Homestead was the second major planned version, and included three so-called EIPs, or “Ethereum Improvement Proposals”: EIP-2, EIP7, EIP-8
This proposal is to introduce a new testnet to provide a stable, secure testnet environment for Ethereum developers, due to the instability of the existing Ropsten testnet. On 24th Feb 2017, Ropsten was under a denial-of-service attack (“spam attack”). Average block propagation time has since slowed to a crawl as a large miner has decided to deploy several zero-value high-gas transactions to spam the test network continually. The attacker’s intentions are unknown, but the result is that Ethereum developers who rely on Ropsten no longer have a stable public testing environment to deploy and test their smart contract code prior to deploying to production on the mainnet chain.
Ads for cryptocurrencies, ICOs, wallets and exchanges will be blocked from June (2018) to prevent scams, following Facebook’s move in January (2018). Google will ban all adverts for cryptocurrencies, including bitcoin and initial coin offerings (ICOs), as it seeks to “tackle emerging threats”. The ad ban will come into force from June as part of a clampdown on unregulated financial products. Google’s director of sustainable ads, Scott Spencer, said in a blogpost: “We updated several policies to address ads in unregulated or speculative financial products like binary options, cryptocurrency, foreign exchange markets and contracts for difference (or CFDs).”
A Plasma chain is a separate blockchain anchored to Ethereum Mainnet but executing transactions off-chain with its own mechanism for block validation. Plasma chains are sometimes referred to as "child" chains, essentially smaller copies of the Ethereum Mainnet. Plasma chains use fraud proofs (like optimistic rollups) to arbitrate disputes. Plasma Cash is a Plasma construction based around the use of unique identifiers for each token on the Plasma chain. Similar to cash in your pocket, tokens on the network are given unique serial numbers. https://karl.tech/plasma-cash-simple-spec/
Hardware wallet manufacturer Ledger has published a firmware update to remedy several security flaws. The exploits were independently found by a trio of white hat security researchers, one of whom, Saleem Rashid, is a 15-year-old British boy. “An attacker can exploit this vulnerability to compromise the device before the user receives it, or to steal private keys from the device physically or, in some scenarios, remotely,” https://saleemrashid.com/2018/03/20/breaking-ledger-security-model/
CryptoKitties, the virtual collectible kitten game that turned into a viral sensation has raised $12M in funding and will be spun out from Axiom Zen, the Vancouver and San Francisco-based design studio that originally built the game. The round is being led by Andreessen Horowitz and Union Square Ventures. So what are CryptoKitties? They’re essentially digital collectibles built on top of the Ethereum blockchain. Each one is unique and has certain attributes that make them rare and desirable, almost like a digital beanie baby. And users are spending tons of real money on them, with some of the rarest kitties fetching over $100,000 when the game first launched.
Losing 39% of its value since the start of the year, $ETH hit $451, its lowest price of the year so far. Since the beginning of 2018, the total market for cryptocurrencies has more than halved and is currently just $301 billion, according to CoinMarketCap, after starting the year at $608.2 billion.
Coinbase parts ways with Neutrino employees who worked at Hacking Team following a customer backlash. Neutrino maps blockchain networks, focusing on crypto token transactions, and one of its main services is working with law enforcement to track stolen digital assets, investigate ransomware attacks and analyze activity on the "darknet" Before launching Neutrino, CEO Giancarlo Russo, CTO Alberto Ornaghi and chief research officer Marco Valleri worked at Hacking Team, a security and surveillance tech company that has been criticized for selling products to governments with a history of human rights violations, including Egypt, Kazakhstan, Russia, Saudi Arabia, Sudan and Turkey.
Hong Kong-based cryptocurrency exchange Gatecoin will shut down and enter liquidation after an unsuccessful attempt to recover funds lost in a dispute with a former payment services provider. Since 2016, the exchange has had a series of troubles unrelated to its banking services, as it lost 185,000 ETH and 250 BTC in a cyber attack.
DragonEx announced the news on its official Telegram channel on Monday, stating that, on Sunday, March 24, it had suffered a cyberattack that saw cryptocurrency funds owned by users and the exchange "transferred and stolen." “Part of the assets were retrieved back, and we will do our best to retrieve back the rest of stolen assets,” DragonEx said in a Telegram announcement.
In a blog post by Krakens Chief Security Officer - Nick Percoco - they announce that 2FA via Google Authenticator and Yubikey will be mandatory and existing clients will be required to enable it on their next login. In hand with this announcement, they also introduce their Kraken Security Lab - an effort is committed to improving the security of the entire cryptocurrency ecosystem by performing vulnerability research against 3rd party products – like hardware wallets, software wallets, and other related technology – and disclosing identified issues in a way that does not jeopardize the security of the industry or our clients, but rather improve security for our clients and the world once the issues are fixed.
The purported North Korea-backed hacker group Lazarus is still targeting crypto, while adopting new techniques, according to a new report. Kaspersky notes that the hackers are still targeting systems involved in the cryptocurrency and fintech industries, and advised players in those sectors to exercise caution: “If you’re part of the booming cryptocurrency or technological startup industry, exercise extra caution when dealing with new third parties or installing software on your systems [...] And never ‘Enable Content’ (macro scripting) in Microsoft Office documents received from new or untrusted sources…”
South Korean crypto exchange Bithumb has had around $13 million in the EOS cryptocurrency stolen in a hack it suspects was an insider job. The company confirmed in statement on Saturday that it first spotted an “abnormal withdrawal” of the cryptocurrency through its monitoring system at 22:00 Korean time (13:00 UTC) on Friday, March 29 2019. The exchange suspended asset withdrawals and deposits on the platform after noticing the breach.
Two Chinese nationals were charged today by the US Dept of Justice and sanctioned by the US Treasury for allegedly laundering over $100 million worth of cryptocurrency out of the nearly $250 million stolen by North Korean actors known as Lazarus Group after hacking a cryptocurrency exchange in 2018.
On March 14, 2020, MakerDAO announces a debt auction citing recent market activity and the resulting accumulation of protocol debt in the MakerDAO system. Reportedly $2M to be wiped off the debt of $4M that incurred as a result of the previous weeks ETH market instability.
A zero-day exploit is an exploit that takes advantage of a vulnerability that hasn't previously been identified. Once a zero-day exploit is revealed, it’s basically a race between those who want to exploit it and those who want to patch the affected system. The listing, on the OpenSea NFT marketplace, advertised the token as a “post-authentication memory corruption vulnerability in ioquake3 engine. The issue can be exploited to cause a denial-of-service condition, code execution has been deemed unlikely. This issue has been tested on OpenArena, but should be present in all 28 games using the idTech3 (ioquake3) engine.” OpenSea took down the auction and listing after it was posted.
Beeple sold his "EVERYDAYS: THE FIRST 5000 DAYS" at a Christie's online auction, with the closing bid at $69,346,250. This is historical as it is the most expensive NFT sale to date! The piece that was sold, Everydays: The First 5000 Days, is a collage of Winkelmann’s work starting at the beginning of the project, when he was posting somewhat crude sketches. It runs through years of evolving digital shapes and sceneries up through the beginning of this year (2021), when he was posting extremely crude political illustrations.
A platform issuing social tokens had an incident whereby one of their hot wallet private keys were compromised, and the attacker sold all the social tokens for ETH (which dumped the markets for those social tokens) and moved the ETH to another address via TornadoCash. As soon as Roll became aware of the attack, their first priority was secure all the remaining tokens. They transferred all the remaining social money into their multisig and disabled all external withdraw transactions to ETH addresses. Beyond the 42 tokens above, the over 300+ tokens have not been affected. Those remain safe in their multisig. There are no additional tokens in the compromised hot wallet.
According to developers, Binance processed a legitimate deposit twice and credited the double funds offchain. The mistake occurred due to a reported bug in Filecoin’s RPC code.
"Uniswap v3 is the most powerful version of the protocol yet, with Concentrated Liquidity offering unprecedented capital efficiency for liquidity providers, better execution for traders, and superior infrastructure at the heart of decentralized finance." With the launch of v3, Uniswap announces as public bug bounty that awards $500k for critical bugs.
Around ~$1.4M worth of NFTs has been stolen from the largest NFT marketplace on Arbritrum due to a smart contract bug that allowed listed NFTs to be bought for free due to missing check for non-zero quantity. The fix was simple, to include a check to ensure quantity was greater than 0. Shortly after the bug began to be exploited, the marketplace was paused and transactions started to fail. John Pattern (CoFounder) made a statement shortly after the event stating they aim to make users whole.
A vulnerability in Optimism’s fork of Geth (which we refer to as L2Geth) was reported to us by Jay Freeman (AKA saurik) on February 2nd, 2022. If exploited, this vulnerability would allow anyone to mint an unbounded amount of ETH on Optimism. We confirmed the issue, implemented a fix, and upgraded our infrastructure within 3 hours. We then alerted infrastructure providers running Optimism, as well as other network operators who are using a fork of our software. All parties were running a patched version of L2Geth within 32 hours of the initial report. https://github.com/ethereum-optimism/optimism/blob/master/technical-documents/postmortems/2022-02-02-inflation-vuln.md
The Ethereum Foundation publishes vulnerability disclosures for execution & consensus layer clients. Through its Bug Bounty Program, which allows the Ethereum Foundation (EF) to coordinate and cross-check vulnerabilities across clients, the EF currently accepts vulnerability reports for Nimbus, Teku, Lighthouse, Prysm, Lodestar, Go Ethereum, Nethermind, Erigon and Besu. https://github.com/ethereum/public-disclosures
Whilst reading a blog post detailing a lend exploit post-mortem, Daniel finds that their patch introduced a new bug - they reported it to Bacon Protocol. The bug was patched.
Over ten million ETH (~$25B) was deposited into the Beacon Chain! The Beacon Chain was the name of the original proof-of-stake blockchain that was launched in 2020. It was created to ensure the proof-of-stake consensus logic was sound and sustainable before enabling it on Ethereum Mainnet. Therefore, it ran alongside the original proof-of-work Ethereum.
Stripe now supports crypto businesses: exchanges, on-ramps, wallets, and NFT marketplaces. Not just pay-ins but payouts, KYC and identity verification, fraud prevention, and lots more. https://stripe.com/gb/use-cases/crypto
Yuga Labs - the company behind BoredApeYachtClub NFT collection - announced that they have acquired the IP of the CryptoPunks and Meebits NFT collections from Larva Labs. With the acquisition, they plan to give NFT holders commercial rights.
After stealing $32M in ETH (value at the time) in July 2017, the hacker suddenly moves 990ETH of the stolen 153,000ETH into TornadoCash. 9 transactions depositing 100ETH and 9 transaction depositing 10ETH 0x92446eb937ec98842a146021002f605fdabbe9d9
The Bored Ape Yacht Club-affiliated cryptocurrency that promises to be the coin-of-choice for a new metaverse ecosystem being built out by Yuga Labs — the creators behind BAYC. The release of the coin, which came on the heels of Yuga Labs acquiring pioneering NFT collectible CryptoPunks, and was followed up by the announcement that Yuga Labs raised $450 million in venture capital funding, is a banner moment for the NFT space.
Conferencegoers at ETHDenver line up to ask Buterin questions after his keynote. Buterin didn’t predict the rise of NFTs, and has watched the phenomenon with a mixture of interest and anxiety. "With fees being the way they are today,” Buterin says, “it really gets to the point where the financial derivatives and the gambley stuff start pricing out some of the cool stuff.” The TIME cover has a picture of Vitalik with text saying "The prince of crypto has concerns. Ethereum creator Vitalik Buterin fights to fix the world he created" https://time.com/6158182/vitalik-buterin-ethereum-profile/
Thirty-two weeks after the EIP went live, two million ETH (value of $7B at the time of the event) has been burnt. Ethereum Improvement Proposal (EIP) 1559 is an upgrade that happened on August 5, 2021 to change how Ethereum calculates and processes network transaction fees (called "gas fees"). It requires that the network burn all Ether tokens used to pay base fees. This procedure will reduce the total supply of Ether tokens, making Ether more scarce and therefore more valuable.
Hackers managed to get access to private keys to validator nodes resulting in the compromise of five validator nodes, which is also the threshold required to approve a transaction. The Ronin chain currently consists of nine validator nodes and the hacker managed to get access to four of them along with a third-party validator run by decentralized autonomous organization (DAO) Axie DAO. According to reports, they compromised the network by scouting a senior engineer at Axie Infinity and duped them into applying for a job at a company that, in reality, did not exist. They infected the machine with an infected PDF file.
Silvergate is a US bank that shifted its business toward primarily serving crypto clients. Following the collapse of FTX, there have been concerns over Silvergate's exposure to the losses experienced within the crypto industry. Short sellers piled in, making Silvergate the most shorted stock in late February. Silvergate’s stock (SI) was trading at $13.53 at the closing bell Wednesday, but plunged as much as 31.7% on the tail of the news in after-hours trading, dipping well below $10.
Deposits and withdrawals have been paused during troubleshooting. The estimated time to return to normal operations is in the coming days. Rewards will not accrue while troubleshooting is ongoing. When normal operation resumes, retroactive rewards will be distributed. The security and safety of the protocol is paramount and the pausing of deposits and withdrawals is taken out of prudence. A full post-mortem will be shared in the coming weeks.
In light of recent industry and regulatory developments, Silvergate believes that an orderly wind down of Bank operations and a voluntary liquidation of the Bank is the best path forward. The Bank’s wind down and liquidation plan includes full repayment of all deposits. The Company is also considering how best to resolve claims and preserve the residual value of its assets, including its proprietary technology and tax assets.
According to chatter, U.S. banking giant JPMorgan (JPM) is ending its banking relationship with Gemini, the cryptocurrency exchange owned by Cameron and Tyler Winklevoss, according to a person familiar with the situation. JPMorgan entered a relationship with Gemini in 2020, three years later they cut ties. Some hours later, Gemini issues a statement on Twitter stating "Despite reporting to the contrary, Gemini's banking relationship remains intact with JPMorgan."
Approximately 40k $BTC from wallets associated with US Government law enforcement seizures are on the move. Of these, the majority appear to be internal transfers (so far), however approximately 9,861 $BTC seized from the Silk Road hacker have been sent to a Coinbase cluster.
As LayerZero built a bridge and gave economic value to Goerli ETH, this address 0x46a...669ce saw the opportunity to liquidate their Goerli ETH holdings to pickup a Crypto Punk for 72.72ETH. The address received 1,000,000 Goerli ETH a year prior and starting bridging Goerli ETH to mainnet a day before they bought the punk.
In a lawsuit against KuCoin, NYAG states "Buterin and the Ethereum Foundation retain significant influence over Ethereum and are often a driving force behind major initiatives on the Ethereum blockchain that impact the functionality and price of ETH" This caused a drop in ETHUSD price by 8.92%.
Sushi DAO and Head Chef Jared Grey were served with a subpoena by the U.S. Securities and Exchange Commission Grey proposed creating a "Sushi DAO Legal Defense Fund" in a forum post, saying it would "cover legal costs for core contributors." The proposal recommends making $3 million in tether (USDT) available for core contributors, with another $1 million worth of USDT available in case the initial $3 million are used up.
The first transaction on Polygon zkEVM with transaction data reading "A few million constraints for man, unconstrained scalability for mankind". Vitalik signed and broadcasted this transaction on a livestream with a gas limit of 69042. The transaction occurred in block 178.
Crypto exchange Binance and its CEO Changpeng "CZ" Zhao have been sued by the Commodity and Futures Trade Commission (CFTC). Bitcoin (BTC) has fallen about $1,000 on the news, now trading at $26,800.