![]() ![]() It is my contention that this is more dangerous than merely tricking the reserves into allowing a withdrawal.” The developer continued:įurther, with your unbounded supply of IOUs, you could go to every decentralized exchange running on the L2 and mess with their economies, buying up vast quantities of other tokens while devaluing the chain’s own currency. Exploiting this enables the attacker to have access to an effectively unbounded number of tokens (aka, the IOUs) on the far side of the bridge. “But is actually a bug in the virtual machine that executes smart contracts on Optimism. “The bug presented here - which I dub ‘Unbridled Optimism’ - can maybe be (crudely) modelled as a bug on the far side of a ‘bridge,’” Freeman wrote. The software engineer’s blog post describes how the attacker could mint an arbitrary quantity of tokens before the bug was patched. Freeman was also awarded a $2,000,042 bounty for discovering the bug and disclosing it to the team. The developer further explained that he plans to talk about the Optimism vulnerability on February 18th at Ethdenver 2022. The attack would have allowed “an attacker to replicate money on any chain using their “OVM 2.0” fork of go-ethereum (which they call l2geth),” Freeman said. Freeman reported the Optimism vulnerability on Februand the bug has since been patched. To swap coins onchain using L1 it will cost a user $16.47 in ether but using Optimism to swap coins will cost $0.83. ![]() Currently, moving ether using Optimism can cost $0.56 per transfer as opposed to the L1 gas fees today which are $3.29 per transaction. Optimism’s L2 solution allows users to move ethereum for a fraction of the cost. Freeman recently published a blog post called “Attacking an Ethereum L2 with Unbridled Optimism,” which explains how he reported a critical security issue to the developers of the L2 scaling solution Optimism. Freeman’s Cydia graphical user interface (GUI) was released in February 2008, and it gives users with jailbroken iPhones the ability to download unauthorized software for the Apple smartphone operating system iOS. Jay Freeman is a prominent software developer who is well known for his iOS Jailbreak and Cydia tools. Cydia Creator ‘Saurik’ Discovers Optimism L2 Vulnerability According to Freeman, the vulnerability, which has been patched, could have allowed an attacker to create an infinite amount of tokens. CoinMarketCap is not responsible for the success or authenticity of any project, we aim to act as a neutral informational resource for end-users.On February 10, the well-known developer of Cydia and iOS Jailbreak, Jay Freeman, otherwise known as Saurik, published a Twitter thread about a bug he found in the Layer-2 (L2) scaling protocol known as Optimism. The views and opinions expressed in this article are the author’s own and do not necessarily reflect those of CoinMarketCap. This article is not intended as, and shall not be construed as, financial advice. ![]() It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is intended to be used and must be used for informational purposes only. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |