Recent weeks have seen the Ethereum network under siege from a range of sophisticated attackers. The attackers have been able to exploit vulnerabilities both in client implementations and in the protocol itself.
Recent patches have enhanced the resilience of the Ethereum clients, but the attacks have highlighted the need for a modification in the pricing model of the EVM.
The most apparent consequence of the attack is that users have been unable to include transactions in blocks, and full nodes are suffering from memory overflow due to the bloated state of the network.
The following is a strategy for tackling these issues:
- As an interim measure, miners are urged to lower the gas cap to 500K gas in order to mitigate the effect of the attack.
- A hard fork based on the EIP 150 version 1c will be initiated at block number
2457000[see below]. The fork is intended to adjust the cost of transactions to reflect the actual computational complexity. - Following this, a second hard fork will be executed to undo the current “status bloat”. This change was prompted by the attack, and will be used to eliminate empty accounts.
We have implemented the changes on the client side, and are also adding and extending tests to prevent any further compromises.
We would like to remind all users that Ethereum is open source and can be used to facilitate the implementation of new hard forks.
EDIT: The fork block has been moved to 2463000 to allow for additional testing.
