Geth, the most renowned software client of Ethereum, has provided a hotfix to the threatening security challenges in its code. The news was posted on Tuesday at 07:08 UTC to GitHub. However, the details of the terms were not disclosed immediately.
The release is titled Hades Gamma (V1.10.8); it was posted to Ethereum GitHub on Tuesday at about 07:08 UTC.
According to one of the posts on the release page, it didn’t disclose the details of the vectors, including their fixes. This would have allowed the dependent downstream projects and node operators to update their software and nodes.
A report from Ethernodes.org states that close to 75% of all the nodes on the Ethereum blockchain run Geth. Therefore, these users are advised to upgrade to Geth V.1.10.8, the updated version, immediately.
Guido Vraken Discovering The Bug In Ethereum
A software developer Guido Vraken announced on August 18th that he had discovered the bug. Guido Vraken is a scientist who specializes in discovering open-source software code vulnerabilities.
He is also interested in scientific works, product development and validation, regulatory matters, and teaching. Guido Vraken is a graduate of the University of Ghent and a volunteer at Natuurpunt.
As stated earlier in the GitHub security advisory post, Geth’s vulnerability can make a node unable to execute Ethereum blocks.
The Ethereum experienced a temporary split on its chain during the last Geth code’s fix for a software bug. The split resulted from communication lapses from Geth developers regarding the bug, which was a deliberate act.
However, several computers known as ‘nodes’ don’t bother to customize their Geth users to the normal implementation. This led to a consensus failure in the blockchain, as recorded in November 2020.
Geth Developers Take On The Latest Version
In a blog post, the Geth developer team mentioned that not exposing the security vulnerability is backed by some reasons. First, the act delays all potential attacks on intending node operators that require more time to migrate to the newest version.
Now, Geth developers emphasize how urgent it is for all their software users to migrate to the latest version. However, their formal August 18th announcement didn’t explicitly describe the vulnerability nature and form.
One of the Geth developers, Péter Szilágyi, stated his opinion while tweeting about the code release on Tuesday. He said that “People were not happy with our hotfix last time; they noted that we didn’t make the announcement. So we have decided to do it differently this time; let’s know the one that works better,” – he added.
Infura and other major Etherum-based wallets and services have pledged their support for this latest Geth release. They publicly made this announcement on Twitter.