Ethereum Constantinople is a hard fork of the Ethereum blockchain designed to lay the groundwork for huge scaling improvements.
Originally scheduled for Wednesday 16th January, Ethereum Constantinople has been delayed by developers. A vulnerability was found in the code that could have been exploited by hackers, putting funds at risk.
In a blog on Ethereum.org, the team explained: “Out of an abundance of caution, key stakeholders around the Ethereum community have determined that the best course of action will be to delay the planned Constantinople fork.”
The delay is temporary while developers work towards a solution.
What is Ethereum Constantinople?
The hard fork is part of Ethereum’s long-term scaling road map. Ethereum has long suffered congestion problems which results in high fees and slow transaction times when the network is busy.
The Ethereum team is working on several scaling projects including off-chain solutions, sharding, and, ultimately, a switch to “Proof of Stake” algorithm. Together, these changes should result in significantly higher speeds and lower costs.
However, upgrading the network while operational is like changing the engine in a moving car. The Ethereum team need to lay the technical groundwork before the big changes can happen.
That’s where Ethereum Constantinople comes in. It implements a series of maintenance upgrades that facilitate enormous scaling in the future.
What’s in the upgrade?
Ethereum Constantinople will implement five ethereum improvement proposals (EIPs). They are as follows:
EIP 145 – Will result in a 91.4% saving in Ethereum gas costs through more efficient information processing methods. It relates to a process known as Bitwise shifting and requires the introduction of a native operation on the Ethereum Virtual Machine (EVM).
EIP 1052 – Makes it cheaper to process large smart contracts that only require a hash. More specifically, this functionality returns the keccak256 hash of a contract’s bytecode. It improves upon the design of the EXTCODECOPY opcode.
EIP 1283 – This proposal aims to help smart contract developers by reducing gas costs related to changes made to data storage.
EIP 1014 – Introduces some off-chain transaction solutions to improve scaling possibilities.
EIP 1234 – Delays the “difficulty bomb” and reduces the mining reward from 3 ETH down to 2 ETH.
Of the proposals above, only the last one is considered controversial. Ethereum’s difficulty bomb is designed to make it progressively more difficult to mine Ethereum. At a certain point, it will become almost impossible, forcing the switch from “proof of work” to “proof of stake.”
The proposal exists to de-incentivize miners by not only making it more difficult to mine but by reducing the reward too.
Despite the controversial proposal, mining pools were generally on board with the upgrade. We were not expecting a contentious fork or competing chains.
Ethereum Constantinople Delayed
On Tuesday 15th January, Ethereum developers announced a delay to the upgrade. The decision involved Ethereum founder Vitalik Buterin and other prominent Ethereum developers.
A new date for the upgrade will be discussed on Friday 18th January.
A Critical Vulnerability Discovered
A vulnerability was discovered in one of the proposals (EIP 1283) by ChainSecurity, a smart contract auditing company.
The vulnerability would have enabled a “reentrancy attack” against smart contracts similar to the 2016 DAO hack which saw $70 million in ethereum stolen.
A reentrancy attack means a manipulative actor could theoretically ask the smart contract to perform a specific function multiple times before the contract is executed or anyone is notified. It means an attacker could keep withdrawing money almost endlessly.
In a detailed Medium post, Chain Security explains:
“The upcoming Constantinople Upgrade for the ethereum network introduces cheaper gas cost for certain SSTORE operations. As an unwanted side effect, this enables reentrancy attacks when using address.transfer(…) or address.send(…) in Solidity smart contracts. Previously these functions were considered reentrancy-safe, which they aren’t any longer.”
Is Ethereum at risk now?
ChainSecurity concluded that the current Ethereum blockchain is currently at risk:
“A scan of the main ethereum blockchain using the data available from eveem.org did not uncover vulnerable smart contracts.”
At the time of writing, the Ethereum Constantinople upgrade is delayed with a new launch date to be discussed on January 18th.