Ethereum Blog

Announcement of imminent hard fork for EIP150 gas cost changes

Introduction

user

Martin Swende


LATEST POSTS

Solidity optimizer bug 03rd May, 2017

From Morden to Ropsten 20th November, 2016

announcement

Announcement of imminent hard fork for EIP150 gas cost changes

Posted on .

During the last couple of weeks, the Ethereum network has been the target of a sustained attack. The attacker(s) have been very crafty in locating vulnerabilities in the client implementations as well as the protocol specification.

While the recent patches have led to an overall increased resiliency in the client implementations, the attacks have also demonstrated that a lower-level change to the EVM pricing model is needed.

For many users, the most visible consequence is probably that they are having difficulties getting transactions included in blocks, and full nodes are facing memory limitations in managing the bloated state.

This is our strategy to address these issues:

  • As a temporary measure to minimize the effects of the most recent attack, we recommend all miners to lower the gaslimit to 500K gas.
  • A hard-fork based on EIP 150 version 1c will be put into effect at block 2457000 [see below]. This will reprice certain operations to correspond better to the underlying computational complexity.
  • A second hard-fork will follow shortly after, aimed at reverting the current “state-bloat” introduced by the attacks. This second fork will serve to remove accounts which are empty; lacking code, balance, storage and nonce == 0.

We have implemented the changes required in the clients and are currently extending and adding tests in an effort to prevent the introduction of consensus-breaking vulnerabilities.

And as a reminder, the Ethereum Bug Bounty is open and includes the new hardfork-implementations.

EDIT: Fork block has been moved to 2463000 in order to accommodate even more testing.

profile

Martin Swende

Comments
user

Author Crypto Rush

Posted at 1:04 am October 14, 2016.

Are you going to reward attacker via Bug Bounty program?

Reply
    user

    Author PaulH

    Posted at 4:36 am October 14, 2016.

    I hope he/she/they comes forward. The project could use the clear brilliance. But technically I don’t think it was “responsible disclosure”. More like setting off large firecrackers on the bus, every day, to show how poor the security is.

    Reply
      user

      Author Crypto Rush

      Posted at 8:07 am October 14, 2016.

      No, actually this is how you teach greedy arrogant jerks.

      Reply
user

Author spiroseliot

Posted at 2:22 am October 14, 2016.

and i am very sure that after hard fork(s) another attack will happen 😀 lol

Reply
user

Author trustfarm

Posted at 1:26 pm October 14, 2016.

Ethereum Contract Instruction Gas Fee Autochange Idea. review on recent DDOS attacks.

Based on Realtime block TX statistics –

https://gist.github.com/trustfarm-dev/cbbc9aa1ab76983cb7dbaa329097c1c3

Reply
user

Author Tom Hanx

Posted at 6:24 pm October 14, 2016.

Ping Vinay and he should agree – these hard forks are mere security updates, solidifying the platform. No need to feed the trolls with catchy titles (hard forks) and giving lazy journalists yet another round to stay in the game.

Reply
user

Author Shakedog

Posted at 12:39 am October 15, 2016.

Sponsored articles on this blog? Hopefully this is temporary.

Reply
    user

    Author Haroun Kola

    Posted at 11:47 am October 18, 2016.

    The Brangelina article earns some gas?

    Reply

Leave a Reply to Tom Hanx
Cancel Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

View Comments (8) ...
Navigation