Back on Tuesday, Ehereum core developers announced on Twitter that the Constantinople upgrade was going to be postponed for a few weeks due to security reasons. The official release date for this network upgrade was January 16.
According to ChainSecurity, a smart contract security company, there were potential vulnerabilities in one of the codes that Constantinople wanted to implement.
[SECURITY ALERT] #Constantinople upgrade is temporarily postponed out of caution following a consensus decision by #Ethereum developers, security professionals and other community members. More information and instructions are below. https://t.co/p2znO8HGxf
— Ethereum (@ethereum) January 15, 2019
Malicious individuals could have performed a reentrancy attack in which hackers can use the code and simulate a treasury sharing service. These attacks happen when there is a smart contract that communicates with an external smart contract. If the external entity is malicious, it could take advantage of the call function and control the smart contract.
That means that the malicious attacker could just simply modify a few code lines and steal users’ funds in a very easy way. At the same time, ChainSecurity commented that the cheaper gas costs increase the possibilities of this attack.
In a recent blog post, Ethereum developers commented:
“Because the risk is non-zero and the amount of time required to determine the risk with confidence is longer the amount of time available before the planned Constantinople upgrade, a decision was reached to postpone the fork out fo an abundance of caution.”
Vitalik Buterin explained that this vulnerability does not mean that the code is flawed.
Ethereum is currently the third largest digital asset in the market after Bitcoin (BTC) and XRP. At the time of writing this article, ETH has a market capitalization of $12.87 billion and each coin can be purchased for $123.