The Ethereum hard fork was set to go underway on 16th January but has been massively delayed, now we are left wondering what is happening with the upgrade.
The update, known as Constantinople, is the latest in Ethereum’s recent network system upgrades but because of a vulnerability in Ethereum Improvement Proposal (EIP), 1283, which allows for a reentrancy attack, Constantinople was delayed. The core Ethereum developers had a meeting two days after the update was initially meant to go live to talk about the next steps and ultimately decided to postpone the network upgrade until 27th February, leaving investors and fans a little bemused to say the least.
The hard fork will be released in two parts, simultaneously. The first hard fork upgrade will include all five EIPs (this will include the 1283 bug) and on the second upgrade, 1283 will be removed, the developers feel that this is the most appropriate way to roll out the upgrade given the circumstances.
What is the Network Upgrade?
So you may have heard about the upgrade and you might be wondering what it actually is and what it means for the Ethereum network.
If you already know, let this refresh your memory, otherwise, Constantinople is one of the latest forks for the Ethereum network and has 5 EIPs. EIP’s mean that no single process can decide what happens within a network upgrade (so to speak). This means that anyone in the community will be able to submit suggestions in order to improve the network. To imagine EIPs, think of a suggestion box with developers reading the submissions and going on to implement them.
The five current EIPs will tackle cost, speed, function, efficiency and more.
- EIP 145 - Bitwise Shitfing Instructions
This EIP will add Bitwise shifting instruction to the Ethereum Virtual Machine. The instructions allow for bits of binary information to move to the left and to the right. This will mean that the execution of shifts in smart contracts will be a lot cheaper. Lowering the gas required for sending transactions, making the network more efficient.
- EIP 1014 - CREATE2
EIP 1014 was developed Vitalik Buterin himself. The upgrade will improve the enablement for state channels, an Ethereum scaling solution which is based on off-chain transactions.
- EIP 1052 - Smart Contract Verification
EIP 1052 enables smart contracts to verify one another by taking the hash of the other smart contract. Prior to Constantinople, smart contracts would have to pull the whole code of another in order to verify. There is a lot of time and manpower put into performing this. Lowering the volume of computing power needed to verify smart contracts
- EIP 1234 - Block Rewards & Difficulty Bomb Delay
This EIP is one of the most well known discussed in regards to the Constantinople upgrade. There are two components, which are Difficulty Bomb Delay and Block Reward Reduction
- EIP 1283 - SSTORE
The fifth EIP reduces the gas cost for the SSTORE operation. The full name of this proposal is ‘Net Fast Metering for SSTORE Without Dirty Maps’. The reduction allows for several updates to occur within a transaction at a much cheaper cost.
What Constantinople Will Change?
All of the above EIPs are part of a bigger plan for ETH 2.0 in which the Ethereum protocol will undergo many fundamental changes to improve the functionality in the long term. Some of the changes are:
- “Proof of Stake
- Improved scalability via sharding
- EVM (Ethereum Virtual Machine) improvements
- Improvements to cross-contract logic (e.g. abstraction)
- Improvements to protocol economics”
Vulnerabilities on the Hard Fork
The day before the Constantinople upgrade was set to go live, the smart contract auditing company ChainSecurity noted a crucial vulnerability on EIP-1283 which would make current contracts susceptible to a re-entrancy attack.
On 15th January, ChainSecurity posted a Medium article which mentions that the EIP-1283 could create a loophole in the Ethereum network through which attacks could gain access to the network and be able to steal funds. The attack was dubbed a ‘re-entrancy attack’ because it would give hackers a chance to enter into specific functions on the network on more than just one occasion without letting users aware.
In the end, an attacker would have been able to steal funds from the network without a trace.
In addition to this, ChainSecurity also said that:
“exploitation of this vulnerability would be highly unlikely as they were unable to find any pre-existing contracts that would be at risk.”
Despite the client developers, core developers and the whole community decided to delay the network upgrade after further testing. Furthermore:
“The Core Ethereum Devs held a meeting two days after the intended network upgrade to discuss how to move forward and when to reintroduce the Constantinople upgrade. On the call, the developers came to consensus on pushing the update for another 6 weeks in order to give a reasonable amount of time to test clients.”
What Does the Future Hold?
What the future holds all depends on how the community interact with the open-sourced Ethereum network.
If you are a holder of Ethereum, a smart contract or simply interact with the network at a high level, you won’t have to do anything more, so you can just wait for things to unfold from here.
For miners and exchange runners, you will have to update your parity clients when they are released.