The Ethereum Foundation publicly revealed that the second most important blockchain and cryptocurrency network in the crypto industry was vulnerable for almost 2 years to a potential DoS attack, until the arrival of Berlin.
Ethereum (ETH), one of the networks blockchain most complex that exist in the digital industry today, was vulnerable to a denial of service attack, known as DoS, for almost 2 years, as explained by the Ethereum Foundation in a report recently published.
“With this blog post, the intention is to officially reveal a severe threat against the Ethereum platform, which was a clear and present danger until the Berlin hard fork.”
The Ethereum Foundation, the Ethereum developer organization, revealed that the Berlin update, implemented on April 15, integrated a solution to the network vulnerability, which reduces Ethereum's risk of suffering a DoS attack. As he explains, the blockchain network was vulnerable to a DoS attack for 18 consecutive months, although the team implemented a set of quick measures to mitigate the potential risk.
The report titled “Dodging a bullet: Ethereum State Problems” He notes that randomness in trie keys when searching is “the worst case scenario for any database.” Since the Ethereum state consists of a Merkle-Patricia-Trie (MPT), which becomes larger and denser as more accounts or “leaves” are added and which uses intermediate nodes in searches, the network was vulnerable to random trie searches.
The vulnerability was an “open secret,” as indicated by the Foundation, which at some point mistakenly revealed its existence. However, now that the vulnerability is low enough after the implementation of Berlin, and the proposals for improvement EIP-2929 and the EIP-2930, Ethereum developers feel free to reveal it publicly, although the technical details in the presented report were brief.
It may interest you: The Berlin update goes live on the Ethereum blockchain
“The DoS that never existed”
On the official Twitter account of the implementation Go Ethereum, the developers explained that although the network was vulnerable to an attack for almost 2 years, the DoS was never executed, so they called the vulnerability “the DoS that never existed”.
The developers explained that the DoS attack only needed a few thousand dollars to execute, and that if it had occurred, it could have paralyzed Ethereum completely. However, some detailed that although the economic resources required to attack the network were few, executing the attack did demand a lot of “intelligence quotient.”
Likewise, the developers stated that disclosing the existence of this vulnerability also explains one of the reasons why the increase in Gas on Ethereum was so high, which negatively affected the user experience on the network but also kept it “safe.” ”.
The Ethereum Foundation points out that developers had been analyzing different solutions to mitigate the vulnerability for months, and that Vitalik Buterin, co-founder of Ethereum, proposed increasing gas costs and maintaining access lists, to protect the network while an effective and real solution was developed.
Then, in August of last year, both Vitalik and Martin Swende, also a network developer, began to devise what are today the EIP-2929 and EIP-2930. Prior to these proposals, the network had implemented EIP 1884 in the Istanbul upgrade, to increase gas costs in operations that access the trie, although the improvement proposal was not sufficient to mitigate the existing risk.
A similar case in Bitcoin
Ethereum developers are not the only ones to reveal such a vulnerability in a blockchain network. In September 2020, the developers of Bitcoin (BTC) they made known that the blockchain had also been vulnerable to a DoS attack for almost 2 years, but that the vulnerability had been secretly eliminated in June 2018.
The developers' decision to keep a vulnerability or flaw like this secret responds to the network's own security, and these are almost always revealed after a proven and efficient solution exists.
Finally, Ethereum continues its path to becoming a scalable and secure blockchain network. The Ethereum Foundation also recently revealed that with the implementation of proof of stake (PoS) Many of the current network problems will be solved. Furthermore, the arrival of the new consensus algorithm will reduce Ethereum's energy consumption by 99%, making the network more efficient and environmentally safe; something of utmost importance in the midst of the controversies that the crypto community is currently experiencing, due to the constant criticism about the energy consumption of blockchain networks based on Proof of WorkPoW), like Bitcoin and Ethereum.
At press time, ETH, the native cryptocurrency of the Ethereum network, is trading at a value of $2.490. Crypto markets are in the red after the abrupt fall of Bitcoin, due to new cryptocurrency bans in China, and Elon Musk's change of attitude towards Bitcoin.
Continue reading: The arrival of London is approaching, the hard fork that will reduce Ethereum fees
