Week in Ethereum News

Eth News and Links

Mainnet execution layer

• Consensus bug (CVE-2021-39137) exploited causing a small chain split for those who did not update their Geth nodes as instructed:
  • Most miners had already updated and the incorrect minority chain was short-lived
  • Update now to Geth v1.10.8 and Erigon v2021.08.04 (or later)
  • Exploit explainer: pointer to contract’s memory was overwritten (pointers are confusing)
  • Impacts Geth based EVM networks (sidechains and Layer2)
• Geth removing deprecated RPC flags, update command line flags to use http instead
• 100,000 ETH burnt with EIP1559 since London upgrade
• Execution layer client teams granted $1.5 million from application layer projects (Compound Grants, Lido, Synthetix, The Graph and Uniswap Grants) and Kraken, in addition to Ethereum Foundation funding

EIPs/Standards

• EIP3772: Compressed Integers
• EIP3770: Chain-specific addresses
• EIP3756: Gas Limit Cap
• EIP3754: Vanilla Non-Fungible Token Standard
• EIP3742: Multi Party Contract Standard

Proof of stake consensus layer

• Stakers: you must update to the latest Geth or Erigon if you run them. Also be prepared for the Altair upgrade coming at the end of September
• Beacon chain minor incident:
  • Orphaned blocks caused small number of dropped attestations, resulting in a 1-2% drop in participation
  • Caused by Lido overreliance on one node serving the queries of 4000 validators
  • Data driven investigation
• Danny Ryan’s Finalized PoS update: Altair upgrade of Prater testnet on September 2, Beacon chain upgrade targeting end of September
• Latest What’s New in Eth2
• PoS implementers call. Notes from Alex Stokes and Ben Edgington
• Teku v21.8.2: Altair upgrade of Prater and reduced CPU and memory usage
• Lighthouse v1.5.1: Altair upgrade of Prater, v1.5.0 improved networking stack and doppelganger protection, downgrade requires resync 
• Nimbus privacy focus impacts crawlers as cycles libp2p peerid on restart and doesn’t accept socket connection when peer table is full
• Proposal for committee-driven MEV smoothing to equally share a block’s MEV among the committee members and the proposer
• Predicted exit/entry queue clog once withdrawals enabled due to validators wanting to compound their stake and rotate keys, these use cases should be handled without an exit/entry to avoid clogging
• Stereum launcher: beacon chain client installer, supports 4 clients

Layer2

• Optimism adds custom ERC20 token deposit and withdrawals
• Nova: trustless relaying of contract calls between L2 and L1, deployed on Optimism and mainnet, restricted to approved projects for now
• Hop enables fast exits from Optimism to mainnet for USDC and USDT, avoids 7 day optimistic rollup withdrawal time
• Loopring zkRollup NFTs: mint, trade and transfer on L2, deposit to L2, withdraw to L1, supports ERC721 and ERC1155
• L2Beat adds risk view: security, data availability, what can be changed and what to do on censorship or system goes offline

---

This newsletter is made possible thanks to Streamr!

The Streamr Network is being built to provide a decentralized real-time messaging protocol for web3. The network is a decentralized, topic-based publish-subscribe system. Each stream or pub-sub topic has its own P2P overlay network that is built and maintained by a set of BitTorrent-like trackers.

Testnets for the current Brubeck milestone of the network are now running. Contribute your idle bandwidth and run a node in the Streamr Network to earn rewards, with 2M DATA tokens up for grabs! DATA is an ERC-20 token, currently trading on most major exchanges, that will power the tokenomics mechanism on the Streamr Network. Learn how to run a Streamr node here.

For more information about the project, you can talk to the team on the Streamr Discord server!

---

Stuff for developers

• Ganache v7.0.0 alpha: local blockchain (formerly ganache-cli), significantly faster and more memory efficient, can run in browser
• Remix tools in VSCode: compile, deploy to public chains with MetaMask and debug with Remix’s Debugger
• Modern ERC20 implementation using Solidity over/under flow checks
• Anton Bukov’s Cumulative Merkle Tree drop, currently being audited
• opensea.rs: Rust CLI for OpenSea, supports Flashbots bundles, so orders don’t get frontrun
• Etherscan Transaction Decoder: single view of emitted events, state difference and execution trace
• Etherscan adds verified contract name to creation transaction
• Deep dive of on chain SVG NFT examples
• ShadowySuperCoder NFT and infrastructure discounts for 100k addresses that deployed 1 or more contracts on mainnet (Disclosure: I claimed)

Security

• OpenZeppelin Contracts TimelockController had security vulnerability, actor with executor role could escalate privileges, projects should migrate to TimelockController in v4.3.1
• SushiSwap paid $1 million bounty to samczsun for Miso vulnerability disclosure where $350 million was at risk and assistance with mitigation

Ecosystem

• Guide to EIP1559 gas fee calculations, explains base fee, priority fee and max fee (per gas)
• Leveraged sandwiching using flash swaps
• Discussion on need for a multi-chain ethereum provider
• Impersonator: log in to dapps impersonating any address via WalletConnect
• Vitalik: alternatives to selling NFTs at below market prices to avoid selling out quickly and gas market spikes

Enterprise

• Visa buys CryptoPunk and shares NFT whitepaper
• Head of Gaming at YouTube: Play-to-earn next major gaming model along with open market for in-game digital items
• Budweiser buys Beer.eth and changes profile picture to rocket ship NFT

Application layer

• ENS DNS namespace integration: domain name owners can import domains (such as weekinethereumnews.com) for use on ENS
• Lyra: native options trading on Optimism rollup, starting with single ETH market and liquidity provided by LyraDAO
• DAI peg mechanics explainer of Vault mechanism, DAI saving rate and Peg Stability Module
• Uniswap interactive math demos
• Jonathan Mann deploys NFT with on chain song
• Simon de la Rouviere: NFT fiction, top down vs bottom up

Regulation/business/tokens

• USDC reserves derisking to cash and short duration US Treasuries
• VanEck and ProShares not proceeding with Ethereum ETFs
• Paypal launches crypto services in UK to buy, hold and sell cryptocurrency
• a16z token delegation open sourced: best practices, criteria for assessing delegates and legal mechanics and template docs
• ETH daily issuance lower than BTCs for first time due to EIP1559 and NFT activity

General

• 🎂 Week in Ethereum News turned 5, first issue was August 21, 2016
• Gartner: NFTs are at the peak of inflated expectations but DeFi has plenty of room for hype growth
• Analysis of cross chain bridges: security model, incentives and limitations
• Snowden: Apple declared war on iPhone users privacy

---

Job Listings

• Futureswap is hiring a Product Marketing Manager
• Vac (Status) is looking for a smart contracts protocol engineer for Waku
• Trail of Bits: Blockchain Security Apprenticeship
• Solidity is hiring a C++ dev
• Nethermind internship program

Want to reach people experienced with Ethereum? List your job here. $345 per line (~75 character limit including spaces), payable in ETH (or 345 DAI or 345 USDC) to abcoathup.eth. Questions? abcoathup at-gmail

---

Follow @WeekinEthNews to find out what the most clicked links are. Follow @evan_van_ness and @abcoathup to get most of the week’s news in real time.

Permalink for this week’s issue: https://weekinethereumnews.com/week-in-ethereum-news-august-28-2021/

---

Dates of Note

Upcoming dates of note (new/changes in bold):

• Sep 2 – Prater testnet upgrade to Altair (epoch 36660)
• Sep 8  – Gitcoin Grants Round 11 starts
• Sep 15-17 – MetaCartel MCON Denver
• Sep 17-Oct 15 – ETHOnline hackathon
• Oct 1-3 – EthAtlanta enterprise-focused hackathon & keynotes
• Oct 20-21 – LisCon (Lisbon)
• Oct 22-24 – ETH Lisbon hackathon

Did you get forwarded this newsletter? Sign up to receive it weekly