The developers of layer two solution for scaling Ethereum Optimism have just fixed a critical vulnerability.
The vulnerability was discovered by programmer Jay Freeman in the code of a fork of the Geth client for Optimism. According to him, the vulnerability allowed the creation of ETH in the protocol by repeatedly triggering the SELFDESTRUCT function.
The Optimism team was informed about the vulnerability by Freeman on February 2. Thanks to the discovery, he has received $2,000,042, the maximum reward under the protocol's bounty program.
Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.
Retrospective analysis has shown the vulnerability had not been exploited, except for the accidental activation of Ethereum's Etherscan scanner by an employee. The coins were not issued.
The project team has reported:
"A fix for the issue was tested and deployed to Optimism’s Kovan and Mainnet networks (including all infrastructure providers) within hours of confirmation."