Posted byChristian Reitwiessner on July 8th, 2016.
Since the last C++ DEV Update, a lot of things happened in the engine room which were not really visible to the outside. This post wants to give an overview about what we are currently working on. Apart from the features side, Bob has been working on a proposed process for re-licensing of the C++ […]
Posted byVitalik Buterin on June 17th, 2016.
An attack has been found and exploited in the DAO, and the attacker is currently in the process of draining the ether contained in the DAO into a child DAO. The attack is a recursive calling vulnerability, where an attacker called the “split” function, and then calls the split function recursively inside of the split, […]
Posted byChristian Reitwiessner on June 10th, 2016.
Solidity was started in October 2014 when neither the Ethereum network nor the virtual machine had any real-world testing, the gas costs at that time were even drastically different from what they are now. Furthermore, some of the early design decisions were taken over from Serpent. During the last couple of months, examples and patterns […]
Posted byChristian Reitwiessner on June 3rd, 2016.
Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.6 Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again. This is just a quick head’s up that cpp-ethereum’s security issue around account security is not yet properly fixed. The […]
Posted byJeffrey Wilcke on June 2nd, 2016.
The Ethereum Virtual machine is kind of different than most other Virtual Machines out there. In my previous post I already explained how it’s used and described some of its characteristics. The Ethereum Virtual Machine (EVM) is a simple but powerful, Turing complete 256bit Virtual Machine that allows anyone to execute arbitrary EVM Byte Code. The go-ethereum project […]
Posted byChristian Reitwiessner on May 31st, 2016.
Affected configurations: cpp-ethereum (eth, AlethZero, …) version 1.2.0 up to 1.2.5 (fixed in 1.2.6) Note: Neither “geth” nor “Mist” nor the “Ethereum Wallet” (unless explicitly used together with cpp-ethereum) are affected by this, they lock accounts correctly again. Severity: High Possible Attacks: Attackers can spend funds from previously used accounts if they have access to […]
Posted byChristian Reitwiessner on February 17th, 2016.
Ethereum is often described as a platform for self-enforcing smart contracts. While this is certainly true, this article argues that, especially when more complex systems are involved, it is rather a court with smart lawyers and a judge that is not so smart, or more formally, a judge with restricted computational resources. We will see […]
Posted byGustav Simonsson on February 17th, 2016.
Following hacking @ DEVCON1, Martin Swende is Nr. 1 on the leaderboard of the Ethereum Bounty Program. The bounty program is ongoing and the last bounty awarded amounted to 5 BTC. The program is open to anyone. With BTC Relay getting ready for launch on Ethereum and its importance for many DApps, we want to […]
Posted byJutta Steiner on September 3rd, 2015.
Implementation bug in the go client leads to steady increase of difficulty independent of hashing power. Affected configurations: All Go client versions v1.0.x, v1.1.x, release and develop branches. The bug was introduced in a recent update and release through commit https://github.com/ethereum/go-ethereum/commit/7324176f702a77fc331bf16a968d2eb4bccce021 which went into the affected client versions. All miners running earlier mentioned versions are […]
Posted byJutta Steiner on September 2nd, 2015.
State transition and consensus issue in geth client causes panic (crash) when processing a (valid) block with a specific combination of transactions, which may cause overall network instability if block is accepted and relayed by unaffected clients thus causing a DoS. This may happen in a block that contains transactions which suicide to the block […]