🔥Early Access List: Land A High Paying Web3 Job In 90 Days LEARN MORE

The Optimism Foundation reverts to permissioned fraud proofs following security vulnerabilities

In this post:

  • After community-driven audits revealed security vulnerabilities, the Optimism Foundation reverted its network to a permissioned state.
  • Protocol engineer Mofi Taiwo proposed a “Granite” hard fork for September 10th to fix the vulnerabilities.
  • None of the vulnerabilities were exploited, according to a protocol engineer.

After community-driven audits uncovered security vulnerabilities involving two contracts, the Optimism Foundation reverted its network to its permissioned state. A representative of Optimism contributor OP Labs and protocol engineer Mofi Taiwo proposed a “Granite” hard fork for September 10th to fix the vulnerabilities.

Optimism’s permissionless fraud-proof system went live two months ago. However, the foundation announced reverting to its original permissioned state after community audits revealed vulnerabilities of varying levels of severity in the new system. 

The audits revealed two major vulnerabilities that, according to Optimism’s ImmuneFi bounty scale, would have wreaked havoc upon exploitation.

Audits uncover vulnerabilities in Optimism fraud-proof contracts

The identified bugs were related to the MIPS contracts in the fraud-proof systems, which were never picked up by Optimism’s audit scope. The contracts were wrongly identified in the Posing Life and Reputational risk category and, therefore, did not attract formal audits in line with the project’s guidelines.

The Ethereum layer 2 scaling solution launched the permissionless fraud-proof system on June 10th. it incorporated the upgrade to allow users to challenge potentially incorrect or fraudulent transactions in a more decentralized manner.

According to an announcement by the Optimism Foundation, the rollback was initiated as a precautionary measure to avoid instability in the network and protect user funds. The announcement also mentioned that Optimism was fixing the bugs, and the process is anticipated to last three weeks.

See also  Zurich Cantonal Bank launches Bitcoin and Ethereum trading

The foundation emphasized that vulnerabilities were identified before attackers could exploit them, and assets were not at risk. According to Optimism, any pending withdrawals were reset and will be required to undergo the proving process again.

Permissioned fraud-proof systems are more centralized since only trusted proposers are tasked with the ability to challenge fraudulent or incorrect transactions. The Optimism Foundation initiated the new system to deconcentrate the L2 scaling solution and achieve Stage 1 decentralization, according to Ethereum co-founder Vitalik Buterin. 

A layer 2 scaling solution needs an effective fraud-proof system secured by a multisig of trusted parties to achieve Stage 1 decentralization.

Protocol engineer Mofi Taiwo proposes a hard fork upgrade to fix the bugs

Following the network reversion to a permissioned L2 state, a representative of Optimism contributor OP Labs and protocol engineer Mofi Taiwo submitted a proposal to Optimism’s governance forum. 

“[…]However, out of an abundance of caution, the permissioned fallback mechanism has been activated in order to avoid any potential instability while the vulnerabilities are patched.” 

Mofi Taiwo

The proposal suggested activating the fallback system and highlighting the vulnerabilities in the affected contracts. He also mentioned that none of the bugs were exploited, and assets were not at risk.

In the proposal, Taiwo also suggested a hard fork upgrade dubbed “Granite,” scheduled for September 10th at 16:00:01 UTC. The hard fork is yet to undergo a formal audit. However, OP Labs launched an internal security review that concluded the changes were low-risk.

See also  The Federal Reserve can't afford to go big on rate cuts

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

Astro Bot free DLC announced for 2024
Cryptopolitan
Subscribe to CryptoPolitan

Interested in launching your Web3 career and landing a high-paying job in 90 days?

Leading industry experts show you how with this bran new course: Crypto Career Launchpad

Join the early access list below and be the first to know when the course opens its doors. You’ll also save $100’s off the regular launch price.