Constantinople, the much anticipated hard fork of Ethereum, has been delayed as a serious vulnerability was found by the smart contract audit firm ChainSecurity.
[SECURITY ALERT] #Constantinople upgrade is temporarily postponed out of caution following a consensus decision by #Ethereum developers, security professionals and other community members. More information and instructions are below. https://t.co/p2znO8HGxf
— Ethereum (@ethereum) January 15, 2019
On January 15th, ChainSecurity in a detailed Medium post explained that though the upcoming hard fork reduces the gas cost for certain operations, it enables reentrancy attacks on Ethereum’s blockchain using some specific commands.
Exploiting a reentrancy vulnerability, an attacker can steel cryptocurrency from a smart contract by continuously requesting funds and providing false data about the existing ETH balance. Similar vulnerabilities were found in the infamous DAO-attack of 2016.
According to the audit firm, this vulnerability is a side effect of the new features included.
On a Reddit thread, Afri Schoedon, the hard fork coordinator at Ethereum and release manager at blockchain infrastructure provider Parity Technologies, has confirmed that after a long emergency call, the core-devs of the projects have decided to pull the upgrade. Though no exact timeline was provided, Constantinople has been delayed for at least next Friday.
“Out of an abundance of caution, key stakeholders around the Ethereum community have determined that the best course of action will be to delay the planned Constantinople fork that would have occurred at block 7,080,000 on January 16, 2019,” Ethereum stated in its official blog.
The impact of the delay can also be seen on the market, as ETH dropped 5.6 percent in the last 24 hours marking a weekly loss of more than 20 percent. Currently trading at $121, Ethereum has become the top daily loser among the top 15 coins, according to Coinmarketcap.com.
Though Constantinople was not going to provide any major user-related changes, the fork is more of a “maintenance and optimization upgrade” to achieve Ethereum’s long term goal of being a scalable network.
According to a Bloomberg report, Lane Rettig, one of the Etheruem core developers, believes that unlike other hard forks performed on blockchains, Constantinople is the ‘least eventful’ one.
“I really can’t imagine a less contentious hard fork, to be honest,” said Rettig. “Of all the hard forks in the history of Ethereum, it’s probably the least eventful one.”
“[THe delay] will require anyone running a node (node operators, exchanges, miners, wallet services, etc…) to update to a new version of Geth or Parity before block 7,080,000,” Ethereum stated.