News Developers Fix Parity Ethereum Node Vulnerability, Urge All Node...

Developers Fix Parity Ethereum Node Vulnerability, Urge All Node Operators to Update

-

- Advertisment -

A bug found in the Parity node/wallet software threatened a considerable proportion of the Ethereum infrastructure. Fortunately, the company has already issued a patch to fix the vulnerability.

The issue was discovered on February 3rd when Parity received several reports that attackers were able to send a specially-crafted RPC request to public Parity Ethereum nodes.

“On February 3rd, we received several reports that an attacker can send a specially-crafted RPC request to a public Parity Ethereum node (any version pre 2.2.9-stable and pre 2.3.2-beta) and that node will crash,” the announcement read.

The bug had opened up an attack vector to allow nodes to be forced offline by potential attackers. If undiscovered, the attack could have threatened a sizeable portion of the Ethereum infrastructure.

It would appear that the only affected nodes were the ones synced up to the JSON-RPC public services like Infura, MyEtherWallet, and MyCrypto, however, all Parity node operators are encouraged to update to the latest upgrade.

According to Etherscan, Parity clients serve more than a quarter of the Ethereum nodes, specifically those that use public JSONRPC Ethereum service and operate some very important Ethereum apps, including Infura, MyEtherWallet, and MyCrypto.

Described as “the secret weapon of Ethereum infrastructure,” Infura alone provides connectivity to the Ethereum network for a number of key products and projects, such as Metamask, CryptoKitties, the 0x Protocol, and many others.

Much of the attention lately has been on the delay of Constantinople, Ethereum’s major update, caused by potential security issues. The vulnerability, identified by security audit company ChainSecurity on January 15, could potentially make some smart contracts on Ethereum vulnerable to a so-called “re-entrancy attack,” enabling an attacker to steal other people’s ETH.

There was confusion following the delay, as many Ethereum nodes that already upgraded were forced to downgrade back to the stable build. What’s more, Parity developer Afri Schodeon noticed that Ethereum’s “difficulty bomb” had been activated, which might cause problems before the Constantinople upgrade (scheduled for February 27) is finally activated.

Follow Bitnewsbot on Twitter and Facebook!



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

Mercuriex Cryptocurrency Exchange Launches New Utility Token, SURF

MercuriEx Cryptocurrency Exchange, originally developed in 2017, came under new ownership in December 2019. Since taking over the exchange,...

Fungibility: Bitcoin Mixers Favorite Term That No One Understands

Fungibility, perhaps the most important concept when dealing with a decentralized and anonymous currency, but does bitcoin...

Crypto can’t thrive in the real world – but stablecoins can

We can safely say that the hype about cryptocurrencies is pretty much over. The claims of Bitcoin...

How to double your crypto

Most of us have a small gambler deep inside our souls. We love to feel the thrill...
- Advertisement -Developers Fix Parity Ethereum Node Vulnerability, Urge All Node Operators to Update

Cryptocurrency Top Security Risk Concerns: What You Can Do to Protect Your Crypto

A report by CipherTrace revealed that in the first half of 2019, criminals and fraudsters stole more...

How has Bitcoin of America Changed the Cryptocurrency Industry?

Who is Bitcoin of America? Bitcoin of America is a U.S. based digital currency...

Must read

Mercuriex Cryptocurrency Exchange Launches New Utility Token, SURF

MercuriEx Cryptocurrency Exchange, originally developed in 2017, came...

Fungibility: Bitcoin Mixers Favorite Term That No One Understands

Fungibility, perhaps the most important concept when...
- Advertisement -Developers Fix Parity Ethereum Node Vulnerability, Urge All Node Operators to UpdateDevelopers Fix Parity Ethereum Node Vulnerability, Urge All Node Operators to Update

You might also likeRELATED
Recommended to you