Posted byChristian Reitwiessner on June 3rd, 2016.
Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.6 Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again. This is just a quick head’s up that cpp-ethereum’s security issue around account security is not yet properly fixed. The […]
Posted byJeffrey Wilcke on June 2nd, 2016.
The Ethereum Virtual machine is kind of different than most other Virtual Machines out there. In my previous post I already explained how it’s used and described some of its characteristics. The Ethereum Virtual Machine (EVM) is a simple but powerful, Turing complete 256bit Virtual Machine that allows anyone to execute arbitrary EVM Byte Code. The go-ethereum project […]
Posted byChristian Reitwiessner on May 31st, 2016.
Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.5 (fixed in 1.2.6) Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again. Severity: High Possible Attacks: Attackers can spend funds from previously used accounts if they have access to […]
Posted byChristian Reitwiessner on February 17th, 2016.
Ethereum is often described as a platform for self-enforcing smart contracts. While this is certainly true, this article argues that, especially when more complex systems are involved, it is rather a court with smart lawyers and a judge that is not so smart, or more formally, a judge with restricted computational resources. We will see […]
Posted byGustav Simonsson on February 17th, 2016.
Following hacking @ DEVCON1, Martin Swende is Nr. 1 on the leaderboard of the Ethereum Bounty Program. The bounty program is ongoing and the last bounty awarded amounted to 5 BTC. The program is open to anyone. With BTC Relay getting ready for launch on Ethereum and its importance for many DApps, we want to […]
Posted byJutta Steiner on September 3rd, 2015.
Implementation bug in the go client leads to steady increase of difficulty independent of hashing power. Affected configurations: All Go client versions v1.0.x, v1.1.x, release and develop branches. The bug was introduced in a recent update and release through commit https://github.com/ethereum/go-ethereum/commit/7324176f702a77fc331bf16a968d2eb4bccce021 which went into the affected client versions. All miners running earlier mentioned versions are […]
Posted byJutta Steiner on September 2nd, 2015.
State transition and consensus issue in geth client causes panic (crash) when processing a (valid) block with a specific combination of transactions, which may cause overall network instability if block is accepted and relayed by unaffected clients thus causing a DoS. This may happen in a block that contains transactions which suicide to the block […]
Posted byVitalik Buterin on August 28th, 2015.
An increasing number of proposed applications on top of Ethereum rely on some kind of incentivized, multi-party data provision – whether voting, random number collection, or other use cases where getting information from multiple parties to increase decentralization is highly desirable, but also where there is a strong risk of collusion. A RANDAO can certainly […]
Posted byGustav Simonsson on August 18th, 2015.
After a successful launch, Frontier passed it’s 100000th block earlier this week. Here are some interesting stats from these first blocks. The first 50 block times (in seconds): Right after genesis, it took 29 seconds for the second block to appear, then 31 and 29 seconds for the next couple of blocks. Not too surprising […]
Posted byVinay Gupta on March 3rd, 2015.
I’m Vinay Gupta, the newly minted release coordinator for Ethereum. I’ve been working with the comms team on strategy, and have now come aboard to help smooth the release process (some of the content in this blog is out of date, please see this link for the most up to date information on Ethereum). I’ll be […]