icon_install_ios_web icon_install_ios_web icon_install_android_web

Bạn nhìn nhận thế nào về các vấn đề bảo mật của bằng chứng gian lận Optimism?

Phân tích4 tháng trước发布 6086cf...
48 0

Tác giả gốc: Hạo Thiên

Recently, @Optimism was questioned by the overseas community due to security audit issues with the Fault Proof System. After major security issues were discovered in the original permissionless fraud proof mechanism, the OP Foundation actually proposed a hard fork to fix the problem and convert it to a licensed proof? What exactly happened?

1) Simply put: Fault Proof System is a mechanism for verifying the correctness of Layer 2 network status. Anyone can submit L2 status to the dispute virtual machine on L1 without permission and accept challenges from others. If the challenge is successful, the reward and punishment mechanism will be triggered.

This is the fraud proof mechanism that must exist to ensure the security of the OP-Rollup mechanism. The launch of the Fault Proof System in June made up for the markets long-standing criticism of the OP Stacks lack of an effective challenge mechanism.

2) However, a recent community-driven audit found multiple vulnerabilities in the fraud proof system, and the response of the Optimism Foundation was surprising:

1. Treat fraud proof VM opcode-level vulnerabilities as minor security vulnerabilities;

2. Excluding the fraud proof system from the scope of external audit;

3. Temporarily adjust the permissionless mechanism of fraud proof to a permissioned mechanism, and propose a hard fork plan called Granite to solve security issues;

This makes people doubt the meaning and effectiveness of the so-called Fault Proof System.

3) How do you view this matter? In my opinion:

1. Optimism launched the Fault Proof System entirely to further expand the necessary security challenge mechanism of the OP Stack camp. The market has become optimistic about whether Optimism itself has such a challenge mechanism;

2. The Fault Proof System is indeed sophisticated and complex. Most of the states can be verified locally in L2, and only some key parts are pushed to the fault virtual machine of L1 for judgment. Yes, a virtual machine with specific op code is developed. This can ensure the low cost of L1 verification while ensuring security.

3. The Fault Proof System was changed from unlicensed to licensed and was urgently disabled, which also exposed the excessive power of the OP Foundation and the Multi-Signature Security Committee. Fraud proofs are under the control of the Security Committee even if they are unlicensed;

4. Optimism has fallen behind its peer Arbitrum in achieving the security and decentralization goals of Stage 1, and ZK-Rollup鈥檚 technological leadership will be further valued.

This article is sourced from the internet: How do you view the security issues of Optimism fraud proofs?

Related: To master TON ecosystem game Alpha, you need these tools

Original | Odaily Planet Daily ( @OdailyChina ) Author: Golem ( @web3_golem ) The two popular games in the TON ecosystem , Hamster Kombat and Catizen , will both launch tokens in July. Most players will soon reap the rewards, but they will not stop there. The popularity of the TON ecosystem prompts players to continue looking for the next game Alpha project. Last week, Odaily Planet Daily introduced several popular and new games in the TON ecosystem in the article Operation Guide: Inventory of 10 Interactive New Projects in TON Ecosystem, which attracted the attention of readers and also found that many readers need tools related to TON ecosystem games. This article will introduce several tools, including wallet configuration, how to find popular TON ecosystem games and multi-game simulator…

© 版权声明

相关文章