The long-awaited Constantinople fork of the Ethereum network has been delayed due to potential security issues identified by ChainSecurity. An innovation of the Constantinople update was the introduction of cheaper gas cost for certain SSTORE operations. The Swiss blockchain security company warned that this would enable reentrancy attacks.
Don’t Worry – Update and You Won’t Be Sorry
Following ChainSecurity’s revelations, key stakeholders within the Ethereum community decided to postpone the Constantinople fork, initially scheduled to launch January 16, 2019.
[SECURITY ALERT] #Constantinople upgrade is temporarily postponed out of caution following a consensus decision by #Ethereum developers, security professionals and other community members. More information and instructions are below. https://t.co/p2znO8HGxf
— Ethereum Foundation (@ethereum) January 15, 2019
This means anyone running a node – node operators, exchanges, miners, wallet services – has to update a new version of Geth or Parity before block 7,080,000.
Block 7,080,000 will occur at approximately 8:00pm PT/January 16, 4:00am GMT/January 17. Update your Geth and/or Parity instances to the updated versions using the links below:
Geth
- Upgrade to 1.8.21, OR
- Downgrade to Geth 1.8.19, OR
- Remain on 1.8.20, but use the switch ‘–override.constantinople=9999999’ to postpone the Constantinople fork indefinitely.
Parity Ethereum
- Upgrade to Parity Ethereum 2.2.7-stable (recommended)
- Upgrade to Parity Ethereum 2.3.0-beta
- Downgrade to Parity Ethereum 2.2.4-beta (not recommended)
If you are simply interacting with Ethereum (you do not run a node), you don’t need to do anything!
Ledger, Trezor, Safe-T, Parity Signer, WallEth, Paper Wallets, MyCrypto, MyEtherWallet and other users or token holders that do not participate in the network by syncing and running a node can remain calm. The change that would introduce this potential vulnerability won’t be enabled.
Snapshot of Ethereum Constantinople Update. Image Source: Consensys
Vulnerability of Smart Contract
The analysis by ChainSecurity dives deep into the potential risk of the Constantinople fork and how smart contracts can be checked for their vulnerability.
EIP-1283 introduces cheaper gas cost for SSTORE operations. But their findings show that some smart contracts already on the chain may utilise code patterns that would make them vulnerable to a reentrancy attack after the Constantinople upgrade took place.
Contracts that increase their probability to being vulnerable are contracts that utilise a transfer() or send() function followed by a state-changing operation. Take for example a contract where two parties jointly receive funds, make a decision on how to split these funds and trigger a payout of those funds.
Don’t Jump the Gun – Wait and See
There is a non-zero risk that some contracts could be affected, according to ChainSecurity.
Out of an abundance of caution, stakeholders of the Ethereum network decided to delay the update. There was not enough time to clear away all security risks before the planned fork on January 16, 2019.
Security researchers, Ethereum client developers, smart contract owners and developers, wallet providers, node operators, Dapp developers and media were involved in the discussion leading up to the decision.
If you want to stay up to date on the latest Constantinople and Parity Ethereum developments, follow @ParityTech on twitter or check out the Ethereum Blog.
Comments(12)
comment Rastrear Teléfono Celular says
January 29, 2024 at 5:16 pmRastreador de teléfono celular – Aplicación de rastreo oculta que registra la ubicación, SMS, audio de llamadas, WhatsApp, Facebook, fotos, cámaras, actividad de Internet. Lo mejor para el control parental y la supervisión de empleados. Rastrear Teléfono Celular Gratis – Programa de Monitoreo en Línea.
comment binance says
March 7, 2024 at 12:11 pmThank you for your sharing. I am worried that I lack creative ideas. It is your article that makes me full of hope. Thank you. But, I have a question, can you help me?
comment vorbelutrioperbir says
March 20, 2024 at 6:21 amI am constantly browsing online for posts that can assist me. Thx!
comment read here says
March 22, 2024 at 4:30 amYoure so cool! I dont suppose Ive learn something like this before. So good to find someone with some authentic thoughts on this subject. realy thanks for beginning this up. this web site is one thing that’s wanted on the net, someone with a bit originality. useful job for bringing one thing new to the web!
comment click this says
March 22, 2024 at 5:05 amThis is a topic close to my heart cheers, where are your contact details though?
comment Buy nicotine pouches says
March 23, 2024 at 4:27 pmI always was interested in this topic and still am, thanks for posting.
comment Buy nicotine pouches says
March 23, 2024 at 4:51 pmI¦ve recently started a web site, the info you offer on this web site has helped me greatly. Thanks for all of your time & work.
comment private carers says
March 24, 2024 at 8:59 pmWell I sincerely enjoyed studying it. This subject provided by you is very effective for good planning.
comment private care services says
March 24, 2024 at 9:21 pmHowdy! I’m at work browsing your blog from my new apple iphone! Just wanted to say I love reading your blog and look forward to all your posts! Carry on the outstanding work!
comment toroidal transformers says
March 26, 2024 at 4:45 pmOutstanding post, you have pointed out some superb details , I likewise think this s a very wonderful website.
comment toroidal transformers says
March 26, 2024 at 5:15 pmI’ve been absent for a while, but now I remember why I used to love this web site. Thanks , I’ll try and check back more often. How frequently you update your site?
comment bulantogel says
March 27, 2024 at 6:10 pmI like this internet site because so much utile stuff on here : D.