July 23, 2021: The Ropsten Rug 🐛🦟

EIP-1559 remains on schedule following last-minute bug fix

With just about two weeks before ETH-1559 is scheduled to go live on mainnet, a surprising bug popped up on Ropsten. It was a biggie as well.

Twitter avatar for @TimBeikoTim Beiko | timbeiko.eth 🦇🔊 @TimBeiko
For those who want to better understand the Ropsten issue, I've started a postmortem here:
notes.ethereum.org/@timbeiko/rops… I'll be updating it as clients have updated releases out, and we'll obviously be discussing it in detail on AllCoreDevs this friday.

banteg @bantg

Client diversity saves the day again The miners on Ropsten testnet run Geth exclusively, which had a consensus bug which was uncovered thanks to OpenEthereum and Besu rejecting the block 10,679,538. It's also fixed now in Nethermind and Erigon. https://t.co/7CLqt5ltNO

One invalid transaction, which should have been rejected due to a lack of funds, got accepted into block 10679538. Nodes running OpenEthereum and Besu rejected the block, but operators running geth, Erigon, and Nethermind all accepted the block.

Fortunately Ethereum devs are fast. The root cause was discovered after four and a half hours, and the first pull request to fix was submitted a mere five hours after the block was mined.

The fix was simply to add a missing check that caller had sufficient balance to cover transaction fee (gaslimit * gasprice), causing the node to reject the transaction upfront. Imagine how long it could have taken to fix a similar but on Bitcoin…

That said, it’s a frightening issue to crop up so close to ETH-1559 going live August 4th to 5th. What would happen if things went wrong on a live release?

The bulk of Friday’s Ethereum core dev call was dedicated to discussing this very issue.

The team discussed various scenarios for how they would respond to a similar bug on mainnet. For small bugs, participants mostly felt that the fraudulent transaction would be considered canonical. A funny little quirk in the history of the blockchain, an idiosyncrasy that eluded miners before an inevitable patch, the DeFi equivalent of a bank error in your favor.

For larger bugs, a rollback would be considered difficult but probably necessary. The number 1MM ETH was tossed out as a benchmark value that would merit this sort of work.

On the call they offered the community time to speak up if anybody had lingering reservations about going live on schedule. Nobody expressed any objections.

This means London will continue on schedule. The attentiveness of the devs to this bug and its aftermath gives me complete confidence the transition will go forward without significant incident. However, I’m an idiot, so do your own research. If you are afraid and expect it may be a debacle, you may consider buying an NFT as a hedge.

The 1559 NFT series is a beautiful and clever initiative to support EIP1559 contributors and commemorate the major milestone. If you believe the merge will be a non-extinction level disaster, then these tokens may appreciate in value simply for their historical significance. They’re already sold out, but perhaps you could purchase it secondhand.

To some extent, this is exactly why testnets exist. In practice though, they’re an imperfect solution. The fork had been deployed to other testnets for weeks before anybody finally noticed on Ropsten. Users may kick the tires on testnets, but incentives are not sufficient to really heavily stress test it. Who has more incentive to architect a complex chain reorg that reappropriated a significant value of $ETH: a hacker on mainnet, or a hobbyist on Kovan?

The higher stakes on mainnet will always make it ground zero for Hindenburg sized exploits. The ideal solution would be a training wheels testnet, which contained a modest and capped amount of value. This would provide users a more realistic venue with tangible incentives to hack it. All participants would agree any funds successfully drained would be kept and considered as a sort of bug bounty. The tough part would be actually capping value — if ERC20 testnet tokens started popping up then the testnet would become closer to an L2 — but nonetheless worth considering.

See you in London!


On an unrelated note, I’m just thrilled the various changes to Ropsten did not affect my doggy token I use with students for instructional purposes. The $HUSKY token is an up-only ERC20 that can only be minted for a higher price than previous minter paid. I’m thrilled that its beautiful ponzinomics continued unaffected throughout the entire migration process. With class dismissed for the summer, feel free to use it any way you like to break the testnet!

For more info, check our live market data at https://curvemarketcap.com/ or our subscribe to our daily newsletter at https://curve.substack.com/. Nothing in our newsletter can be construed as financial advice. Author is a $CRV maximalist.