The Bitcoin Podcast Network

Hashing It Out #35: Constantinople Postponement - Trail of Bits & ChainSecurity

Episode Summary

Back with season 2 of Hashing It Out, and we have a doozy! This Episode features Trail of Bits and ChainSecurity to talk about their amazing last-minute catch of EIP-1283's impact on the Constantinople Ethereum hard fork. We go over how they found it, what recommendations they made, and how the hard fork was postponed to quickly. We also discuss the tooling behind analyzing such a vulnerability, the true impact had it been released, and how the processes around hard fork release candidates could be altered by this detection. Links: - [empire hacking videos](https://blog.trailofbits.com/2019/01/18/empire-hacking-ethereum-edition-2/) - [EIP-1283 Analysis](https://github.com/trailofbits/publications/blob/master/reviews/EIP-1283.pdf) - [contract upgrade anti-patterns](https://blog.trailofbits.com/2018/09/05/contract-upgrade-anti-patterns/) - [How contract migration works](https://blog.trailofbits.com/2018/10/29/how-contract-migration-works/) - [Blockchain security contacts](https://github.com/trailofbits/blockchain-security-contacts) - [securify](https://securify.chainsecurity.com/) - [slither](https://github.com/trailofbits/slither) - eveem.org

Episode Notes

Back with season 2 of Hashing It Out, and we have a doozy! This Episode features Trail of Bits and ChainSecurity to talk about their amazing last-minute catch of EIP-1283's impact on the Constantinople Ethereum hard fork. We go over how they found it, what recommendations they made, and how the hard fork was postponed to quickly. We also discuss the tooling behind analyzing such a vulnerability, the true impact had it been released, and how the processes around hard fork release candidates could be altered by this detection. Links: - empire hacking videos - EIP-1283 Analysis - contract upgrade anti-patterns - How contract migration works - Blockchain security contacts - securify - slither - eveem.org