Get the scoop on finance - sign up for mobile alerts
Scams, Hacks & Breaches
| On
October 15, 2019

Biggest Blockchain Exploits Show Weakness in Smart Contracts, Says Crypto Insider

By Daily Hodl Staff

Byron Murphy, an editor at Viewnodes, the developer of Metaverse, one of China’s earliest proof-of-work blockchain, says smart contract vulnerabilities remain a “clear and present danger.”

ADVERTISEMENT

In a post published on Hackernoon, Murphy asks,

“The key question underlying the biggest blockchain exploits boils down to this: why do the best coders in the space make so many mistakes?”

In January of 2019, global public blockchain network Ethereum was forced to delay the Constantinople hard fork, or backwards incompatible upgrade, almost at the last minute due to a smart contract security flaw that could have been exploited to steal user funds. Ether dropped 11% in just a few hours after the bug was found. 

ADVERTISEMENT

The Constantinople update, which eventually went live on February 28, included several points of code optimization, lower fees for storing smart contracts and reduced miner rewards from 3 ETH to 2 ETH. But the delay was triggered by the potential for “reentrancy attacks,” which would have allowed hackers to steal user funds in a worst case scenario. Notes Murphy,

“The security flaw in question was a potential for ‘reentrancy attacks’ exploiting code in EIP 1283, allowing attackers to steal funds in a worst case scenario. This has been theoretically possible for a long time, but the inhibitive price of smart contract storage prevented an attacker from pursuing this route. Constantinople would have reduced this price, and so developers were forced to delay the hard fork to work on a permanent solution.”

A previous hard fork of the Ethereum blockchain was performed in 2016 following the hack of The DAO, an Ethereum-based, decentralized autonomous organization that was an open-source initiative to raise capital for blockchain projects. The hard fork reversed the hacker’s transactions, which had led to approximately $70 million in Ether losses.

While a new crop of non-custodial exchanges such as Nash, SparkSwap and Arwen, are relying on smart contracts to handle trades, reports Forbes, in their efforts to thwart the security vulnerabilities that have plagued hacked centralized exchanges – i.e. Coincheck, Cryptopia, Zaif – they will have to contend with a different set of challenges.

Writes Murphy,

ADVERTISEMENT

“Smart contracts and decentralized virtual machines are an almost unfathomably incredible innovation, but will be ever overshadowed if exploits continue to occur.”

You can read Murphy’s full post here.

[the_ad id="42537"] [the_ad id="42536"]
&nbsp
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.