Ethereum: dangerous bug discovered on Optimism

A few days ago, renowned hacker Jay Freeman, aka Saurik, discovered a dangerous bug in the nano payment protocol used by Ethereum’s second layer Optimism. 

Last week, I discovered (and reported) a critical bug (which has been fully patched) in @optimismPBC (a "layer 2 scaling solution" for Ethereum) that would have allowed an attacker to print arbitrary quantity of tokens, for which I won a $2,000,042 bounty. https://t.co/J6KOlU8aSW

— Jay Freeman (saurik) (@saurik) February 10, 2022

The bug on Optimism, Ethereum’s second layer

Exploiting the bug would have allowed a malicious user to create unlimited amounts of tokens. 

Saurik decided not to exploit this bug, but to report it directly to Optimism, which then corrected the flaw. The problem is now fixed, and Freeman claims to have received a reward of more than two million dollars. 

The bug could be exploited on any chain connected to Optimism, using the “OVM 2.0” fork of go-ethereum (l2geth).

The danger of the Optimism bug

Optimism currently uses a centralized “sequencer”, so they were able to act quickly both to fix the bug on their own nodes and infrastructure, and to deploy interventions on downstream projects using their code base (Boba and Metis).

Saurik named this bug “Unbridled Optimism”, revealing that it affected the virtual machine running smart contracts on Optimism. Exploiting this bug, one could have access to an effectively unlimited number of IOU tokens, and in particular OETH tokens, which could then be exchanged for ETH on a regular basis. 

These transactions could have been carried out on a decentralized exchange, where it would have been literally impossible to block or cancel them. 

The fact is that if it had been exploited, the attacker could’ve been able to manipulate the markets by buying huge amounts of real ETH at zero price until someone realized something was wrong. In addition, those who sold their ETH in exchange for e.g. OETH created out of thin air by the attacker, would find themselves with a token in their portfolio of very close to zero value. 

Saurik said: 

“This makes this bug capable of economic griefing attacks, wherein once someone notices—even if it is a mere hour later!—it might be “too late” to unravel what is and what isn’t a legitimate transaction, calling into question the entire ledger”.

As such, the bug in fact did not only affect Optimism, but could have had serious repercussions for legitimate crypto markets as well, and in particular decentralized exchanges, even if they were not directly affected. 

It must be remembered that second layers on Ethereum have not been widely used for a long time, so it is possible that some bugs still exist.