Major Issues With Ethereum’s Security; Interview With YourBTCC COO
The Ethereum network has been experiencing several intense Denial-of-Service attacks that have delayed a substantial amount of smart contract settlements and transactions. The inability of the Ethereum development team to mitigate the attacks have placed a heavy burden on developers and decentralized application operators.
Over the past few months, various experts have used the phrase “built on sand” to describe the state of the Ethereum network’s structure and infrastructure. Some respected figures like Adamant Research Chief Editor Tuur Demeester stated that the low-security levels of Ethereum are the direct result of the development team’s initial decision to prioritize flexibility and functionality over security.
In an exclusive interview with YourBTCC COO Samson Mow, BTCManager looked into the implications of hard forks in an attempt to resolve these security measures and how Ethereum may continue to remain insecure without proper fixes.
After a month of a series of Geth and Parity updates, the Ethereum Foundation announced the execution of yet another hard fork, dubbed EIP150, to counterbalance gas costs on the network. “Gas” in Ethereum is the term used to measure the amount of work put in when an action is performed on the network.
In an awkward turn of events, Ethereum co-founder Vitalik Buterin stated that the foundation will execute another hard fork after the implementation of EIP150, as a solution to short-term issues.
However, major exchanges including Coinbase voiced their stance on the follow-up hard fork, emphasizing that the Coinbase development team is only willing to support one hard fork at a time to avoid acceptance of a split chain following EIP150.
“Please be advised that Coinbase will support only one fork of the ETH protocol which we determine, at our sole discretion, best reflects the consensus approach. We will not support any other fork of the ETH protocol,” the Coinbase team announced.
In an interview with BTCManager, Samson Mow further noted the hardship of exchanges upon the execution of hard forks, as it leads to various major updates and overhauls of platform infrastructure. Although an increasing number of Ethereum supporters and users expressed their concerns for developers, Mow explains that exchanges are forced to carry the burden of network instability.
“I would be more worried about exchanges than developers getting tired of the major changes. Developers for Ethereum should be more tolerant having to update but for an exchange, the constant updates, often with little notice, are very problematic.”
Mow also addressed the overall instability of the Ethereum network and its inability to handle serious DoS attacks amongst other bugs.
Since early September, when attacks were first revealed, the explanations of the Ethereum Foundation and development team remain identical, in that ongoing attacks will make the network more resilient to more powerful attacks in the near future.
In various interviews, Ethereum Foundation members and developers including Taylor Gerring stated that both soft and hard forks designed to prevent attacks will make the Ethereum more resilient and robust in terms of security and network stability.
“Because the Ethereum community has generally been handling issues with aplomb, I’m cautiously optimistic that the end result will be a more resilient network both in technology and preparedness,” Ethereum developer Taylor Gerring said in a recent interview.
However, Mow, who fully understands that attacks may help the network to build additional short-term security measures, states that the issue with Ethereum’s security lies with the network’s structure and the development team’s decision to focus on flexibility and functionality, rather than security.
In any cryptocurrency or decentralized networks, security must be the sole priority. Even if a network is flexible enough to support various innovative applications and smart contract-based operations, without proper security measures, it will continue to suffer from delays and transactional errors.
Highlighting the large attack surface for Ethereum, Mow added:
“The bigger issue is that Ethereum has a huge attack surface. Yes, attacks will reveal flaws and as they are fixed, it will become more resilient, but the issues that are surfacing indicate to me that the devs are not testing and reviewing code enough. Ethereum will remain insecure unless the devs slow down and focus more on security rather than trying to innovate for the sake of innovation.”
Ultimately, the question exchanges, users, and developers should ask is, will the Ethereum development team comply and begin to focus on security? Or remain their stance on flexibility and functionality.