- The expectation is growing around Ethereum’s transition from Proof of Work (PoW) to Proof of Stake (PoS).
- Any incorrect execution of a smart contract in some application hosted on the network could leave users in a very vulnerable situation.
- There are other risks associated with The Merge, which analysts are looking at as the excessive accumulation of power by some “builders.”
As the Ethereum software update scheduled for mid-September approaches, anticipation is growing about what could happen on that day. It may be that nothing happens as the team behind The Merge foresees, or that any situation that puts the network in danger occurs.
In the cryptosphere there is an environment similar to the one the world experienced at the turn of the millennium known as the Year 2000 Problem or Y2K. All kinds of dire predictions surfaced about computer systems and true chaos that would prevent planes from landing and drive traffic lights crazy.
In the end, nothing happened and the computers registered in the year 2000 without a problem. The same thing is likely to happen with the Ethereum network upgrade. But nothing is certain, nor are there infallible systems. However, the final Ethereum (Goerli) proof-of-stake test was conducted on August 11 and ended successfully.
“It’s Going to Be a Very Bumpy Ride”
The Ethereum upgrade involves moving from Proof-of-Work (PoW)-based mining to Proof-of-Stake (PoS), the purpose of which is to reduce excessive energy consumption. Furthermore, it will create new participants in the blockchain ecosystem, called “builders.”
This transition, which promises to create a milestone in the crypto industry, should be smooth and seamless. It would not even be perceived by the users of Ethereum, the most important blockchain in the world from a commercial point of view. However, many companies and users are taking their forecasts.
The Ethereum network hosts around 3,400 applications, each of which has very fluid trading, which could be affected if an exploit or failure occurs during the process of implementing the new software.
“You know there will be those edge cases that will be interesting and exploitable. One thing I can guarantee, it’s going to be a very bumpy ride," said Toby Lewis, CEO of blockchain analytics firm Novum Insights. In addition, it is not the first time that Ethereum has suffered from hacking and failures since its launch in July 2015. A year after its launch on the occasion of the first network update, hackers launched a siege that lasted for weeks. Using replay attacks, they replicated the transactions to steal the digital currencies.
As a result, the Yunbi cryptocurrency platform lost about 40,000 Ethereum Classic tokens. Since then, the developers have strengthened the security levels of the network to prevent further incidents.
For the next update, all security measures have been taken. However, if on the day of the merger, hackers manage to detect any flaw in a smart contract made by any of the hundreds of existing applications, they could attack the network.
The director of blockchain assurance engineering at Trail of Bits, Josselin Feist, warns that this could happen and the consequences for users and DeFi companies would be catastrophic.
To avoid imponderables and minimize the chances of problems on the day of the merger, companies such as Coinbase (NASDAQ:COIN) Global Inc. have already announced that they will pause their trading activities based on the Ethereum network. Other trading platforms and DeFi applications are expected to follow suit.
On the Flipside
- The companies are adopting strong security measures after certain flaws detected in the final test of the merger.
- Because not all validators were in sync with each other that day, there were some issues with order blocking.
If these problems occur again, it may be necessary to temporarily pause the network, said DappRadar’s head of research, Pedro Herrera, quoted by Bloomberg. In such a circumstance, users who are performing a trade settlement might not be able to stop the process in time.
However, what generates more fear is that during the merger process, branches of the Ethereum network will appear. A fork in the chain is capable of creating a replica of the Ethereum ecosystem, that is, copies of cryptocurrencies, NFTs, and applications.
For example, those who own an Ether token on the Ethereum network would receive an additional EtherPOW token on a forked blockchain. Similarly, when other users try to download POW cryptos, hackers could enter the network and cause replay attacks.
As Justin Sun, an investor in crypto platform Poloniex and founder of the Tron blockchain, warns, “replaying attacks are possible during the Merge as the network becomes less secure and more vulnerable to attacks when forks happen".
Why You Should Care
- Experts advise users who wish to transact on upgrade day to consider using alternative blockchains and taking additional security measures.
DappRadar's Herrera warns users: "if you want to play with your POW assets, move them to another wallet, so there’s no way for an attacker to replay the transaction."
"I don’t expect replay attacks to be a significant problem, if they occur at all," said ConsenSys senior product manager Ben Edgington. Perhaps the merger of the Ethereum network scheduled for September 15 or 16 by the developers will not be more than a great concern without consequences. The real risks of the Ethereum upgrade could lie elsewhere.
There is a well-founded fear among some blockchain analysts that a few “builders” will amass a lot of power after the upgrade happens. Uri Klarman, CEO of BloXroute Labs, believes that the new mechanism to mine Ether (ETH) will end up burying the decentralization of the network.
The risk is that platforms like MetaMask, which handle a very large volume of business and where users buy, sell and trade cryptocurrencies, become a “kingmaker,” Klarman warned.
Read more on this topic:
Coinbase Will Be A ‘Meaningful’ Beneficiary of the Ethereum Mainnet Merge, JP Morgan