack)

__

Not serious for Ethereum. The majority of the miners are on the upgraded geth which is beyond exploitation and the longest chain is working as expected.

With other chains with forked versions of geth things could get strange https://t.co/1xfYkxo5lR

– Adam Tyree Finch (@atyreefinch) August 27, 2021

____

Learn more:
– Revealed: Ethereum “lived” with a major threat for 18 months
– Crypto bug hunting from Zcash, EOS, Tron and a backdoored coin

– EIP-1559 Three weeks later: ETH 100,000 burned, supply grows
– Ethereum’s MEV vulnerability is “less problematic” – Buterin

– Vitalik Buterin isn’t sure when ETH 2.0 will be, but says customers can start it on their own
– Ethereum 2.0 Multi-Client Testnet Medalla increased by 30% for active validators

LEAVE A REPLY

Please enter your comment!
Please enter your name here