Main navigation

One of Largest Ethereum Layer 2s Faces Critical Vulnerability, But Funds Are Safe

Fri, 02/11/2022 - 11:55
article image
Arman Shirinyan
The team needed only a few hours to fix the crucial vulnerability
One of Largest Ethereum Layer 2s Faces Critical Vulnerability, But Funds Are Safe
Cover image via
Read U.TODAY on
Google News

Optimism, one of the largest Layer 2 solutions for Ethereum, has fixed a critical vulnerability within hours of confirmation which allowed the network to avoid an exploit that could’ve cost millions for Optimism users.

On Feb. 2, software engineer Jay Freeman behind Cydia and Orchid, who goes by the name of saurik, cautioned the Optimism team about the existence of a crucial vulnerability in the Geth fork. The bug allowed the "creation" of ETH on the Optimism contract by exploiting the “selfdestruct” function on the contract that was holding layer 1's coins. 

$20 Million Worth of SHIB Added to Top ETH Whales’ Holdings Within a Few Hours: Details

According to the chain history of Optimism, the bug hasn’t been used by scammers or hackers. As the contract’s page suggests, the vulnerability has been used once by an undisclosed Etherscan employee who accidentally used the function but didn't generate usable ETH.

The fix has been developed shortly after. It was then silently deployed on the testnet network and released on the main network of Optimism. According to Optimism’s medium article, it took developers only a few hours from the time of initial confirmation to come up with the fix. 

The development team behind the layer 2 solution has already alerted bridge providers about the presence of the issue and instructed them to update their networks. Projects have successfully updated their software to fix the vulnerability. Users who are running a replica should upgrade their l2geth version to get synced with the network.

Crypto Winter Has Arrived: Why Crypto CFDs Might Be a Good Option to Consider Now?

According to the official Immunefi bug bounty program, hackers that help keep the network safe are eligible for a bounty reward that currently stays at the maximum of $2 million. The actual reward for saurik hasn’t been disclosed. 

Prior to that, numerous Ethereum and Solana-related DeFi and NFT platforms became exploited due to various front and backend vulnerabilities discovered by hackers that weren’t cooperative with developers and decided to use bugs for their own good.

article image
About the author

Arman Shirinyan is a trader, crypto enthusiast and SMM expert with more than four years of experience.

Arman strongly believes that cryptocurrencies and the blockchain will be of constant use in the future. Currently, he focuses on news, articles with deep analysis of crypto projects and technical analysis of cryptocurrency trading pairs.