{"id":43467,"date":"2021-05-31T14:41:12","date_gmt":"2021-05-31T11:41:12","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=43467"},"modified":"2025-08-31T03:48:52","modified_gmt":"2025-08-31T00:48:52","slug":"ethereum-developers-uncover-vulnerability-in-eip-1559","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/ethereum-developers-uncover-vulnerability-in-eip-1559\/","title":{"rendered":"Ethereum Developers Uncover Vulnerability in EIP-1559"},"content":{"rendered":"<p>Ethereum developers identified a vulnerability in the EIP-1559 proposal that could lead to network congestion, Tim Beiko of the Ethereum Foundation said.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We started with a lot of action as <a href=\"https:\/\/twitter.com\/mhswende?ref_src=twsrc%5Etfw\">@mhswende<\/a> identified an issue in EIP-1559 yesterday where the new fields introduced in transactions (maxFee &#038; maxPriorityFee) did not have an explicit cap. This meant that an attacker could create arbitrarily large transactions.<\/p>\n<p>\u2014 Tim Beiko | timbeiko.eth \ud83e\udd87\ud83d\udd0a (@TimBeiko) <a href=\"https:\/\/twitter.com\/TimBeiko\/status\/1398329819905945606?ref_src=twsrc%5Etfw\">May 28, 2021<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The EIP-1559, introduced in 2018, <a href=\"https:\/\/finematics.com\/ethereum-eip-1559-explained\/#:~:text=EIP%201559%20describes%20changes%20to,by%20Vitalik%20Buterin%20in%202019.&#038;text=The%20current%20fee%20model%20is,their%20space%20in%20a%20block.\">describes changes to<\/a> burning part of transaction fees and helps reduce volatility in gas prices. The proposal also allows users to pay miners tips to speed up transaction confirmations.<\/p>\n<p>Developer Martin Holst Svende found that EIP-1559 does not impose any cap on the maximum amount of such payments. This could allow an attacker to introduce an absurdly large sum to overwhelm the network, even if they have no funds to pay.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cBefore EIP-1559 this was not possible, because if you want to create a transaction with a huge gas price, you effectively need to hold the specified amount of ETH. If your transaction is included in a block, you will pay that amount,\u201d Beiko explained.<\/p>\n<\/blockquote>\n<p>Developers fixed the vulnerability by adding code proposed by Svende. Some clients have already implemented the solution.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\">\n<p lang=\"en\" dir=\"ltr\">Luckily, the fix for this is quite simple, as suggested by Martin here: <a href=\"https:\/\/t.co\/x3W62DVcsi\">https:\/\/t.co\/x3W62DVcsi<\/a> <a href=\"https:\/\/t.co\/OhNS6tLqQH\">pic.twitter.com\/OhNS6tLqQH<\/a><\/p>\n<p>\u2014 Tim Beiko | timbeiko.eth \ud83e\udd87\ud83d\udd0a (@TimBeiko) <a href=\"https:\/\/twitter.com\/TimBeiko\/status\/1398330582350712838?ref_src=twsrc%5Etfw\">May 28, 2021<\/a><\/p><\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The controversial EIP-1559 has gained support from developers and users, but <a href=\"https:\/\/u1f987.com\/en\/news\/ethereum-miners-split-into-two-camps-over-eip-1559\">divided miners into two camps<\/a>. <\/p>\n<p>Opponents of the proposal, including the mining pools SparkPool and Ethermine, which jointly control 44.8% of the network&#8217;s hashrate, sought to concentrate <a href=\"https:\/\/u1f987.com\/en\/news\/ethereum-miners-to-stage-protest-against-eip-1559\">more than 51% of computing power<\/a> in the latter. However, their attempt failed. <\/p>\n<p>EIP-1559 <a href=\"https:\/\/u1f987.com\/en\/news\/ethereum-eip-1559-included-in-july-london-hard-fork-despite-miners-opposition\">will become part of the London hard fork<\/a>, scheduled for July 2021. <\/p>\n<p>In May, developers <a href=\"https:\/\/u1f987.com\/en\/news\/ethereum-operated-for-two-years-with-a-dos-exploit-that-could-take-the-network-offline\">disclosed information about a vulnerability<\/a> that allowed a DoS attack on the Ethereum blockchain. The bug was discovered in March 2019, but could only be fixed in April 2021. <\/p>\n<p>Subscribe to ForkLog updates on <a href=\"https:\/\/vk.com\/forklogcom\" target=\"_blank\" rel=\"nofollow noopener\">VK<\/a>!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ethereum developers identified a vulnerability in the EIP-1559 proposal that could lead to network congestion.<\/p>\n","protected":false},"author":1,"featured_media":43468,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1301,46],"class_list":["post-43467","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-blockchain-vulnerabilities","tag-ethereum"],"aioseo_notices":[],"amp_enabled":true,"views":"16","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/43467","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=43467"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/43467\/revisions"}],"predecessor-version":[{"id":43469,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/43467\/revisions\/43469"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/43468"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=43467"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=43467"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=43467"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}