Ethereum Software Parity Urges Users to Update After Uncovering Critical Bug
A critical bug has been detected in a testing environment used by parity software, one of the two softwares crucial to the operation of Ethereum.
Reported last night by Parity Technologies in a blog post, the issue was causing the software to fall out of sync, meaning those using other softwares would fail to recognize their transactions. Parity now asks its users to update the software to the new version.
According to the publicly available data, the bug could’ve impacted nearly 30% of the ethereum network – especially those that use the software to stay in sync with users of other softwares. But, a fix was found before the issue could reach the nodes operating the ethereum blockchain.
Many companies operating on ethereum have already resorted to the latest update to avoid this issue. But it has been theorized that the issue could still affect blockchains that run the software, including ETC (Ethereum Classic) users. Still, companies must update to the newly patched version to ensure safety on the mainnet.
Wei Tang, a Parity developer, said the Parity software’s team in charge had overlooked three lines of code from EIP (Ethereum Improvement Proposal) 86, which caused this bug.
Wei explained that the team missed a conditional check in the code that caused Parity to accept blocks containing invalid transactions. Many such transactions were discovered on the testnet yesterday, and the incompatibility of these transactions with the wider network led to a fork between Geth and Parity clients.
Kirill Pimenov, head of security at Parity Technologies, said in a press release that in the worst case these transactions would have corrupted several other blocks on the ethereum mainnet, and this would make sure these transactions still get treated as valid by the other affected ethereum nodes. With sufficient hash power, an exploit like this would lead to a blockchain split, Pimenov added.
The team was able to prepare a fix before anyone could exploit the bug, Pimenov continued. As a result, the team could avert a blockchain split.
According to Wei, the fix was simple and required the team to add those three missing lines of code. He added:
“But yeah this three lines have severe effect. We’ve also got many eyes to review the code during the process.”
Follow us on Telegram!