A critical consensus bug has been uncovered in a testing environment used by one of the two principal softwares crucial to the operation of the world’s second-largest blockchain. Revealed last night by UK-based Parity Technologies in a blog post, the issue was found to cause those running the software to fall out of sync, meaning others using different software would not recognize their transactions.
While the vulnerability was found on a testnet, the worry is that it could be exploited on the mainnet as well. As such, Parity is now urging all users to update their software to a newly patched version.
Publicly available data suggests the bug could have impacted roughly 30 percent of the ethereum network – those that use software issued by Parity to stay in sync with the wider network. But according to representatives of Parity, the issue was patched before it reached nodes operating the live ethereum blockchain.
Still, companies must update to the new software to remain safe from the vulnerability on the mainnet. Speaking on Twitter, several companies, including mining pool Bitfly, have come forward to state they’ve updated their software to the newly secured iteration (1.10.6-stable or 1.11.3-beta).
As companies that operate on ethereum begin updating their software to avoid the issue, it has been theorized that it could still impact any blockchains that run Parity software, including users of ethereum classic (ETC). The news of the vulnerability comes at a time when Parity has been under increased scrutiny for several similar security issues. Most notably, last November, a bug in one of the company’s wallet offerings led 513,774.16 ETH, or $311 million according to current metrics, being frozen and in turn, inaccessible to its owners. Read more from coindesk.com…
thumbnail courtesy of coindesk.com