CoinDesk Analysis Team
CoinDesk
Ethereum PoW, the version of the Ethereum blockchain that continues to run on a proof-of-work (PoW) consensus mechanism, experienced a replay exploit over the weekend due to a faulty third-party contract.
Developers of Ethereum PoW were alerted of the issues and immediately took steps to rectify the problem.
The blockchain was established as a fork of the Ethereum network, which switched to a proof-of-stake (PoS) consensus mechanism on Thursday in an event known as the Merge. The PoS network now continues as Ethereum.
The replay exploit refers to the same transaction being duplicated on both chains when they’re not supposed to.
This means if a user transacted on Ethereum PoW, the same was executed on Ethereum – which eventually allows attackers to illicitly trick smart contracts into releasing tokens from one chain, even as the actual transaction was executed on another chain.
Attackers used the Omni bridge of the Gnosis network to conduct the exploit. Some 200 weighted ether (wETH) was transferred through the bridge on Saturday, and the same transaction was replayed on the PoW chain – resulting in the attacker gaining 200 ETHW, or approximately $1,600 at the time.
Faulty data from the Ethereum PoW network’s Chain ID used by a contract caused the issue, security firm BlockSec said in a tweet. A Chain ID is a set of numbers used by the browser-based crypto wallet MetaMask to sign transactions for the network. An incorrect Chain ID causes transactions to fail because users aren't connected to the correct network, rendering a network unusable.
BlockSec warned that the issue might eventually cause the balance of the chain contract deployed on the PoW chain to “be drained.”
Meanwhile, Ethereum PoW developers said in a Sunday post that the attack exploited the contract vulnerability of the bridge, and not their blockchain itself.
"We have contacted the bridge in every way and informed them of the risks," it said. "Bridges need to correctly verify the actual ChainID of the cross-chain messages," the developers wrote.
As such, the network saw glitches on its first day with users stating they weren't able to access the blockchain's servers using public information provided by Ethereum PoW. CoinDesk verified the claims and wasn't able to access Ethereum PoW’s web servers using those links provided, as reported.
ETHW tokens tumbled in the past 24 hours following the exploit, falling some 37%, and extending weekly losses to over 80%, CoinGecko data shows.
All writers’ opinions are their own and do not constitute financial advice in any way whatsoever. Nothing published by CoinDesk constitutes an investment recommendation, nor should any data or Content published by CoinDesk be relied upon for any investment activities. CoinDesk strongly recommends that you perform your own independent research and/or speak with a qualified investment professional before making any financial decisions.
Recommended Content
Editors’ Picks
Bitcoin, Ethereum Spot ETF in Hong Kong sees underwhelming response with $12 million in trade volume
Bitcoin and Ethereum Spot ETFs issued in Hong Kong registered a combined trading volume of around $12 million at market close on Tuesday. When compared to the US stock market, the response from the Asian market is underwhelming.
Top 3 meme coins price prediction Dogecoin, Shiba Inu, Bonk: Memes outperform Bitcoin on two week timeframe
Crypto sector performance over the past two weeks shows meme coins emerged as clear outperformers, beating Bitcoin, AI coins and Binance coin categories. Bitcoin price losses nearly 4% of its value on Tuesday, exchanging hands at $61,657 on Binance at the time of writing.
XRP climbs past $0.51 as Ripple motion receives SEC response
Ripple trades broadly sideways on Tuesday after closing above $0.51 on Monday as the payment firm’s legal battle against the US SEC persists, now in the form of crossed motions to determine which materials and testimonies have to be included in the case.
Worldcoin’s four buy signals hint at a reversal rally Premium
Worldcoin (WLD) price is setting the stage for a recovery rally. After more than two weeks of mounting bullish signs, WLD has not only formed a potential bottom but has also flashed a buy signal, hinting at what’s about to come next.
Bitcoin: BTC’s next breakout could propel it to $80,000 Premium
Bitcoin’s (BTC) recent price consolidation could be nearing its end as technical indicators and on-chain metrics suggest a potential upward breakout. However, this move would not be straightforward and could punish impatient investors.