Key Points
- Optimism about authorized fraud prevention has turned around as vulnerabilities are discovered in audits.
- A hard fork named “Granite” is scheduled for September 10th to update the Optimism network.
Share this article
Optimism has reverted the network to a permissioned state after a community-led audit identified several bugs, including two serious issues in the recently released permissionless fraud prevention system.
The Optimism Foundation said in announcing the rollback for X that they were moving “extremely cautiously” to avoid potential instability while the vulnerability was patched.
In March, Optimism began testing its fault-tolerant system on Ethereum’s Sepolia test network to strengthen security and decentralization, and address criticism over previous vulnerabilities.
This decision comes just two months after the network implemented permissionless fraud proofs on June 10, followed by a token unlock event. This improved the network and enabled withdrawals of Ether and ERC-20 tokens, a milestone that has been described by Ethereum co-founder Vitalik Buterin as a step towards achieving Phase 1 decentralization.
Mofi Taiwo, a protocol engineer representing Optimism contributor OP Labs, submitted a proposal to the Network Governance Forum detailing why the fallback system is enabled. The post emphasized that the vulnerability was never exploited and user assets were never at risk.
“While the auditors found serious issues, no user assets were at risk. All of the audit issues listed below could have been detected by monitoring tooling,” Taiwo wrote in his proposal.
The identified vulnerabilities primarily affect contracts related to fraud prevention systems that are outside the scope of Optimism’s audit. These contracts have been classified as posing a risk to liveness and reputation, which do not require a formal audit, as per the project guidelines.
To address the issue, Taiwo proposed an upgrade called “Granite” scheduled for September 10th at 16:00:01 UTC. The upgrade includes several network updates, including an L2 hard fork. While the hard fork has not undergone a formal audit, OP Labs has conducted an internal security review and determined that the changes are low-risk.
Share this article