380 Interactions, 2 today
A month and a half before it’s scheduled to go live, Ethereum engineers hastily patched up EIP-1559.
Ethereum developers have patched a flaw in a planned update that would have made the network vulnerable to forged big transactions.
EIP-1559, which is scheduled for mid-July, burns part of the ETH spent on transaction processing rather than providing it entirely to miners, as is now the case. The idea seeks to lower the volatility of Ethereum’s transaction cost.
Under EIP-1559, users can “tip” miners and the Ethereum network to speed up transactions. To do this, they specify the maximum amount they are willing to pay.
Martin Holst Swende, a Swedish Ethereum core developer, discovered on Thursday that EIP-1559 imposed no cap on the greatest amount a user might pay to speed up transactions.
An attacker might thus input a ridiculously large number to overwhelm the network, even if they lacked the cash to pay for the tip.
“Because the fields in 1559 are maximums, you could abuse this, not actually pay those huge gas values, and spam the network,” Ethereum core developer Tim Beiko tweeted
To close that loophole, the developers implemented a solution proposed by Swende: four lines of codes that capped transactions at a limit of 2^256, a widely used cryptographic hash function that also underpins .
On May 14, Ethereum developers decided to postpone until December the implementation of a “difficulty bomb” that would dramatically slow down the network. The difficulty bomb is intended to motivate Ethereum developers to accelerate the construction of Ethereum 2.0, the long-awaited update to the Ethereum network that would lower fees and enhance throughput.