White hackers found a way to create an unlimited amount
Software

White hackers found a way to create an unlimited amount of Ethereum and got $2 million for it

The developers of the Optimism project, dedicated to scaling Ethereum, announced the discovery of a critical bug that allowed the creation of any number of tokens of this cryptocurrency. At the moment, this possibility has been ruled out and a record bounty paid for discovering the bug.

Image source: amhnasim/pixabay.com

Image source: amhnasim/pixabay.com

In theory, the vulnerability allowed attackers to create as much Ethereum as they wanted in an Optimism account – this was discovered by white hacker Jay Freeman, best known as Developer of jailbreak software Cydia for iOS.

In a post, Freeman explained that the bug allowed an attacker to duplicate funds using the Optimistic Virtual Machine (OVM) 2.0 fork of the Go Ethereum tool. For his discovery, Freeman received the largest reward in the history of “bounty hunters” — $2,000,042. According to the Optimism team, the bug allowed the creation of Ethereum on their platform by repeatedly running the SELFDESTRUCT execution code to recover the funds to fill up.

The Optimism blog mentions that analysis of the blockchain showed that the flaw had not previously been exploited, with the exception of an accidental activation by an employee of the startup Etherscan, but it did not take advantage of the opportunities that arose. Optimism fixed the issue within a few hours of confirming it.

At the end of last year, Optimism abandoned the “white list” and allowed all developers to create projects on its network. Before that it was only available for special projects like Uniswap and Synthetix. This limitation made it easier to spot and fix potential bugs.

About the author

Robbie Elmers

Robbie Elmers is a staff writer for Tech News Space, covering software, applications and services.

Add Comment

Click here to post a comment