optimism Office
+4.83%
The launch of permissionless fraud proofs, also known as error proofs, is a significant achievement for the Ethereum-based ecosystem, as it allows users to challenge potentially fraudulent or incorrect transactions on a layer 2 network. Unlike permissioned fraud proofs, where only trusted proposers can challenge transactions, permissionless fraud proofs open up the mechanism to all users.
With these developments, Optimism can claim to have reached Level 1 decentralization, as described by Ethereum co-founder Vitalik Buterin. Level 1, or “limited training wheels,” requires that there be a fraud prevention system in place on the Layer 2 network, but a multisig of trusted parties can retain the power to override the system if a bug is identified or exploited.
But less than two months after the permissionless fraud prevention feature went live on June 10, the Optimism Foundation announced on X that it had reverted the network to a permissioned state after a “community-driven audit” that identified several bugs, ranked by severity.
A representative from Optimism contributor OP Labs submitted a proposal to Optimism’s governance forum explaining why the fallback system was enabled and details the security vulnerability discovered.
“None of the vulnerabilities were exploited, no user assets were put at risk, and never have been. However, out of an abundance of caution, authorized fallback mechanisms were activated to avoid potential instability while the vulnerabilities were patched,” protocol engineer Mofi Taiwo wrote.
Of the identified vulnerabilities, two were rated high severity according to Optimism’s ImmuneFi bounty scale. “While our auditors found several high severity issues, no user assets were at risk. All audited issues listed below were detectable with our monitoring tooling,” Taiwo wrote in his post.
While the fallback mechanism was audited, certain contracts related to the fraud prevention system were outside the scope of Optimism’s audit. “…the disputed games and MIPS contracts fall into the active/reputational risk category, which does not require an audit. The fallback mechanism allows for easy recovery from bugs and does not pose a risk to user funds. Therefore, we have decided not to pursue a remediation review of the changes made in this proposal,” the proposal reads.
Taiwo’s proposal would schedule the upgrade for September 10 at 16:00:01 UTC. The upgrade, dubbed “Granite,” would require several updates to the network, including an L2 hard fork. While Taiwo’s post notes that the hard fork is unaudited, the post does note that OP Labs conducted a security review of the changes and found them to be low risk. The Block could not immediately be reached for comment on the optimism.
Disclaimer: The Block is an independent media outlet providing news, research and data. As of November 2023, Foresight Ventures is the largest investor in The Block. Foresight Ventures invests in other companies in the cryptocurrency space. Cryptocurrency exchange Bitget is an anchor LP of Foresight Ventures. The Block continues to operate independently to provide objective, impactful and timely information on the cryptocurrency industry. Current financial disclosures include:
© 2024 The Block. All rights reserved. This article is provided for informational purposes only. It is not provided or intended to be legal, tax, investment, financial or other advice.