Over the past few weeks, the Ethereum network has been the target of ongoing attacks. The attackers were very cunning in finding vulnerabilities in client implementations and protocol specifications.
While recent patches have improved the overall resiliency of client implementations, the attacks have also demonstrated that low-level changes to the EVM pricing model are necessary.
Perhaps the most noticeable consequence for many users is that they are having difficulty including transactions in blocks and are facing memory limitations in managing the bloated state of entire nodes.
Our strategy to address these issues is:
- As a temporary measure to minimize the impact of the most recent attack, we recommend lowering the gas limit to 500K gas for all miners.
- Based on hard fork EIP 150 version 1c Applies in blocks.
2457000(see below). This adjusts the price of certain operations to better match the underlying computational complexity. - A second hard fork will soon follow, aiming to reverse the current “state expansion” caused by the attack. This second fork serves to remove empty accounts. Lack of code, balance, storage and nonce == 0.
We have implemented changes requested by our clients and are currently expanding and adding testing in an effort to prevent the introduction of consensus-breaking vulnerabilities.
And for reference, Ethereum Bug Bounty It is public and includes a new hard fork implementation.
Edit: The fork block has been moved to: 2463000 To accommodate more testing.