Ethereum Blog

Ethereum Blog

Promoting a free, decentralized and open future


Navigation
CategoryUncategorized

Uncategorized

Featured

C++ DEV Update – July edition

Posted byuserChristian Reitwiessner on July 8th, 2016.

Since the last C++ DEV Update, a lot of things happened in the engine room which were not really visible to the outside. This post wants to give an overview about what we are currently working on. Apart from the features side, Bob has been working on a proposed process for re-licensing of the C++ […]

Uncategorized

Featured

CRITICAL UPDATE Re: DAO Vulnerability

Posted byuserVitalik Buterin on June 17th, 2016.

An attack has been found and exploited in the DAO, and the attacker is currently in the process of draining the ether contained in the DAO into a child DAO. The attack is a recursive calling vulnerability, where an attacker called the “split” function, and then calls the split function recursively inside of the split, […]

Uncategorized

Featured

Smart Contract Security

Posted byuserChristian Reitwiessner on June 10th, 2016.

Solidity was started in October 2014 when neither the Ethereum network nor the virtual machine had any real-world testing, the gas costs at that time were even drastically different from what they are now. Furthermore, some of the early design decisions were taken over from Serpent. During the last couple of months, examples and patterns […]

Uncategorized

Featured

Security Alert – cpp-ethereum’s account unlocking problem not yet fixed [Now fixed]

Posted byuserChristian Reitwiessner on June 3rd, 2016.

Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.6 Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again. This is just a quick head’s up that cpp-ethereum’s security issue around account security is not yet properly fixed. The […]

Uncategorized

Featured

Go Ethereum’s JIT-EVM

Posted byuserJeffrey Wilcke on June 2nd, 2016.

The Ethereum Virtual machine is kind of different than most other Virtual Machines out there. In my previous post I already explained how it’s used and described some of its characteristics. The Ethereum Virtual Machine (EVM) is a simple but powerful, Turing complete 256bit Virtual Machine that allows anyone to execute arbitrary EVM Byte Code. The go-ethereum project […]

Uncategorized

Featured

Security Alert – cpp-ethereum keeps accounts unlocked

Posted byuserChristian Reitwiessner on May 31st, 2016.

Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.5 (fixed in 1.2.6) Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again. Severity: High Possible Attacks: Attackers can spend funds from previously used accounts if they have access to […]

Uncategorized

Featured

From Smart Contracts to Courts with not so Smart Judges

Posted byuserChristian Reitwiessner on February 17th, 2016.

Ethereum is often described as a platform for self-enforcing smart contracts. While this is certainly true, this article argues that, especially when more complex systems are involved, it is rather a court with smart lawyers and a judge that is not so smart, or more formally, a judge with restricted computational resources. We will see […]

Uncategorized

Featured

BTC Relay included in Ethereum Bounty Program

Posted byuserGustav Simonsson on February 17th, 2016.

Following hacking @ DEVCON1,  Martin Swende is Nr. 1 on the leaderboard of the Ethereum Bounty Program. The bounty program is ongoing and the last bounty awarded amounted to 5 BTC. The program is open to anyone. With BTC Relay getting ready for launch on Ethereum and its importance for many DApps, we want to […]

Security

Featured

Security Alert – [Implementation bug in Go clients causing increase in difficulty – Fixed – Miners check and update Go clients]

Posted byuserJutta Steiner on September 3rd, 2015.

Implementation bug in the go client leads to steady increase of difficulty independent of hashing power. Affected configurations: All Go client versions v1.0.x, v1.1.x, release and develop branches. The bug was introduced in a recent update and release through commit https://github.com/ethereum/go-ethereum/commit/7324176f702a77fc331bf16a968d2eb4bccce021 which went into the affected client versions. All miners running earlier mentioned versions are […]

Security

Featured

Security Advisory [Implementation bugs in Go and Python clients can cause DoS – Fixed – Please update clients]

Posted byuserJutta Steiner on September 2nd, 2015.

State transition and consensus issue in geth client causes panic (crash) when processing a (valid) block with a specific combination of transactions, which may cause overall network instability if block is accepted and relayed by unaffected clients thus causing a DoS. This may happen in a block that contains transactions which suicide to the block […]