Week in Ethereum News, September 18, 2021 - thanks to Celer for making this issue possible!

Eth News and Links

Mainnet execution layer

  • Upgrade Nethermind nodes to v1.11.2! Unsuccessful attack publishing ~550 blocks with invalid PoWs, small number of Nethermind nodes switched to invalid chain, all affected nodes reorged back to good chain

  • Latest core devs call video. Notes from Tim Beiko:

    • PoW switch off difficulty to be hardcoded rather than computed

    • EIPs to include with difficulty bomb delay to be decided on next call; candidates: EIP3860 limit initcode, EIP3855 PUSH0 opcode and EIP3756 gas cap limit

  • Erigon v2021.09.03: fixes and tx pool improvements

  • Postmortem on August 27 minority chain split

  • Geth sunsetting fast sync, in favor of snap sync

Proof of stake consensus layer

Layer2


This newsletter is made possible thanks to Celer Network!

Celer Network is a layer-2 scaling platform that brings fast, secure and low-cost blockchain applications. Celer cBridge 1.0 is now live on mainnet. Users are now able to use cBridge to instantly transfer tokens across 10 different chains and optimistic rollups

Since launch, cBridge has witnessed doubling weekly volume growth and reached $120M total transaction volume today. Use at cbridge.celer.network


Stuff for developers

Security

  • SushiSwap’s Miso ~860 ETH exploit changed recipient of Kia Sedona NFT proceeds, supply chain attack of front end; funds were returned

  • OpenZeppelin UUPS proxy post mortem, uninitialized implementation contracts could be self destructed bricking any proxy using it

  • Yearn Vesting Escrow bug, escrow could be reinitialized and bricked after ownership renounced

  • Yam Finance post mortem from minting 20 billion YAM in error

  • Privacy in DeFi, many trackers on DeFi websites can record Eth addresses and can trivially link to Personally Identifiable Information

  • Air dropped tokens with apparent high value revert on approve, directing to a website that sweeps highest held ERC20

  • OpenZeppelin security guidelines for contract development

  • Guide to using linear programming to calculate optimal parameters so as to determine maximum funds at risk when disclosing vulnerabilities

  • Babel, Daian, Kelkar paper on quantifying economic security, including tool for doing so

Ecosystem

Enterprise

Application layer

Regulation/business/tokens

General


Job Listings

Want to reach people experienced with Ethereum? List your job here. $345 per line (~75 character limit including spaces), payable in ETH (or 345 DAI or 345 USDC) to abcoathup.eth. Questions? abcoathup at-gmail


Follow @WeekinEthNews to find out what the most clicked links are. Follow @evan_van_ness and @abcoathup to get most of the week’s news in real time.

Permalink for this week’s issue: https://weekinethereumnews.com/week-in-ethereum-news-september-18-2021/


Dates of Note

Upcoming dates of note (new/changes in bold):

Did you get forwarded this newsletter? Sign up to receive it weekly