The auditor pointed out potential weaknesses in the Ethereum specs …

The auditor pointed out potential weaknesses in the Ethereum 2.0 specifications

Least Authority, a consulting firm, has unveiled the highly anticipated Ethereum 2.0 specification audit. IN his report the auditor noted the “thoughtfulness” of the presented work, but pointed out a number of points, which, by him words, require additional attention.

The auditor pointed out potential weaknesses in the Ethereum specs ...

“Since in the present time there are no other PoS systems at the production stage, the audit of the Ethereum 2.0 specifications was certain difficulties for our team and did our work is especially interesting “, – writes company.

The auditor pointed out potential weaknesses in the Ethereum specs ...

In particular, it mentions potential attack vectors, emerging ofper block release mechanism vulnerabilities and principles transmission messages online.

“With the elimination of the information leakage problem, the release of blocks remains the same the same safe as in PoW chains, but without additional costs in the form of computing resources. Team Ethereum 2.0 approved the proposed method, but mechanism of secret selection of the block producer everything yet is an area active research. Thus, we are awaiting additional information regarding of this mechanism with the transition of Ethereum 2.0 to the first and second phases of development “, – writes company.

In the peer-to-peer mechanism exchange messages It was identified three potential attack vectors. it concerns, for example, opportunities spam attacks: “We have identified a problem when a malicious node can send unlimited messages from more old blocks of the rest of the network with minimal punishment, which allows it to harm networks and restrict legitimate messages “.

The developers plan to launch the zero phase of the second version of the protocol on July 30 – in the fifth anniversary Ethereum. These plans still require final approval..