Optimism is a Layer 2 scaling option for the Ethereum network |
A white hat hacker and iOS Cydia jailbreak software developer has earned a reward of $2 million (roughly Rs. 15 crore) after fixing a "critical bug" in Ethereum Layer 2 scaling project Optimism which could have allowed hackers to create as much Ether in an Optimism account balance as they wanted. Optimism announced that the bug was discovered earlier this month and has been subsequently fixed by an iOS developer who goes by the name Jay Freeman on Twitter, allowing him to earn one of the largest bug-finding awards to date.
In a detailed blog post, Freeman (@saurik) explained on Twitter that the bug would “allow an attacker to copy money on any chain using his OVM 2.0 go-Ethereum fork.” For his efforts, Freeman received one of the largest bug-finding awards to date, with a total award of $2,000,042 (roughly Rs. 15 crore).
According to the Optimism team, “The bug allowed the creation of ETH on Optimism by repeatedly activating the SELFDESTRUCT opcode on a contract that had an ETH balance.”
In a separate blog post, the Optimism team noted that its chain history showed that the bug was not exploited, aside from an employee accidentally activating the Ethereum Etherscan data startup, but “no usable surplus was created.”
“The fix was tested and deployed to the Optimism Kovan and Mainnet networks (including all infrastructure providers) within hours of confirmation,” the team said, thanking Infura, QuickNode, and Alchemy for the fast response times.
“We have also alerted several vulnerable forks of Optimism and bridge providers to the issue. All of these projects have applied the required fix.”
At the end of last year, Optimism removed its whitelist, allowing any developer to start creating projects on the Optimism network. Prior to this, the network was only available to certain projects such as Uniswap and Synthetix. This limitation made it easier for developers to detect and fix potential bugs.
As per its website, Optimism identifies as a Layer-2 scaling protocol for Ethereum applications and is meant to look, feel and behave like Ethereum but cheaper and faster. As for developers building on Optimism, the company tries to make the switch away from the main Ethereum network as seamless as possible without having to go through a long process.
ConversionConversion EmoticonEmoticon