Celo Blockchain already addresses disclosed and fixed Ethereum state attack

Celo Blockchain already addresses disclosed and fixed Ethereum state attack

The Ethereum community today disclosed a severe security vulnerability due to slow access to state. This vulnerability has now been addressed for Ethereum by a number of changes to the protocol and client implementations over the last 12 months.

Engineers working on the Celo blockchain, as part of the broader group of Ethereum clients, have been tracking this issue for a while and were formally notified about the intention to disclose its existence on 4/26/21. We received a draft of the linked post and looked into remediation measures. The post is an interesting read and a great overview of this issue.

In summary, Celo Blockchain 1.3.1 enables state snapshots by default, meaning that the vast majority of nodes that have upgraded recently are not vulnerable to this attack, securing the Celo network overall.

The attack involves a crafted smart contract performing a large number of lookups for random values in the state trie. Prior to snapshots, the Celo Blockchain client did 6-7 LevelDB lookups for each lookup in the state trie. Snapshots enable constant time lookups to the state trie which reduces the time to process an attack from about 20 seconds to about 1 second.

With snapshots enabled, we did not need to add EIP-2929 and EIP-2930 (gas increase costs and state access lists) to the Donut hard fork to solve this issue.

We strongly encourage anyone operating a Celo node to upgrade to the latest version, Celo Blockchain 1.3.2, which incorporates these changes and also addresses a security issue fixed in the Go v1.16.4 release.

We deeply appreciate the cooperation of the core Ethereum developers and the continued work and collaboration of the broader community.