ethereum developer Identified A bug in the Besu Ethereum client could lead to “consensus failure in networks with multiple EVM implementations”.
Gary Schulte reported this issue to the Hyperledger GitHub repository and it was discovered by Martin Holst Swende. It is understood that “there is no production network with transactions that cause this failure”.
Bugs found during Merge code review
Swende says, “do some #Ethereum Fuzzing for preparation #TheMergeResponding to CryptoSlate journalists, Swende said users running Besu nodes would be stuck and “would be unable to follow the canon chain.” Furthermore, “the network controlled by besu may have been taken down prematurely.”
They would have been stuck and unable to follow the canon chain. And/or the besu-dominated network (non-eth-mainnet) might have been cut off along the way.
— MH (((Sweden))) (@mhswende) September 27, 2022
of Beth client is the second most popular client on the Ethereum network after Geth. According to data available from ethernodes.org, the Besu client is used by 7.81% of Ethereum mainnet clients.
Vulnerable Besu client version
Version 22.7.1 of the Besu client includes a fix to ensure that “excess gas is not allocated to internal transaction calls, fixing excess gas errors”.
Versions prior to 22.1.3 also “prevent unauthorized execution”, but Ethereum mainnet requires other features that are only available in later versions.client version 22.4.0 through 22.7.0 are currently considered vulnerable to the gas bug.
As a result, Besu client users on mainnet will need to upgrade to the patched version.
impact and resolution
Danno Ferrin wrote a full article on this issue in a Hackmd article published on September 21st. According to Ferrin’s analysis,
“A flaw in treating unsigned data as signed data allows a well-coded smart contract to make function calls that return more gas than was passed.”
Detailed technical information about the bug can be found at Posted by Feline. However, the main point is that the bug has been resolved without any problems on the Ethereum mainnet. A bad person had to act in a precise way to exploit the bug.
“It took a deliberately crafted call to escalate this to a chain stopping bug. EIP-150 Reserve a portion of the available gas for the “all but one 64th” rule and the call contract.
If no bugs are found, a chain with a lot of participation from Besu clients can experience an “infinite loop” of smart contracts, causing the contracts to “truly run forever”.
Ferrin says that fuzzing allowed developers to identify and patch bugs without issue. fuzzing A method used by software developers that “includes providing invalid, unexpected, or random data as input to a computer program.”
“The biggest lesson shown by this exploit is that comparing trace data in a fuzzing run catches more bugs than simply comparing the final result.”
Thanks to the efforts of Ethereum developers dedicated to securing the network, the excessive gas bug is no longer occurring. However, the potential damage it could have caused shows the complexity behind performing a merge without issue.
This bug was fixed in version 22.7.1 with “a Alternative conversion method This “fixes” the overflow value to the maximum expected value and avoids signed conversion issues. Ferrin commented that users running nodes within the vulnerable range should update to the latest version.