Optimism, the group behind the Ethereum Layer 2 scaling project, has reportedly encountered a bug on the Geth fork. According to the latest report, the startup has spotted this issue earlier this month, where the threat actors were able to create "infinite" ETH.
iOS Jailbreak Dev Discovers Critical Bug
According to a report by CoinTelegraph, the Optimism team has previously said that the critical bug in early February has undergone a patch in the same month.
The scheme has a special place for the hackers since they could reproduce ETH on their accounts without restrictions. They could multiply its numbers in any way they like.
However, Jay Freeman, an iOS jailbreak software developer from Cydia has uncovered this mess quickly. In his tweet on Thursday, Feb.10, he said that he discovered and reported the said bug which has been fully patched by Optimism.
Last week, I discovered (and reported) a critical bug (which has been fully patched) in @optimismPBC (a "layer 2 scaling solution" for Ethereum) that would have allowed an attacker to print arbitrary quantity of tokens, for which I won a $2,000,042 bounty. https://t.co/J6KOlU8aSW
— Jay Freeman (saurik) (@saurik) February 10, 2022
After finding a solution to the issue, Freeman added that he won a $2,000,042 bounty for disclosing the critical bug.
Furthermore, he wrote on his blog that the hackers were able to exploit ETH by replicating the money on any chain. This is done by deploying the "OVM 2.0" fork for the go-ethereum.
According to the article, what Freeman received was by far one of the "biggest" bounties to be awarded for the bug fix.
Related Article: OpenSea Bug Leads to NFT Lowballing, Almost 'Stealing' Tokens with Million-Dollar Value
Optimism Says 'No Usable Excess' Was Generated
Regarding the issue, Optimism said that the bug has allowed the hackers to "repeatedly" prompt the "SELFDESTRUCT" opcode on the contract where the ETH balance was contained.
In another blog post, but this time by the team, Etherscan staffer has accidentally activated the bug. However, at that time, there was no usable excess generated during the incident.
Optimism also noted that there's no exploitation recorded for the bug except for the above mentioned regarding the staffer from the ETH data startup.
"A fix for the issue was tested and deployed to Optimism's Kovan and Mainnet networks (including all infrastructure providers) within hours of confirmation," Optimism said.
The group also thanked Alchemy, Infura, and QuickNode for quickly responding to the critical bug.
In late 2021, Optimism limited access to its network. With that being said, only projects including Synthetix and Uniswap can gain access to it.
Looking on the brighter side, this would allow the developers to easily fix bugs and remove them right away in the system.
Another Big Bounty to See
In a similar report by CoinTelegraph, the recent bounty that Optimism gave to the iOS jailbreak developer was only one of the largest, but not the biggest. Recently, MakerDAO said that it would hand a $10 million max bounty to any developer or person who can find malicious threats in its smart contracts.
While some bugs are bad to deal with, another bug has resulted in a mixed emotion among investors. Back in December, Tech Times reported that a Coinbase bug allowed other users to become instant billionaires.
While the platform saw that there were inflations in the non-tradeable crypto assets, it clarified that the absurd amount was only a part of a display issue and not the actual trading.
Elsewhere, about $100 million were reportedly stolen in Liquid, a Japanese crypto exchange last August 2021.
Read Also: WTF Token Airdrop: Bots Reportedly Drained $180,000 From ETH Users
This article is owned by Tech Times
Written by Joseph Henry
