The much-anticipated release of Ethereum’s hard fork upgrade Constantinople has been delayed as core Ethereum developers were made aware of security vulnerabilities from a code audit.
The hard fork was scheduled for January 16, but has now been postponed until the flaws can be fixed. Smart contract auditing firm ChainSecurity discovered the flaw in Ethereum Improvement (EIP) 1283 that would let attackers steal funds from users and make it “cheaper to do certain things on chain, especially things that are currently ‘excessively’ expensive.”
This type of attack is a reentrancy attack. An attacker could siphon users’ funds by sending the same function multiple times. Speaking to CoinDesk, CTO of blockchain analytics firm Amberdata said,
Imagine that my contract has a function which makes a call to another contract… If I’m a hacker and I’m able to trigger function a while the previous function was still executing, I might be able to withdraw funds.
Developer Hudson Jameson said of the decision,
Out of an abundance of caution, key stakeholders around the Ethereum community have determined that the best course of action will be to delay the planned Constantinople fork that would have occurred at block 7,080,000 on January 16, 2019.
The market has not reacted in any significant way to the news. Ethereum’s (ETH) token price has remained more or less the same.
The developers are yet to decide the new block in which Constantinople will launch.
Constantinople Delayed Yet Again
Constantinople was originally expected to launch last year, but just as now, flaws were discovered and the upgrade was delayed. Ethereum clients Geth and Parity have both released software updates to delay the upgrade.
It was also announced last year that Ethereum’s other major upgrades, Casper and sharding, had been delayed, and would arrive sometime between 2019 and 2021.
Constantinople is composed of 5 EIPs, which mainly focus on optimization and maintenance. It will bring improvements to the fees structure and network efficiency. It also lays the foundation for scaling solutions, like off-chain transactions.