A bug on Ethereum’s Geth software client has caused a fork in the blockchain, essentially splitting the network in two simultaneous chains. The bug was said to have been exploited in Geth client’s v1.10.8 release.
According to Ethereum core developer Marius Van Der Wijden, an unidentified threat actor exploited the bug, which caused all Geth nodes with earlier versions to get split from the mainnet.
It seems that someone found the bug we fixed in @go_ethereum v1.10.8 and exploited it causing all geth nodes with earlier versions to split from the network. If you are running v1.10.7 or earlier please update!!!
— MariusVanDerWijden (@vdWijden) August 27, 2021
Go Ethereum, the official Golang (a software programming language) implementation of Ethereum, later issued an advisory for all nodes using its client to immediately update their software’s version.
A chain split has occurred on the Ethereum mainnet. The issue was resolved in the v1.10.8 release announced previously. Please update your nodes, if you haven’t already!
— Go Ethereum (@go_ethereum) August 27, 2021
The exploit causing the unintentional fork has raised concerns regarding a potential double-spend attack. Double-spend attacks on a blockchain network happen when a specific cryptocurrency is spent twice, thereby turning the cryptocurrency into a counterfeit and draining its value through inflation and a massive price reduction.
The Geth v1.10.8 update named as “Hades Gamma” would have fixed the bug and erased its trace going forward with a hotfix, but the threat actor was able to access it and launch the bug, infecting nodes working with prior versions. The bug was previously disclosed on August 18 by Ethereum developers.
The Geth client services some 3,947 nodes out of the existing 5,289 live Ethereum nodes. According to on-chain data, some 73% or 2,858 nodes running Geth have not updated to the latest, fixed version. Despite the serious implications of such a bug, it appears that the Ethereum ecosystem remains unaffected.
Note: This story is developing. CryptoDaily will update this as it unfolds.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
Credit: Source link