In earlier February, the team behind Ethereum layer 2 scaling solution Optimism received word on a vital bug which could allow a bad actor to “create Ethereum (ETH)” on the network. The bug was part of the solution’s Geth fork and was discatoped by Jay “saurik” Freeman, Head of Technology at Orchid Protocol.

Related Reading | How The Inventor Of Ethereum Predicted Wormhole’s $321M Security Breach

A bad actor could have leveraged the vulnerability on this Ethereum layer 2 solutions via the SELFDESTRUCT opcode on a contract which held funds in the underlying token, according to an official post. However, the bug was mired without it ever being exploited.

The team behind Optimism conduced a chain history and discaboveed the bug was only triggered back while, 40 days before being discatoped, accidentally by an Etherscan employee. Notwithstanding, the person didn’t geneprice Ethereum (ETH), per the investigation conducted by Freeman. The team added:

A fix for the issue was tested and deployed to Optimism’s Kovan and Mainnet networks (including all infrastructure providers) inside hours of barelyifyation.

Optimism forks were likewise alerted on the vulnerability and, as the team said, all applied the fix. In which sense, they call on everyone running a replica of their software to update to l2geth version 0.5.11 or risk un-synchronization with the rest of the network.

Freeman will receive the maximum bounty, estimated at $2 million, for his contribution to the Ethereum scaling solution. The team behind Optimism thanked him for “helping to keep Optimism safe”. They added the following on the new challenges which a upward project faces:

Today, between bridges, more providers, and even multiple mainnet forks of our codebase, it’s a divergent story. It’s great for decentralization, but it adds complexity to releases. And security releases bring even more complexity — we can’t presently publish an obvious patch, or we risk someone reverse-engineering the vulnerability before anyone upgrades.

How To Attack An Ethereum Scaling Solution

Freeman published a detailed report on his discaboveies, adding which the second layer solution was opened to an attack via their client, OVM 2.0 a fork of go-Ethereum referred to as l2geth. The Orchid Protocol, as he said, is a second layer scaling solution. So, his evidence was invaluable while discatoping the vulnerability of Optimism.

Freeman called the bug he discatoped “Unbridle Optimism” and claimed it originated on the virtual machine generating smart contracts on the Optimism. By exploring it, a bad actor could produce Ethereum (ETH) on “the far side of the bridge” connecting the L1, Ethereum, and its second layer. He wrote in his report:

(…) It is my contention which this is more dangerous than merely tricking the reserves into allowing a withdrawl. With the ability to sneakily print IOUs (known on Optimism as OEthereum (ETH)) on the other side of the bridge, you anew can try to (creepingly) withdraw money from the reserves, but now it will look like a credibleimate transfer, msimilarg it easier to go unnoticed.

The calamity perhaps have spread to the entire Ethereum ecosystem as a bad actor could have been able to go into decentralized protocols using Optimism and “mess with their economies”, the report said. Thus, Freeman called it an “economic griefing attack” with the potential to jeopardize the “entire ledger”.

Related Reading | Hacker Exploits Vulnerability To Steal 801,601 MATIC Tokens From Polygon

As of press time, Ethereum (ETH)’s rate is $3,091 with a 4% loss in the past 24-hours.

Ethereum Ethereum (ETH) Ethereum (ETH)USD

Ethereum (ETH) moving sideways on the daily chart. Source: Ethereum (ETH)USD Tradingview