On April 26th, Arbitrum R & D team Offchain Labs announced that it had disclosed to the OP Labs team two serious security bugs found on the Optimism testnet on March 22nd. These vulnerabilities exist in the Optimism fraud proof system deployed by OP Labs. Offchain Labs provided the OP Labs team with demo exploit code for the attack. On March 25th, OP Labs confirmed the validity of these two issues, and the two parties coordinated the vulnerability disclosure time.
OP Labs has asked Offchain Labs not to publicly disclose the vulnerabilities until they are resolved. The Optimism testnet was updated late yesterday (April 25), and today Offchain Labs first disclosed the vulnerabilities. These vulnerabilities allow a malicious party to force the OP Stack fraud proof mechanism to accept the fraudulent chain history, or prevent the OP Stack fraud proof mechanism from accepting the correct chain history. These issues stem from a flaw in the OP fraud proof design in handling timers.
Offchain Labs publicly discloses two critical vulnerabilities in OP Stack fraud proofs
2024-04-26 13:55:58
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
Offchain Labs公开披露OP Stack欺诈证明中的两个严重漏洞Next article:
专注于物联网的零信任DePIN网络Staex完成战略轮融资
