An Ethereum developer says the latest Pectra upgrade of the Sepolia testnet bumped into errors, which was made worse after an attacker used an “edge case” to trigger the mining of empty blocks.
Pectra rolled out on its final testnet, Sepolia, at 7:29 am on March 5, however Ethereum developer Marius van der Wijden mentioned in a March 8 post that the group instantly began seeing error messages on their geth node and empty blocks being mined.
The error was as a result of the deposit contract triggered the incorrect sort of occasion — a switch occasion as an alternative of a deposit, in response to Van der Wijden.
A repair was rolled out, however van der Wijden says they missed one edge case, and an unknown consumer exploited it by sending a 0-token switch to the deposit tackle, which triggered the error once more.
“After a couple of minutes we noticed a whole lot of empty blocks once more, so we appeared once more into the transaction swimming pools and located one other offending transaction that triggered the identical edge instances,” he mentioned.
Supply: Marius van der Wijden
“First we thought that somebody from the trusted validators has made a mistake, however we rapidly realized that this transaction originated from a brand new account not too long ago funded by the tap.”
The ERC-20 normal doesn’t forbid a zero token switch; this enables anybody, even when they don’t personal any tokens, to switch to a different tackle, which the unknown consumer realized, van der Wijden mentioned.
“The one approach to cease the assault can be to filter out all transactions that work together with the deposit contract. So we made the next non-public repair, which we deployed to a couple of the DevOps nodes.”
“We suspected that the attacker was studying a few of our chats, so we determined to not publicize the repair, however solely replace just a few nodes that we managed with a purpose to get extra full blocks on the community,” he added.
Supply: Marius van der Wijden
By 2 pm, all of the nodes had been up to date with the repair, and the unknown consumer transaction was mined efficiently.
Van der Wijden mentioned they by no means misplaced finalization during the incident, and the difficulty was remoted to Sepolia as a result of they have been utilizing a token-gated deposit contract as an alternative of the conventional mainnet deposit contract.
Beforehand, the builders tested the Pectra upgrade on the Holesky testnet on Feb. 26, which additionally encountered points.
Consequently, the builders have determined to postpone the Pectra upgrade till extra exams may be carried out.
Associated: Ether sentiment hits yearly low but that could be a good thing: Santiment
The Pectra fork follows the community’s Dencun upgrade, which slashed transaction charges for layer-2 networks and improved the economics of Ethereum rollups. The Dencun exhausting fork rolled out on March 13, 2024.
The Ethereum Basis recently a new leadership structure with two co-directors of the muse, Hsiao-Wei Wang and Tomasz Stańczak, taking the helm.
Journal: MegaETH launch could save Ethereum… but at what cost?
