Friday, December 9, 2022
 

Security Research Reveals a Major Exploit of the Ethereum Merge Update

  • The ‘Merge’ network shift introduces a significant exploit in the new PoS network.
  • If validators line up two blocks consecutively, an exploit might occur on the post-Merge Ethereum blockchain.
  • Ethereum is working on fixing the issue.

Although the Ethereum Merge is a memorable update in Ethereum’s history, the transition from Proof-of-work (PoW) to Proof-of-stake (PoS) introduces a significant vulnerability as PoS needs to inform node validators to reserve blocks. In contrast, PoW requires computing power to solve sophisticated mathematical equations to fight for a block.

Subject-matter experts say that an exploit could occur on the post-Merge Ethereum blockchain if validators manage to line up two blocks consecutively.

If you control two consecutive blocks, you can start an exploit on block X and finish it on block X+1 without having any arbitrage bot interfering with fixing the price that you have manipulated in between.

Experts further noted that even in PoW networks, it is possible for miners to validate blocks with pure luck, but it gives miners no time to plan for an attack.

They stated, “As we stand right now [with] Ethereum PoW versus PoS, the PoW network beats the PoS in terms of security […] and economic guarantees.”

Nonetheless, some researchers remarked that PoS is still a very secure network, and it does not matter that it’s theoretically not as safe as PoW. Additionally, they noted that Ethereum could be working on a fix for this issue, but if that gets done, then PoS security will become superior.

Apart from that, typing in “The Merge” or “Ethereum Merge” into the Google Search engine shows a countdown ticket. Google Cloud developer Sam Padilla said in a Tweet that the timer was a way to appreciate Ethereum’s efforts.

  • The ‘Merge’ network shift introduces a significant exploit in the new PoS network.
  • If validators line up two blocks consecutively, an exploit might occur on the post-Merge Ethereum blockchain.
  • Ethereum is working on fixing the issue.

Although the Ethereum Merge is a memorable update in Ethereum’s history, the transition from Proof-of-work (PoW) to Proof-of-stake (PoS) introduces a significant vulnerability as PoS needs to inform node validators to reserve blocks. In contrast, PoW requires computing power to solve sophisticated mathematical equations to fight for a block.

Subject-matter experts say that an exploit could occur on the post-Merge Ethereum blockchain if validators manage to line up two blocks consecutively.

If you control two consecutive blocks, you can start an exploit on block X and finish it on block X+1 without having any arbitrage bot interfering with fixing the price that you have manipulated in between.

Experts further noted that even in PoW networks, it is possible for miners to validate blocks with pure luck, but it gives miners no time to plan for an attack.

They stated, “As we stand right now [with] Ethereum PoW versus PoS, the PoW network beats the PoS in terms of security […] and economic guarantees.”

Nonetheless, some researchers remarked that PoS is still a very secure network, and it does not matter that it’s theoretically not as safe as PoW. Additionally, they noted that Ethereum could be working on a fix for this issue, but if that gets done, then PoS security will become superior.

Apart from that, typing in “The Merge” or “Ethereum Merge” into the Google Search engine shows a countdown ticket. Google Cloud developer Sam Padilla said in a Tweet that the timer was a way to appreciate Ethereum’s efforts.

 

Latest news