Ethereum co-founder Vitalik Buterin has proposed a new smart contract creation function dubbed "Create2." This function reportedly introduces a new attack vector to the platform, according to a post on the Ethereum developers forum Ethereum Magicians published on Feb. 8.
According to a Medium post by software developer Tim Cotten, the original create function creates a new contract at an address that is calculated with the creator's address and a random number associated with it.
Create2, on the other hand, reportedly does the same, but with the difference that the contract is created at an address that can be determined beforehand by different parties.
In the GitHub page dedicated to this Ethereum Improvement Proposal, EIP-1014, the motivation for the new function is described as the ability to permit an interaction with a contract that does not exist on the blockchain yet.
According to him, Create2 implies that smart contracts will be able to change their address after being deployed.
Jason Carver, senior staff engineer at the Ethereum Foundation, explained that he thinks that it will be possible to use Create2 to replace a self-destructed contract with a new one.
"Doesn't this change a major invariant assumed by users today and introduce a potentially serious attack vector with CREATE2 ? Doesn't this mean that any contract post-Constantinople with a selfdestruct is now more suspect than before?".
According to him, what should be seen as suspect in contracts on a Create2-enabled blockchain is non-deterministic init code, since it renders foreseeing what code the newly generated contract would contain.
This way, a malicious contract could get hold of the pre-approved interactions with the address which could let the attacker steal some tokens.
Carver also points out that "It looks like a lot of contract devs aren't aware that contracts will be able to change in-place after" the implementation of this update.
Buterin-Proposed Constantinople Ethereum Feature Allegedly Introduces Attack Vector
gepubliceerd op Feb 13, 2019
by Cointele | gepubliceerd op Coinage
Coinage
Vermeld in dit artikel
Recent nieuws
Alles zien
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.