Between a block and a hard place?
In this case, ethereum executed a hard fork on Tuesday in a bid to stop denial of service (DoS) attacks that have been ongoing for about a month. Following weeks of transaction and block creation issues, the platform’s developers determined that the best way to fix the issue was to reprice certain network functions, and users and miners responded by quickly upgrading their software (a process known as a ‘hard fork’).
The stable transition to a new transaction record was what many in ethereum team arguably had expected, since the fork was a technical change (unlike the contentious move to rewrite the network’s ledger after the hack of The DAO).
However, the attacker appears to have switched gears, taking advantage of security holes that weren’t expected to be patched until later.
Developers are currently working on new fixes, according to Ethereum Foundation IT consultant Hudson Jameson, who told CoinDesk:
“We are working on client updates to help mitigate the issues somewhat until the second hard fork happens.”
Not yet thwarted
But this new wave of attacks has led to new problems, though they were (to an extent) forseen.
From the start, ethereum developers had planned two hard forks, as the attacker had been taking advantage of a variety of attack vectors. The first aimed to increase the price of certain opcodes that the attacker was successfully abusing to make it harder for him or her to slow down the network. The second hard fork was expected to remove empty accounts the attacker created to bloat the blockchain.
Still, with the second fork yet to be executed, short-term problems have emerged.
In response to the most recent attacks, the Ethereum Foundation issued a recommendation to miners, advising them to lower the gas limit (thus limiting how many transactions can be carried out) before a second fork. At the time of press, cryptocurrency exchange ShapeShift has also paused the trading of ether (again).
Ethereum creator Vitalik Buterin suggested he believes the two attacks can be thwarted with the second technical upgrade. “A successful hard fork round two would resolve this for the short and medium term as it would make the state possible to put in memory again,” he explained.
The problem, Jameson said, is that the blockchain state has grown too big, and the attacker is taking advantage of that.
“The [second] hard fork will shrink the size of the blockchain state and disallow a specific attack that is being utilized to activate the empty accounts over and over again,” he explained.
One less severe attack, which increases processing times to an estimated one to three seconds, takes advantage of another mispriced opcode.
Johnson and Buterin claimed that the plan is to raise the price in the second hard fork.
Even after the second hard fork, however, it’s unclear what will happen or whether it will prevent attackers from finding other vectors.
Around these attacks there have been wider conversations about how (and whether) ethereum can stop these sorts of attacks in the short term or long term.
Many argue that the attacks are an inevitable result of the way ethereum is designed. (More on-platform capabilities mean that ethereum has a larger attack surface than other blockchain networks).
The new attacks prompted BitGo engineer Jameson Lopp to wonder “how many hard forks it will take to plug all the holes”.
And some observers are questioning whether developers are taking enough care before making changes to the network.
“The real story behind this attack and the hardforks is that they are not really testing well,” said IBM blockchain leader of the Latin American division Martin Hagelstrom. “Even when the devs talk about these issues it does not sound like they are aware that their network has $1bn in it.”
But others remain optimistic about ethereum’s future, especially since there haven’t appeared to be any serious problems so far as a result of the fork.
Even if the attacker isn’t thwarted this time, to some this only furthers idea that hard forks are an option for combating them, and that each hurdle that ethereum jumps brings it closer to a working platform.
Marco Streng, CEO of hosted ethereum mining firm, Genesis Mining, indicated he remains impressed by the network’s response to the pressures it has faced in recent months.
“It sets a clear sign ethereum will go out of this stronger than before.”
Spinning top image via Shutterstock
Disclosure Read More
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.