Ethereum Foundation has come clean and divulged fresh details about a major severe threat against the Ethereum platform, which was a clear and present danger up until the recent implementation of the Berlin hard fork.
In a blog post, the foundation explained that the threat was an “open secret” for a long time and was even publicly disclosed by mistake without revealing the explicit details. After the execution of the Berlin hard fork, the Ethereum Foundation speculates that the vulnerability is low enough to calls for transparency at this time.
The platform stated,
“Since the Berlin, the upgrade is now behind us, and since geth nodes by default are using snapshots, we estimate that the threat is low enough that transparency trumps, and it’s time to make full disclosure about the works behind the scenes. It’s important that the community is given a chance to understand the reasoning behind changes that negatively affect the user experience, such as raising gas costs and limiting refunds.”
Ethereum’s denial-of-service [DoD] attack that never transpired
Security researchers of the ETH network namely Hubert Ritzdorf, Matthias Egli, and the author of the paper ‘Broken Metre’, Daniel Perez had united in 2019 to “weaponize an exploit”. The exploit, in question, purportedly triggered “random trie lookups” which could potentially induce block times in the minute range.
Another disclosure submitted during the same time revealed that the delays, as a result, would eventually become longer as Ethereum’s state grows, thereby enabling streamlined denial-of-service attacks against Ethereum network “with transactions whose execution time is close to the block interval even on modern, fast hardware.”
Following this, Ethereum founder, Vitalik Buterin joined forces with Martin Swende after many proposals from developers were turned down throughout 2020. As part of the team-up, Buterin and Swende were tasked to author EIP-2929 and EIP-2930. These upgrades involved raising the gas prices to prevent the attack which was subsequently introduced beside the Berlin upgrade in mid-April this year.
In short the Berlin hard fork is estimated to have brought down the efficiency of the exploit by 50 times.