Bug impacting over 50% of Ethereum clients leads to fork

Quick Take

  • A bug affecting older versions of a major Ethereum client is causing those nodes to split from the main network.
  • This affects around 54% of Ethereum nodes.

A bug in older versions of the Ethereum network client Geth has caused nodes running those versions to split from the main network.

The bug impacts older versions of Geth clients, specifically v1.10.7 and earlier. These make up nearly 75% of all Ethereum nodes, and 73% of Geth clients are still running the older versions.

This means that around 54% of Ethereum nodes are running with a major infrastructure bug.

The concern is that this could lead to double spending attacks, where cryptocurrency is spent but then the transaction is overwritten by the alternative chain.

The Block Research has identified this address as the one that exploited the bug and it was funded by a Tornado Cash client. The bug, which has the potential to impact other EVM-compatible chains, has also been exploited on Binance Smart Chain by this address and on Huobi ECO Chain by this address (H/t Peckshield). It does not appear to have been exploited on Polygon.

The impact of the fork

While a portion of nodes have split off from the network, it doesn’t appear to be having huge ramifications yet. It appears that the majority of miners are running updated versions of Ethereum, meaning the hash rate is supporting the longest chain. 

Regarding nodes running the older versions of Geth, they are effectively unable to access the main network. As a result, while there are possible exploits that could happen, the network appears to be stable for now.

Ethereum Foundation security lead Martin Swende tweeted, “A consensus bug hit #ethereum mainnet today, exploiting the consensus-bug that was fixed in geth v1.10.8. Fortunately, most miners were already updated, and the correct chain is also the longest (canon).”

Ethereum core developer Tim Beiko weighed in, saying that three mining pools appear to have been mining on the wrong version of Geth, including Flexpool, BTC.com and Binance. He said Flexpool originally reported the issue so was aware of it and that developers are getting in touch with the other two pools.

Finding the bug in an audit

This bug was found in an audit of Telos EVM, the version of the Ethereum Virtual Machine running on the Telos blockchain, according to a press release. Guido Vranken, auditor at Sentnl, which carried out the audit, found the bug, calling it a “high severity issue.”

After Ethereum core developers were informed about the issue, they released a patch on August 24 to fix it. But this only helps those who have upgraded their nodes.

When the fix was announced, a statement said, “The exact attack vector will be provided at a later date to give node operators and dependent downstream projects time to update their nodes and software. All Geth versions supporting the London hard fork are vulnerable (the bug is older than London), so all users should update.”

For more breaking stories like this, make sure to subscribe to The Block on Telegram.


© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Tim is the Editor-In-Chief of The Block. He writes about the evolution of crypto technology and the people who are at the forefront of it. He provided exclusive, source-based insights into the launches of the Bitcoin and Ethereum ETFs, crypto sales by the FTX Estate and the Trump-linked World Liberty Financial project. Prior to joining The Block, Tim was a news editor at Decrypt. He earned a bachelor's degree in philosophy from the University of York and studied news journalism at Press Association Training. Follow him on X @Timccopeland.