Ethereum Constantinople Hard fork to be delayed

[Harkorede]

The much anticipated upgrade to Ethereum network is set to be delayed yet again to a yet to be known date due to critical vulnerabilities discovered on the to be implemented upgrade, according to Coindesk.

Smart contract audit firm ChainSecurity flagged Tuesday that Ethereum Improvement Proposal (EIP) 1283, if implemented, could provide attackers a loophole in the code to steal user funds. Speaking on a call, ethereum developers, as well as developers of clients and other projects running the network, agreed to delay the hard fork – at least temporarily – while they assessed the issue.

Participants included ethereum creator Vitalik Buterin, developers Hudson Jameson, Nick Johnson and Evan Van Ness, and Parity release manager Afri Schoedon, among others. A new fork date will be decided during another ethereum dev call on Friday.

Discussing the vulnerability online, the project’s core developers reached the conclusion that it would take too long to fix the bug prior to the hard fork, which was expected to execute at around 04:00 UTC on Jan. 17.

Called a reentrancy attack, the vulnerability essentially allows an attacker to “reenter” the same function multiple times without updating the user about the state of affairs. Under this scenario, an attacker could essentially be “withdrawing funds forever,” said Joanes Espanol, CTO of blockchain analytics firm Amberdata in a previous interview with CoinDesk.

He explained:

“Imagine that my contract has a function which makes a call to another contract… If I’m a hacker and I’m able to trigger function a while the previous function was still executing, I might be able to withdraw funds.”

[coinbirds]

This is not a good news for ETH as we were waiting for the development upgrades for too long and that was reflected  on the price as well.
And why the delay at the last moment, but anyway the update should be done properly and on a secure way.
So it if could cause a loophole in the code for the attackers and the funds would be in danger with the fork then the only solution was to postpone the event.

[el_lobo]

If the fork is moved a few days, it certainly will not change much.
After all, this bug has been found on time and will certainly be fixed quickly.

[Harkorede]

If the fork is moved a few days, it certainly will not change much.
After all, this bug has been found on time and will certainly be fixed quickly.

I don't think so, as it has been stated already that in the article that the vulnerabilities can not be fixed before the upgrade would launch and that's what brought the delay but, hopefully it wouldn't takes as long as the first postponement took to get an estimated date for the upgrade.

[Felipeo]

Yeah it is a legit news. After all this hype it is delayed. After ico market go down ethereum price is rapidly dropping. After many days devs decided to develop ethereum to ethereum is 2.0 and the hardfork. So ethereum price is pumped a bit. But now it is cancelled at least for niw due to security problem. Ethereum is a very legit project so you don't have to worry about it. It is better to solve the security problem first. I think they took a great decision. But the problem is after this news we can see some unexpected price drop on market. That will be very bad. Let's see what happens and hope for the best.

[Piskeante]

a big fall of ETH is incoming after big whales smell fear on investors (the little left).

This is no good news for investors.Probably good for trully believer miners.  But for a guy like me, that wants this market destroyed to ashes, this is actually good news.

This will imply more coins on the market. The more coins, the less value. GG ETH. Game over.


UPDATE: I had not seen the value of ETH. It's dropping a 7% right now. Hope it goes to 0. all the coins. This manipulated market should die, and erase the manipulators from the earth. If people cannot play the game, the game should be destroyed.

2nd UPDATE: ETH will be punished with this fork. a 51% attack will be possible once almost 80% of miners quit. GG ETH devs.

[bittick]

The much anticipated upgrade to Ethereum network is set to be delayed yet again to a yet to be known date due to critical vulnerabilities discovered on the to be implemented upgrade, according to Coindesk.

Smart contract audit firm ChainSecurity flagged Tuesday that Ethereum Improvement Proposal (EIP) 1283, if implemented, could provide attackers a loophole in the code to steal user funds. Speaking on a call, ethereum developers, as well as developers of clients and other projects running the network, agreed to delay the hard fork – at least temporarily – while they assessed the issue.

Participants included ethereum creator Vitalik Buterin, developers Hudson Jameson, Nick Johnson and Evan Van Ness, and Parity release manager Afri Schoedon, among others. A new fork date will be decided during another ethereum dev call on Friday.

Discussing the vulnerability online, the project’s core developers reached the conclusion that it would take too long to fix the bug prior to the hard fork, which was expected to execute at around 04:00 UTC on Jan. 17.

Called a reentrancy attack, the vulnerability essentially allows an attacker to “reenter” the same function multiple times without updating the user about the state of affairs. Under this scenario, an attacker could essentially be “withdrawing funds forever,” said Joanes Espanol, CTO of blockchain analytics firm Amberdata in a previous interview with CoinDesk.

He explained:

“Imagine that my contract has a function which makes a call to another contract… If I’m a hacker and I’m able to trigger function a while the previous function was still executing, I might be able to withdraw funds.”

It's better rather than nothing, we know first update in the last year has been successfully implemented. It might get a little delay because there must be another stage to check the possibilities of another vulnerability in any EIP.

[NeuroticFish]

But the problem is after this news we can see some unexpected price drop on market. That will be very bad. Let's see what happens and hope for the best.

This kind of changes usually trigger speculative pumps and dumps.

Imho the growth was triggered by the news the block reward will decrease.
So the delay, if the result is a properly fixed code, will not be visible on the overall trend - as soon as the fix is done (or even a bit earlier) the initial trend/growth should at least continue.

[jessyj48]

What? No! This is not what we need this year ,its just the beginning of a new year and all this is happening ? Bakkt got postponed and now ethereum fork upgrade? This is a very bad news and I hope it will happen so soon  we need more good news this year to reach new height

[nutildah]

What? No! This is not what we need this year ,its just the beginning of a new year and all this is happening ? Bakkt got postponed and now ethereum fork upgrade? This is a very bad news and I hope it will happen so soon  we need more good news this year to reach new height

It's a lot better than the alternative -- pushing forward with an exploitable bug that could ruin the price a lot further than a delay. As the field of cryptocurrency investing matures, it will become more a game of patience, just like any other reasonable investment category.

[chairmanMao]

This is very embarrassing. Such news is not good for Ethereum. Although I think Ethereum will not be affected too much, I believe this upgrade is very good for Ethereum. Otherwise, the status of Ethereum in the future may be surpassed. .

[Dellosoft]

This information is legitimate. I saw the update from Vitalik Buterin's tweet, so it's official news. All hands being on deck, Ethereum foundation is doing everything possible to ensure the upgrade comes to fruition. Everyone is anticipating Ethereum 2.0 .

[percy_tc]

Postponed upgrade is much better than security fail update. Take it easy.

[antsam]

Very terrible vulnerability found, better to be arrested for hardfork than a failure occurs and funds can be stolen. Delay is better than a failure that makes the value later becomes meaningless

[corrado25]

And this is not the first time such a pig from the ETH team.This is what year they promise us, and then they do not.And what should think of people who invest money in ETH or are thinking of investing ?
Each of these transfers reduces trust in the team. It also reflects on the eth price

[Kolikalex55]

The much anticipated upgrade to Ethereum network is set to be delayed yet again to a yet to be known date due to critical vulnerabilities discovered on the to be implemented upgrade, according to Coindesk.

Smart contract audit firm ChainSecurity flagged Tuesday that Ethereum Improvement Proposal (EIP) 1283, if implemented, could provide attackers a loophole in the code to steal user funds. Speaking on a call, ethereum developers, as well as developers of clients and other projects running the network, agreed to delay the hard fork – at least temporarily – while they assessed the issue.

Participants included ethereum creator Vitalik Buterin, developers Hudson Jameson, Nick Johnson and Evan Van Ness, and Parity release manager Afri Schoedon, among others. A new fork date will be decided during another ethereum dev call on Friday.

Discussing the vulnerability online, the project’s core developers reached the conclusion that it would take too long to fix the bug prior to the hard fork, which was expected to execute at around 04:00 UTC on Jan. 17.

Called a reentrancy attack, the vulnerability essentially allows an attacker to “reenter” the same function multiple times without updating the user about the state of affairs. Under this scenario, an attacker could essentially be “withdrawing funds forever,” said Joanes Espanol, CTO of blockchain analytics firm Amberdata in a previous interview with CoinDesk.

He explained:

“Imagine that my contract has a function which makes a call to another contract… If I’m a hacker and I’m able to trigger function a while the previous function was still executing, I might be able to withdraw funds.”

I think this is good news for Ethereum, because I've made sure once again that Ethereum has a great development team that has found the problem and prevented the disaster. In any case, the hard fork will be very soon.

[Ranly123]

The much anticipated upgrade to Ethereum network is set to be delayed yet again to a yet to be known date due to critical vulnerabilities discovered on the to be implemented upgrade, according to Coindesk.

Smart contract audit firm ChainSecurity flagged Tuesday that Ethereum Improvement Proposal (EIP) 1283, if implemented, could provide attackers a loophole in the code to steal user funds. Speaking on a call, ethereum developers, as well as developers of clients and other projects running the network, agreed to delay the hard fork – at least temporarily – while they assessed the issue.

Participants included ethereum creator Vitalik Buterin, developers Hudson Jameson, Nick Johnson and Evan Van Ness, and Parity release manager Afri Schoedon, among others. A new fork date will be decided during another ethereum dev call on Friday.

Discussing the vulnerability online, the project’s core developers reached the conclusion that it would take too long to fix the bug prior to the hard fork, which was expected to execute at around 04:00 UTC on Jan. 17.

Called a reentrancy attack, the vulnerability essentially allows an attacker to “reenter” the same function multiple times without updating the user about the state of affairs. Under this scenario, an attacker could essentially be “withdrawing funds forever,” said Joanes Espanol, CTO of blockchain analytics firm Amberdata in a previous interview with CoinDesk.

He explained:

“Imagine that my contract has a function which makes a call to another contract… If I’m a hacker and I’m able to trigger function a while the previous function was still executing, I might be able to withdraw funds.”

The said upgrade is understandable to have some difficulties with regards to security. We should expect some delays just to ensure hackers cannot breach on our funds and accounts.

[dewildance]

Recently, it was started to be discussed that fork timing is not good. Although there are security vulnerabilities as a reason, I think it is postponed due to the market situation.

[rosezionjohn]

Let us not sacrifice security over impatience here. Things don't always go as planned but I am glad that the team decided to postpone rather than push thru with that risk.

[ribowo76]

At the very least, that is immediately known. And the development team immediately took action, so as not to cause uncertainty. Hopefully this can be resolved soon, and does not cause adverse effects on ethereum