Abstract: Inaccurate implementation of BLOCKHASH can set off a sequence reorganisation resulting in consensus issues
Affected configurations: All geth variations as much as 1.1.3 and 1.2.2. All eth variations previous to 1.0.0.
Probability: Low
Severity: Medium
Impression: Medium
Particulars: Each C++ (eth) and Go (geth) shoppers have an faulty implementation of an edge case within the Ethereum digital machine, particularly which chain the BLOCKHASH instruction makes use of for retrieving a block hash. This edge case could be very unlikely to occur on a dwell community as it could solely be triggered in sure forms of chain reorganisations (a contract executing BLOCKHASH(N – 1) the place N is the top of a non-canonical subchain that’s not-yet reorganised to turn into the canonical (finest/longest) chain however can be after the block is processed).
pyethereum is unaffected.
Results on anticipated chain reorganisation depth: none
Remedial motion taken by Ethereum: Provision of hotfixes as under.
Geth:
PPA: sudo apt-get replace then sudo apt-get improve
Brew: brew replace then brew reinstall ethereum
Home windows: obtain the up to date binary from https://github.com/ethereum/go-ethereum/releases/tag/v1.2.3
Constructing from supply:
git fetch origin && git checkout origin/grasp
Eth:
PPA: https://gavofyork.gitbooks.io/turboethereum/content/chapter1.html