Optimism quietly patches critical testnet flaws after rival's tip-off

Quick Take

  • Optimism on Thursday fixed vulnerabilities on its testnet, a few weeks after its competitor flagged the security flaws to its team. 

The Layer 2 network Optimism has repaired two critical vulnerabilities on its testnet at least several weeks after learning of them. 

Offchain Labs, which first identified the vulnerabilities, stated on Friday that Optimism updated its testnet on April 25. The since-fixed security flaws allowed bad actors to manipulate the chain's history and execute other “subtle attacks,” the software firm said.

On March 22, Offchain Labs alerted Optimism about two issues with its testnet: Bad actors could force the OP Stack fraud-proof mechanism to accept a fraudulent chain history, and an exploiter could prevent it from accepting a correct chain history.

“These are difficult problems to solve,” Offchain Labs, which is a competitor of Optimism, said in the statement. It added that fraud-proof protocols and their timing aspects are “very difficult” to design.

According to Offchain Labs, Optimism has since modified its timer-handling code to fix the vulnerabilities. To be sure, Layer 2 testnets, or test networks, exist to identify networks’ security flaws before their official launches.


Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.

© 2024 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

AUTHOR

Elizabeth Napolitano is a data reporter covering business and technology news, with a focus on cryptocurrencies. Prior to joining The Block, Elizabeth reported on BigTech, AI, crypto and videogames for CBS Moneywatch. As a CoinDesk reporter, she covered DeFi, NFTs and U.S. courts. She holds an MA in Journalism from CUNY. Follow her on X: @LizKNapolitano

See More

Editor

To contact the editors of this story: Jason Shubnell at [email protected], Lawrence Lewitinn at [email protected]

WHO WE ARE

The Block is a news provider that strives to be the first and final word on digital assets news, research, and data.

+ Follow us on Google News
Connect with the block on