chepicap.com
It is being reported by Coindesk that a vulnerability has been found within the Constantinople upgrade which was due to launch shortly on the Ethereum blockchain. The issues was discovered by ChainSecurity, prompting the development team to call a delay to the new protocol as the issues could not be fixed in time.
The problem stems from Ethereum Improvement Proposal (EIP) 1283, and has to do with lower gas costs for functions such as sending and receiving, paving way for what is known as a "reentry attack," which essentially could let attackers move funds without the knowledge of the initial user.
Joanes Espanol, CTO of Amberdata, is quoted in the article:
"Imagine that my contract has a function which makes a call to another contract… If I’m a hacker and I’m able to trigger function a while the previous function was still executing, I might be able to withdraw funds."
Chainsecurity details the technical aspects of this vulnerability in a Medium post from earlier today. The development team has not yet set a date for the new launch, though presumably as things get worked out an updated timeline will emerge.
The markets seem to have reacted negatively to the news, with Ethereum itself down -5.92% to $121.32 at the time of this writing, and the rest of the market dropping in a similar fashion, though not quite as fast.
Hopefully this gets worked out and the team gets back on track soon. Stick right here with Chepicap for all updates on the Ethereum fork!