Week in Ethereum News, August 28, 2021 - thanks to Streamr for making this issue possible!
Eth News and Links
Mainnet execution layer
Consensus bug (CVE-2021-39137) exploited causing a small chain split for those who did not update their Geth nodes as instructed:
Most miners had already updated and the incorrect minority chain was short-lived
Update now to Geth v1.10.8 and Erigon v2021.08.04 (or later)
Exploit explainer: pointer to contract's memory was overwritten (pointers are confusing)
Impacts Geth based EVM networks (sidechains and Layer2)
Geth removing deprecated RPC flags, update command line flags to use http instead
100,000 ETH burnt with EIP1559 since London upgrade
Execution layer client teams granted $1.5 million from application layer projects (Compound Grants, Lido, Synthetix, The Graph and Uniswap Grants) and Kraken, in addition to Ethereum Foundation funding
EIPs/Standards
EIP3772: Compressed Integers
EIP3770: Chain-specific addresses
EIP3756: Gas Limit Cap
EIP3754: Vanilla Non-Fungible Token Standard
EIP3742: Multi Party Contract Standard
Proof of stake consensus layer
Stakers: you must update to the latest Geth or Erigon if you run them. Also be prepared for the Altair upgrade coming at the end of September
Beacon chain minor incident:
Orphaned blocks caused small number of dropped attestations, resulting in a 1-2% drop in participation
Caused by Lido overreliance on one node serving the queries of 4000 validators
Data driven investigation
Danny Ryan’s Finalized PoS update: Altair upgrade of Prater testnet on September 2, Beacon chain upgrade targeting end of September
Latest What’s New in Eth2
PoS implementers call. Notes from Alex Stokes and Ben Edgington
Teku v21.8.2: Altair upgrade of Prater and reduced CPU and memory usage
Lighthouse v1.5.1: Altair upgrade of Prater, v1.5.0 improved networking stack and doppelganger protection, downgrade requires resync
Nimbus privacy focus impacts crawlers as cycles libp2p peerid on restart and doesn’t accept socket connection when peer table is full
Proposal for committee-driven MEV smoothing to equally share a block’s MEV among the committee members and the proposer
Predicted exit/entry queue clog once withdrawals enabled due to validators wanting to compound their stake and rotate keys, these use cases should be handled without an exit/entry to avoid clogging
Stereum launcher: beacon chain client installer, supports 4 clients
Layer2
Optimism adds custom ERC20 token deposit and withdrawals
Nova: trustless relaying of contract calls between L2 and L1, deployed on Optimism and mainnet, restricted to approved projects for now
Hop enables fast exits from Optimism to mainnet for USDC and USDT, avoids 7 day optimistic rollup withdrawal time
Loopring zkRollup NFTs: mint, trade and transfer on L2, deposit to L2, withdraw to L1, supports ERC721 and ERC1155
L2Beat adds risk view: security, data availability, what can be changed and what to do on censorship or system goes offline
This newsletter is made possible thanks to Streamr!
The Streamr Network is being built to provide a decentralized real-time messaging protocol for web3. The network is a decentralized, topic-based publish-subscribe system. Each stream or pub-sub topic has its own P2P overlay network that is built and maintained by a set of BitTorrent-like trackers.
Testnets for the current Brubeck milestone of the network are now running. Contribute your idle bandwidth and run a node in the Streamr Network to earn rewards, with 2M DATA tokens up for grabs! DATA is an ERC-20 token, currently trading on most major exchanges, that will power the tokenomics mechanism on the Streamr Network. Learn how to run a Streamr node here.
For more information about the project, you can talk to the team on the Streamr Discord server!
Stuff for developers
Ganache v7.0.0 alpha: local blockchain (formerly ganache-cli), significantly faster and more memory efficient, can run in browser
Remix tools in VSCode: compile, deploy to public chains with MetaMask and debug with Remix's Debugger
Modern ERC20 implementation using Solidity over/under flow checks
Anton Bukov’s Cumulative Merkle Tree drop, currently being audited
opensea.rs: Rust CLI for OpenSea, supports Flashbots bundles, so orders don't get frontrun
Etherscan Transaction Decoder: single view of emitted events, state difference and execution trace
Etherscan adds verified contract name to creation transaction
Deep dive of on chain SVG NFT examples
ShadowySuperCoder NFT and infrastructure discounts for 100k addresses that deployed 1 or more contracts on mainnet (Disclosure: I claimed)
Security
OpenZeppelin Contracts TimelockController had security vulnerability, actor with executor role could escalate privileges, projects should migrate to TimelockController in v4.3.1
SushiSwap paid $1 million bounty to samczsun for Miso vulnerability disclosure where $350 million was at risk and assistance with mitigation
Ecosystem
Guide to EIP1559 gas fee calculations, explains base fee, priority fee and max fee (per gas)
Leveraged sandwiching using flash swaps
Discussion on need for a multi-chain ethereum provider
Impersonator: log in to dapps impersonating any address via WalletConnect
Vitalik: alternatives to selling NFTs at below market prices to avoid selling out quickly and gas market spikes
Enterprise
Visa buys CryptoPunk and shares NFT whitepaper
Head of Gaming at YouTube: Play-to-earn next major gaming model along with open market for in-game digital items
Budweiser buys Beer.eth and changes profile picture to rocket ship NFT
Application layer
ENS DNS namespace integration: domain name owners can import domains (such as weekinethereumnews.com) for use on ENS
Lyra: native options trading on Optimism rollup, starting with single ETH market and liquidity provided by LyraDAO
DAI peg mechanics explainer of Vault mechanism, DAI saving rate and Peg Stability Module
Uniswap interactive math demos
Jonathan Mann deploys NFT with on chain song
Simon de la Rouviere: NFT fiction, top down vs bottom up
Regulation/business/tokens
USDC reserves derisking to cash and short duration US Treasuries
Paypal launches crypto services in UK to buy, hold and sell cryptocurrency
a16z token delegation open sourced: best practices, criteria for assessing delegates and legal mechanics and template docs
ETH daily issuance lower than BTCs for first time due to EIP1559 and NFT activity
General
🎂 Week in Ethereum News turned 5, first issue was August 21, 2016
Gartner: NFTs are at the peak of inflated expectations but DeFi has plenty of room for hype growth
Analysis of cross chain bridges: security model, incentives and limitations
Job Listings
Futureswap is hiring a Product Marketing Manager
Vac (Status) is looking for a smart contracts protocol engineer for Waku
Trail of Bits: Blockchain Security Apprenticeship
Solidity is hiring a C++ dev
Nethermind internship program
Want to reach people experienced with Ethereum? List your job here. $345 per line (~75 character limit including spaces), payable in ETH (or 345 DAI or 345 USDC) to abcoathup.eth. Questions? abcoathup at-gmail
Follow @WeekinEthNews to find out what the most clicked links are. Follow @evan_van_ness and @abcoathup to get most of the week’s news in real time.
Permalink for this week’s issue: https://weekinethereumnews.com/week-in-ethereum-news-august-28-2021/
Dates of Note
Upcoming dates of note (new/changes in bold):
Sep 2 – Prater testnet upgrade to Altair (epoch 36660)
Sep 8 – Gitcoin Grants Round 11 starts
Sep 15-17 – MetaCartel MCON Denver
Sep 17-Oct 15 – ETHOnline hackathon
Oct 1-3 – EthAtlanta enterprise-focused hackathon & keynotes
Oct 20-21 - LisCon (Lisbon)
Oct 22-24 – ETH Lisbon hackathon
Did you get forwarded this newsletter? Sign up to receive it weekly