The Ethereum Foundation has revealed a potentially ruinous mainnet vulnerability that was at risk of exploitation prior to the Berlin hardfork update last month.
The foundation characterized the vulnerability as a “severe threat”, which had existed as an “open secret” in the community.
According to Ethereum, the vulnerability was leaked to the public by mistake but now that the threat has been overcome full disclosure is warranted.
“It’s important that the community is given a chance to understand the reasoning behind changes that negatively affect the user experience, such as raising gas costs and limiting refunds”, the Foundation said.
Gas costs have been one of the most talked about issues with the Ethereum ecosystem of late. Not even vulnerabilities in the software seem to make as much impression on consumers, who have been keen to get better transaction costs.
In the meantime, research into blockchain vulnerabilities has been abundant. Ethereum security researchers Hubert Ritzdorf, Matthias Egli and Daniel Perez even worked on a vulnerability that could have been exploited in light of the latest updates.
Vitalik Buterin seems to have long been aware of the issue. He teamed up with Martin Swende, the creator of EIP-2929 and EIP-2930 which were implemented with the Berlin hardfork, specifically to take on these vulnerabilities.
The worst seems to be in the past as Ethereum now estimates that the blockchain's vulnerability has been reduced by “50 times”.