l2 optimism jay freeman cydiamitchelhillcointelegraph

Ethereum Layer-2 solution Optimism has fixed a critical software bug in one of its smart contracts on Ethereum. On February 2nd, the Optimism team was alerted byJay Freemanof a critical bug in Optimism’s fork of theEthereumGeth client software. As per the Optimismannouncement“Funds Are Safu.”

The bug made it possible for a malicious hacker to create ETH onOptimismby “repeatedly triggering the “SELF-DESTRUCT” opcode on a contract that held an ETH balance.” Opcodes are different types of instructions that can run on the Ethereum Virtual Machine (EVM) execution environment.

Bug triggered by Etherscan employee

Analysis of Optimism’s blockchain history carried out by the Optimism team showed that the bug was not exploited. The bug seems to have been accidentally triggered on one occasion by an employee at the popular block explorer Etherscan.


Reading Time:2minutes

  • A “gray hat” hacker has described how he identified a critical Ethereum bug
  • The bug, in the Optimism L2 code, could have allowed limitless minting of ETH
  • Jay Freeman picked up $2.1 million in bug bounties for the find

A “gray hat” hacker has described how he found a critical flaw in the EthereumOptimism scaling solution that he could have used to mint an unlimited amount of ETH. Jay Freeman (known as ‘Saurik’ online) explained how he found a bug in the Ethereum virtual machine that executes smart contracts on Optimism, but instead of using it to mint a barrel load of ETH he reported it and took home $2.1 million in total bounties.

As per the report, “no usable excessETHwas generated.”

According to the announcement, within hours of confirmation, the Optimism team developed and deployed a fix on the Kovan and Mainnet networks, mending the bug, and sent alerts to teams developing vulnerable Optimism forks and to L1-L2 bridge providers. Apart from the announcement, the Optimism team has also published a detailedbreakdownof the incident.

As part of Optimism’s Immunefi bug bountyprogram, the maximum amount of just over $2 million was paid out to Jay Freeman.

The fact that the maximum amount was paid, indicates the seriousness of the bug.

On February 2, the Optimism team was alerted by Jay Freeman (saurik of Cydia and Orchid fame) to the existence of a critical bug in Optimism’s Geth fork. The bug made it possible to create ETH on Optimism by repeatedly triggering the SELFDESTRUCT opcode on a contract that held an ETH balance.” Optimism revealed on its blogsite.

Furthermore, Jay Freeman, best known for creating the Cydia software application and related software, was also awarded over $2 million.
On his blogsite he stated that he reported a critical security issue to Optimism — an “L2 scaling solution” for Ethereum — that would allow an attacker to replicate money on any chain using their “OVM 2.0” fork of go-Ethereum (which they call l2geth).

El creciente ecosistema DeFi hace que la seguridad sea compleja

Según la publicación del blog de Optimism, defender el ecosistema DeFi contra los problemas de seguridad se está volviendo cada vez más complejo, en gran medida como consecuencia directa de la descentralización misma.

La publicación dice:

“Está claro que el ecosistema pronto será demasiado grande para que esto siga siendo práctico. Actualizaremos nuestro protocolo de divulgación para que coincida más con el de Geth en un futuro próximo”.

La publicación también señala la importancia de los programas de recompensas por errores.

El equipo de Optimism se encuentra actualmente en el proceso de especificar y construir el próximo lanzamiento importante, Optimism: Bedrock Edition.

Ether is bad for real Ether

Freeman discovered a glitch in a section of Optimism’s code which forces smart contracts to delete themselves and return related Ether to the sender.

  • Optimism’s “SELFDESTRUCT” function returned crypto to the sender but kept their related off-chain Ether IOUs.
  • This could be exploited to trick smart contracts into looping through the glitch — thus minting infinite “layer 2” crypto.
  • The Ether created by the bug was counterfeit but Freeman suggested it could wreak havoc across the wider crypto ecosystem.

“With your unbounded supply of IOUs, you could go to every decentralized exchange running on the L2 and mess with their economies, buying up vast quantities of other tokens while devaluing the chain’s own currency,” wrote Freeman.

These security flaws are known as overflow bugs.

The announcement does not, however, speculate on possible damages if the bug had been exploited by a malicious hacker.

Growing DeFi ecosystem makes security complex

According to Optimism’s blog post, defending the DeFi ecosystem against security issues is becoming increasingly complex, to a significant extent as a direct consequence of decentralization itself.

The post reads:

“it’s clear that the ecosystem will soon be far too large for this to remain practical. We’ll be updating our disclosure protocol to more closely match Geth’s in the near future,”

The post also points to the importance of bug bounty programs.

The Optimism team is currently in the process of specifying and building the next major release, Optimism: Bedrock Edition.

Optimism has revealed that a “critical bug” in its codebase has been detected and later rectified by software engineer Jay Freeman earlier this month. While detecting the bug, it was deduced that a malicious actor could “mint” an arbitrary number of ETH tokens on any blockchain that utilises Optimism Virtual Machine (OVM).

Optimism is a Layer 2 Optimistic Rollup network designed to utilise the strong security guarantees of Ethereum (ETH) while reducing its cost and latency.

The company revealed that while analysing the chain history, it was deduced that the bug was not exploited and a fix for the issue was tested and deployed to its Kovan and Mainnet networks (including all infrastructure providers) within hours of confirmation.

The reporting came with a criticism from Freeman that blockchain projects shouldn’t treat “basic issues of decentralization or security” as afterthoughts.

‘Unbridled Optimism’ Would Have Seen Anything But

Freeman described in a blog post published yesterday that he discovered the bug to be related to the bridging aspect of the Optimism protocol, the same mechanism that hit the Wormhole protocol earlier this month. Freeman dubbed the bug ‘Unbridled Optimism’ and described in no uncertain terms what it could do:

Exploiting this enables the attacker to have access to an effectively unbounded number of tokens (aka, the IOUs) on the far side of the bridge.

It is my contention that this is more dangerous than merely tricking the reserves into allowing a withdrawl (sic).

A self-styled “grey hat” hacker figured out how to trick Ethereum scaling solution Optimism into effectively printing unlimited Ether earlier this month.

Software engineer Jay Freeman (who goes by Saurik online) didn’t leverage the exploit. Instead, he reported the issue to Optimism’s dev team, who paid him a $2-million bug bounty.

Freeman is probably best known for his work on Cydia, the app store for jailbroken iPhones.
However, more recently he’s been looking for bugs on blockchains.

According to a breakdown on Freemans’ website, he discovered the glitch while looking into so-called “nano payment protocols.”

Optimism is one of these protocols.

La solución Ethereum Layer-2 Optimism ha corregido un error de software crítico en uno de sus contratos inteligentes en Ethereum. El 2 de febrero, el equipo de Optimism fue alertado porjay freemande un error crítico en la bifurcación de OptimismEtéreoSoftware de cliente Geth.
Según el optimismoanuncio«Los fondos son Safu».

El error hizo posible que un hacker malintencionado creara ETH enOptimismoal «activar repetidamente el código de operación» AUTODESTRUCCIÓN «en un contrato que tenía un saldo ETH«. Los códigos de operación son diferentes tipos de instrucciones que pueden ejecutarse en la máquina virtual Ethereum (EVM) entorno de ejecución.

Error provocado por un empleado de Etherscan

El análisis del historial de blockchain de Optimism realizado por el equipo de Optimism mostró que el error no fue explotado.

Similar Posts:

Leave a comment