- A “gray hat” hacker has described how he identified a critical Ethereum bug
- The bug, in the Optimism L2 code, could have allowed limitless minting of ETH
- Jay Freeman picked up $2.1 million in bug bounties for the find
A “gray hat” hacker has described how he found a critical flaw in the EthereumOptimism scaling solution that he could have used to mint an unlimited amount of ETH. Jay Freeman (known as ‘Saurik’ online) explained how he found a bug in the Ethereum virtual machine that executes smart contracts on Optimism, but instead of using it to mint a barrel load of ETH he reported it and took home $2.1 million in total bounties. The reporting came with a criticism from Freeman that blockchain projects shouldn’t treat “basic issues of decentralization or security” as afterthoughts.
‘Unbridled Optimism’ Would Have Seen Anything But
Freeman described in a blog post published yesterday that he discovered the bug to be related to the bridging aspect of the Optimism protocol, the same mechanism that hit the Wormhole protocol earlier this month. Freeman dubbed the bug ‘Unbridled Optimism’ and described in no uncertain terms what it could do:
Exploiting this enables the attacker to have access to an effectively unbounded number of tokens (aka, the IOUs) on the far side of the bridge. It is my contention that this is more dangerous than merely tricking the reserves into allowing a withdrawl (sic). With the ability to sneakily print IOUs (known on Optimism as OETH) on the other side of the bridge, you still can try to (slowly) withdraw money from the reserves, but now it will look like a legitimate transfer, making it easier to go unnoticed.
Freeman Advocates More Careful Design
Freeman revealed that while no one had exploited the bug, someone working for Etherscan had already seen it – they just hadn’t realized what they were looking at.
In his summary, Freeman opined that while the maxim of ‘move fast and break things’ may work in some tech sectors, it shouldn’t apply when people’s money is at stake:
I thereby sometimes balk at “helping” other projects with basic issues of decentralization or security, as I feel like those can’t be afterthoughts: this stuff is too important to be releasing quickly and adjusting the design in the field.
Thankfully for Ethereum, and Optimism developers especially, Freeman was one of the good guys and didn’t use the exploit for ill, but it is a reminder of just how close we can come to calamity with just one piece of rogue code.