Ethereum’s developers were prompted to launch a security update by an unknown attacker. “private fix” As the network struggled with issues during the Pectra update on the Sepolia Testnet.
After an incident reportThe attacker used an unreported vulnerability, according to Ethereum developer Marius van der Wijden “edge case,” Sending tokens with zero value to the deposit contract causes errors that complicate an already difficult rollout.
What is happening?
The 5th of March is the date that you can expect to see. Pectra upgrade went live Sepolia developers began seeing an increase of empty blocks and error messages as soon as they started mining their geth nodes.
According to van der Wijden, the issue stemmed from the deposit contract emitting an unexpected event—a transfer event instead of the required deposit event—which caused nodes to reject transactions and produce only empty blocks.
It was EIP-6110 that caused the bug. EIP-6110 required logs for deposit contracts to be handled uniformly.
The team at geth rolled out an update that would fix the problem. “ignore all erroneous logs coming from the deposit contract,” But developers have reportedly missed a particular edge case within the ERC-20 Standard.
“The ERC20 standard does not forbid 0 token transfer, this allows anyone (even if they don’t own any token) to transfer 0 tokens to another address which will emit an event,” van der Wijden explained, adding that an “attacker” This was exploited by repeatedly sending tokens of zero value to the deposit contract.
It triggered the exact same error, causing the network to keep mining blocks that were empty.
Developers initially suspected that a validator they trusted had made an error, but after further investigation, the problem was traced to a recently funded account via a public faucet.
Developers needed to stop the attack by filtering out all transactions that interact with the deposit contract. They suspected the attackers were monitoring their chats and rolled out an antivirus. “private fix” Select DevOps Nodes Controlling about 10% of the Network
The chain was able to run normally again by 14:00, UTC, after the fix. The attacker’s transaction, which was mined a few blocks after, confirmed that the node operators were all updated.
Ethereum has remained stable despite disruptions. “never lost finalization”According to van der WIjden, the problem only affected Sepolia’s token-gated deposits contract. This contract was different from Ethereum mainnet deposit contracts.
The developers decided, however, to postpone the upgrade of Pectra for more testing and debugging.
What is Ethereum Pectra?
Pectra’s fork is intended to increase ETH staking capacity, layer 2 scalability and network capacity. This upgrade marks the first significant update since DencunThe first version was released in March of 2024.
Crypto.news has reported that developers have been working on a new product. planned to deploy Pectra can be on the mainnet as early as April 8, if the Holesky testnet and Sepolia testing nets are both operational. successfully completed Their upgrades.
The first upgrade to Holesky was implemented in the testnet of Holesky on 24 February, but it ran into some technical problems that prevented its finalization.
“This article is not financial advice.”
“Always do your own research before making any type of investment.”
“ItsDailyCrypto is not responsible for any activities you perform outside ItsDailyCrypto.”
Source: crypto.news
