智能合約漏洞引憂患 君士坦丁堡硬分叉再延

記者冼俐君/台北編譯報導

以太坊(Ethereum)君士坦丁堡硬分叉再次因智能合約漏洞而暫緩推遲,西方媒體連續追蹤報導本次分叉大事件,主要因分叉後,以太坊將進入兩種共識機制並行的鏈,工作量驗證(PoW)、權益證明(PoS),並解決「難度炸彈」問題。
君士坦丁堡硬分叉原訂於 16 日 進行,然而就在網路升級前夕,區塊鏈安全研究公司 Chain Security 發現君士坦丁堡中的編碼 EIP 1283 存在安全漏洞。因此主導此次硬分叉升級的以太坊基金會團隊負責人 Peter Szilagyi 提出升級延後。
據 《Cointelegraph》報導Ethereum Team Lead: Constantinople Hard Fork to Activate in Late February」文中點出:

 

“The upgrade is now set to be implemented at ETH block 7,280,000, as announced by a team lead at Ethereum, Peter Szilagyi.
以太坊基金會團隊負責人 Peter Szilagyi 宣布,君士坦丁堡硬分叉確定延至 2 27 日,預計將在區塊高度 7,280,000 進行。

“The vulnerability purportedly allows a potential attacker to steal cryptocurrency from a smart contract on the network by repeatedly requesting funds from it while feeding it false data about the malicious actor’s actual ETH balance.
該漏洞有可能會讓部分智能合約受到「可重入攻擊」,允許攻擊者透過反覆請款的方式從網路中盜取加密貨幣,同時又在其實際以太坊帳戶餘額中呈現捏造數據。”
新聞網《Coindesk》相關報導Ethereum Devs Propose Activating Constantinople Hard Fork in Late February」則點出:

 

“This strategy – first suggested by Szilágyi during call – is meant to ensure that test networks and private networks that have already implemented the full Constantinople upgrade can easily implement a fix without rolling back any blocks.
Szilágyi 於電話會議中首次提出須優先確保君士坦丁堡升級在測試網絡,以及私有網絡中可輕鬆實行網路修復,且不會產生交易區塊取消情況。”

 

主流財經媒體彭博社《Bloomberg》同步關注以太坊硬分叉升級,於Ethereum’s Split Pushed Back Until After Valentine’s Day一文中,點出透過君士坦丁修改獎勵機制來延緩難度炸彈:

 

“The so-called fork will reduce rewards paid to miners to two coins from three per block, and it should reduce inflation and bring more stability to the Ether digital coin. The upgrade is designed to stave off the so-called difficulty bomb, which would make the network unusable unless regular software upgrades are made.
所謂硬分叉成功執行後將減少支付礦工獎勵,從每個區塊 3 枚以太幣礦工費減少為 2枚,該升級旨在降低以太坊產生通膨,同時增加以太幣穩定性。另外,君士坦丁堡也將延遲觸發以太坊「難度炸彈」,因此,除非礦工進行常規軟體升級,否則將無法繼續使用網路。

 

儘管以太方基金會敦促礦工升級後才能繼續使用網絡,但據《CCN》報導Ethereum Postponed its Hard Fork, But Some Miners Didn’t Listen」,文中點出:

 

“Not everyone made the appropriate changes, however, and there is a currently a parallel universe of Ethereum mining. A “chain split” has occurred, and some miners are mining the unofficial Constantinople chain without consensus from the majority of the network.
然而截至目前為止,仍有部分以太坊礦工尚未安裝最新版本的以太坊軟體來延遲系統升級,意味著這些礦工在還沒得到網路共識的前提下,就已經在非官方的君士坦丁堡鏈上挖礦,假裝以太坊已經成功進行硬分叉。

 

礦工利之所趨的特性,仍舊持續考驗以太坊等公有區塊鏈未來走向。

 

Please follow and like us:

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

Social media & sharing icons powered by UltimatelySocial

Enjoy this blog? Please spread the word :)

RSS
Facebook
Facebook
YOUTUBE
LINKEDIN