Thursday, October 5, 2023

White Hat Hacker Gains $2M


Optimism is an Ethereum scaling firm. It has revealed a workaround for a “major flaw” in the project’s Geth fork. This would have allowed hostile hackers to create a limitless amount of ETH.

Furthermore, programmers from the Ethereum Layer 2 scaling project Optimism stated that a “major problem” got discovered and fixed.

White hat hacker and iOS jailbreak software engineer Jay Freeman originally found the issue. It could have allowed hackers to manufacture as much ‘ETH’ as they wanted in an Optimism account balance.

He said in his tweet that last week, he uncovered (and disclosed) a serious problem in @optimismPBC (an Ethereum “layer 2 scaling solution”). It would have allowed an attacker to print an arbitrary number of tokens, for which I received a $2,000,042 bounty.

The Flaw on the Hack

Freeman highlighted the flaw in a detailed blog post. It said that it would allow an attacker to reproduce money on any chain utilizing their ‘OVM 2.0’ version of go-Ethereum. For his work, Freeman received one of the greatest bug bounties ever, with a total payment of $2,000,042.

The flaw, according to the Optimism team, allowed users to produce ETH on the platform. Additionally, this was done by repeatedly invoking the SELFDESTRUCT opcode on a contract with an ETH balance.

However, the Optimism team stated in a blog post that the problem had not abused. Furthermore, an unintentional activation by a worker at Ethereum data startup Etherscan, but that no useable excess had generated.

Within hours, a confirmation went through. The team said, a remedy for the vulnerability tested and distributed across Optimism’s Kovan and Mainnet network. This goes along with all infrastructure providers. They also expressed gratitude to Infura, QuickNode, and Alchemy for their quick responses.

They’ve also notified a number of susceptible Optimism forks and bridge providers about the problem. All of these projects have implemented the required fix.

Optimism’s Lifts Whitelist

Optimism lifted its whitelist late last year, allowing any developer to start developing projects on the Optimism network. Prior to this, only specific initiatives like Uniswap and Synthetix had access to the network. This restriction made it a lot easier for programmers to identify and fix potential bugs.

Furthermore, Optimism is an Ethereum network Layer 2 scalability solution. It uses “optimistic rollups” to consolidate transactions from outside the Ethereum blockchain.

This has the advantages of reducing transaction slippage, lowering transaction costs, and greatly increasing transaction speeds. However, while Layer 2 protocols provide performance gains, security during continuous development is still a major worry.

Additionally, this is one of the greatest bounty payments to date. On the other hand, MakerDAO has just revealed that it will pay a maximum of $10 million to anyone who can identify serious security flaws in its smart contracts. The most extensive set of bug bounties ever provided on Immunefi’s bug bounty program.

Miguel Garcia
Miguel Garcia
Miguel Garcia is a writer for Cryptoconstellation. Miguel has always been fascinated with Crypto. He has experience in Business and finance. Miguel loves sport cars and football.

More from Crypto News Constellation

[tds_leads input_placeholder="Email address" btn_horiz_align="content-horiz-center" pp_checkbox="yes" pp_msg="SSd2ZSUyMHJlYWQlMjBhbmQlMjBhY2NlcHQlMjB0aGUlMjAlM0NhJTIwaHJlZiUzRCUyMiUyMyUyMiUzRVByaXZhY3klMjBQb2xpY3klM0MlMkZhJTNFLg==" msg_composer="success" display="column" gap="10" input_padd="eyJhbGwiOiIxNXB4IDEwcHgiLCJsYW5kc2NhcGUiOiIxMnB4IDhweCIsInBvcnRyYWl0IjoiMTBweCA2cHgifQ==" input_border="1" btn_text="I want in" btn_tdicon="tdc-font-tdmp tdc-font-tdmp-arrow-right" btn_icon_size="eyJhbGwiOiIxOSIsImxhbmRzY2FwZSI6IjE3IiwicG9ydHJhaXQiOiIxNSJ9" btn_icon_space="eyJhbGwiOiI1IiwicG9ydHJhaXQiOiIzIn0=" btn_radius="0" input_radius="0" f_msg_font_family="521" f_msg_font_size="eyJhbGwiOiIxMyIsInBvcnRyYWl0IjoiMTIifQ==" f_msg_font_weight="400" f_msg_font_line_height="1.4" f_input_font_family="521" f_input_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEzIiwicG9ydHJhaXQiOiIxMiJ9" f_input_font_line_height="1.2" f_btn_font_family="521" f_input_font_weight="500" f_btn_font_size="eyJhbGwiOiIxMyIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSJ9" f_btn_font_line_height="1.2" f_btn_font_weight="600" f_pp_font_family="521" f_pp_font_size="eyJhbGwiOiIxMiIsImxhbmRzY2FwZSI6IjEyIiwicG9ydHJhaXQiOiIxMSJ9" f_pp_font_line_height="1.2" pp_check_color="#000000" pp_check_color_a="#fdbf46" pp_check_color_a_h="#000000" f_btn_font_transform="uppercase" tdc_css="eyJhbGwiOnsibWFyZ2luLWJvdHRvbSI6IjQwIiwiZGlzcGxheSI6IiJ9LCJsYW5kc2NhcGUiOnsibWFyZ2luLWJvdHRvbSI6IjMwIiwiZGlzcGxheSI6IiJ9LCJsYW5kc2NhcGVfbWF4X3dpZHRoIjoxMTQwLCJsYW5kc2NhcGVfbWluX3dpZHRoIjoxMDE5LCJwb3J0cmFpdCI6eyJtYXJnaW4tYm90dG9tIjoiMjUiLCJkaXNwbGF5IjoiIn0sInBvcnRyYWl0X21heF93aWR0aCI6MTAxOCwicG9ydHJhaXRfbWluX3dpZHRoIjo3Njh9" msg_succ_radius="0" btn_bg="#fdbf46" btn_bg_h="#dd9933" title_space="eyJwb3J0cmFpdCI6IjEyIiwibGFuZHNjYXBlIjoiMTQiLCJhbGwiOiIwIn0=" msg_space="eyJsYW5kc2NhcGUiOiIwIDAgMTJweCJ9" btn_padd="eyJsYW5kc2NhcGUiOiIxMiIsInBvcnRyYWl0IjoiMTBweCJ9" msg_padd="eyJwb3J0cmFpdCI6IjZweCAxMHB4In0=" msg_err_radius="0" f_btn_font_spacing="1" title_text="Stay Up to Date"]


Related Crypto News

Ethereum Creator Opposes Transferrable Governance

Vitalik Buterin, the creator of Ethereum, has said that allowing DAOs to issue transferrable governance tokens is inconsistent...

Ethereum Is The Future, Bitgert Disagrees

Blockchains and decentralization can only succeed if Ethereum succeeds, according to Vitalik Buterin. Due to the large size of...

Ethereum Scaling Arbitrum Halts Odyssey NFT Campaign

Because the costs on the layer-2 solution were higher than on the Ethereum mainnet, Arbitrum had to halt...

Institutional Ethereum Staking Launched by Anchorage Digital

Cryptocurrency storage association Anchorage Digital reveals the launch of an Ethereum staking provider for institutions. This is capable...