Ethereum’s latest testnet upgrade, Pectra, ran into unexpected issues after its deployment on Sepolia. The upgrade, which went live on March 5, encountered errors almost immediately.
According to Ethereum developer Marius van der Wijden, the team noticed error messages on their geth node and observed empty blocks being mined.
Sepolia Testnet Faces Errors As Attacker Exploits Edge Case
The problem stemmed from the deposit contract triggering the wrong event.
Instead of recognizing a deposit event, it mistakenly registered a transfer event. A fix was introduced, but a missed edge case left room for an unknown attacker to exploit the system.
Attack Exploits a Weakness
A user took advantage of the vulnerability by sending a zero-token transfer to the deposit address. This action retriggered the error, leading to the mining of more empty blocks.
Van der Wijden explained that the team initially thought a trusted validator had made a mistake. However, they later discovered that the transaction came from a newly created account funded by a faucet.
The ERC-20 token standard does not prevent zero-token transfers. This meant that even users without any actual tokens could still send transactions. The attacker leveraged this loophole, worsening the issue.
Also Read: Nasdaq-Listed Bionexus Gene Lab Becomes The First To Add Ethereum (ETH) To Firm’s Treasury
A Silent Fix to Stop the Attack
The team filtered out all transactions interacting with the deposit contract to counter the attack. They implemented a private fix and deployed it on select DevOps nodes.
Van der Wijden revealed that they chose not to publicly disclose the fix, suspecting that the attacker was monitoring their communications. Instead, they quietly updated a few nodes they controlled to restore normal block production.
Despite the disruption, Ethereum developers confirmed that the network never lost finalization. The issue remained isolated to Sepolia because it used a token-gated deposit contract, unlike the standard deposit contract on Ethereum’s mainnet.
Previous Issues on Holesky and Delayed Upgrade
Pectra had already encountered problems when tested on the Holesky testnet on February 26. Given the repeated issues, Ethereum developers have decided to delay the upgrade until further testing ensures stability.
Meanwhile, Ethereum’s price has taken a hit. As of now, ETH is trading at $2,066.45, marking a 5.48% drop in the last 24 hours. However, trading activity has surged, with the 24-hour trading volume jumping by 121%.
The Pectra upgrade is a crucial step for Ethereum as it faces increasing competition from other blockchains. It promises improvements in speed and usability. However, these recent setbacks highlight the challenges of rolling out major upgrades on a decentralized network.
Developers are now focusing on refining the upgrade before its mainnet launch. Ensuring a smooth transition is key to maintaining confidence in Ethereum’s future.