Ethereum Blog

Ethereum Blog

Promoting a free, decentralized and open future


Navigation
CategoryUncategorized

Uncategorized

Featured

zkSNARKs in a nutshell

Posted byuserChristian Reitwiessner on December 5th, 2016.

The possibilities of zkSNARKs are impressive, you can verify the correctness of computations without having to execute them and you will not even learn what was executed – just that it was done correctly. Unfortunately, most explanations of zkSNARKs resort to hand-waving at some point and thus they remain something “magical”, suggesting that only the […]

Uncategorized

Featured

Analysis of Storage Corruption Bug

Posted byuserChristian Reitwiessner on November 9th, 2016.

This blog post provides an update on our findings following the discovery of the storage corruption bug last week. In summary, the bug was much less severe than we initially thought. The small number of affected contracts we found is either only exploitable by the owner, or the exploit can only cause a disruption in the user interface and not […]

Uncategorized

Featured

Security Alert – Solidity – Variables can be overwritten in storage

Posted byuserChristian Reitwiessner on November 1st, 2016.

Summary: In some situations, variables can overwrite other variables in storage. Affected Solidity compiler versions: 0.1.6 to 0.4.3 (including 0.4.4 pre-release versions) Detailed description: Storage variables that are smaller than 256 bits are packed together into the same 256 bit slot if they can fit. If a value larger than what is allowed by the […]

Uncategorized

Featured

The Ethereum network is currently undergoing a DoS attack

Posted byuserJeffrey Wilcke on September 22nd, 2016.

URGENT ALL MINERS: The network is under attack. The attack is a computational DDoS, ie. miners and nodes need to spend a very long time processing some blocks. This is due to the EXTCODESIZE opcode, which has a fairly low gasprice but which requires nodes to read state information from disk; the attack transactions are […]

Uncategorized

Featured

Dev Update: Formal Methods

Posted byuserChristian Reitwiessner on September 1st, 2016.

Today, I am delighted to announce that Yoichi Hirai (pirapira on github) is joining the Ethereum project as a formal verification engineer. He holds a PhD from the University of Tokyo on the topic of formalizing communicating parallel processes and created formal verification tools for Ethereum in his spare time. In his own words: I’m […]

Uncategorized

Featured

Onward from the Hard Fork

Posted byuserVitalik Buterin on July 26th, 2016.

The foundation has committed to support the community consensus on the admittedly difficult hard fork decision. Seeing the results of various metrics, including carbonvote, dapp and ecosystem infrastructure adoption, this means that we will focus our resources and attention on the chain which is now called ETH (ie. the fork chain). That said, we recognize […]

Uncategorized

Featured

C++ DEV Update – July edition

Posted byuserChristian Reitwiessner on July 8th, 2016.

Since the last C++ DEV Update, a lot of things happened in the engine room which were not really visible to the outside. This post wants to give an overview about what we are currently working on. Apart from the features side, Bob has been working on a proposed process for re-licensing of the C++ […]

Uncategorized

Featured

CRITICAL UPDATE Re: DAO Vulnerability

Posted byuserVitalik Buterin on June 17th, 2016.

An attack has been found and exploited in the DAO, and the attacker is currently in the process of draining the ether contained in the DAO into a child DAO. The attack is a recursive calling vulnerability, where an attacker called the “split” function, and then calls the split function recursively inside of the split, […]

Uncategorized

Featured

Smart Contract Security

Posted byuserChristian Reitwiessner on June 10th, 2016.

Solidity was started in October 2014 when neither the Ethereum network nor the virtual machine had any real-world testing, the gas costs at that time were even drastically different from what they are now. Furthermore, some of the early design decisions were taken over from Serpent. During the last couple of months, examples and patterns […]

Uncategorized

Featured

Security Alert – cpp-ethereum’s account unlocking problem not yet fixed [Now fixed]

Posted byuserChristian Reitwiessner on June 3rd, 2016.

Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.6 Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again. This is just a quick head’s up that cpp-ethereum’s security issue around account security is not yet properly fixed. The […]