3 hours ago
897
The Ethereum Foundation launched the One Trillion Dollar Security Dashboard, a public comprehensive tool that is supposed to provide a structured overview of Ethereum’s overall security standard across the ecosystem.
The Ethereum Foundation launched the dashboard to address six security dimensions, and is expected to show where Ethereum is strong, where and how it can improve, and where work is already being done to improve the network’s security.
What’s the Ethereum Foundation’s One Trillion Dollar Security dashboard?
The dashboard is a part of the broader Trillion Dollar Security (1TS) initiative, which was unveiled by the Foundation last May. The 1TS project has been described as an ecosystem-wide push aimed at upgrading Ethereum’s security so it can better serve as “civilization-scale” infrastructure.
The goal is a lofty one as it means it has to become a substrate that can securely handle trillions of dollars in onchain value, supporting billions of users, and outperforming legacy financial systems with its trustworthiness and resilience.
The recently launched dashboard is being regarded as a first stab at aggregating progress in a clear way and hopes to help developers, users and even institutions keep a close eye on improvements. It is supposed to make the network’s security more transparent, measurable and easy to digest.
The six main dimensions of the network’s security that it will cover include user experience, smart contract security, consensus protocol, monitoring and incident response, and social layer and governance.
EF discovered ‘high-severity’ attack vector impacting Ethereum
The launch of the dashboard comes a day after the Ethereum Foundation awarded a $50,000 bug bounty, its maximum award, to researchers for identifying a “high-severity” attack vector that has been affecting the Ethereum blockchain.
The vector had previously gone unnoticed and affected ERC-4337, the protocol that powers a feature called account abstraction. It allows a malicious actor to deliberately trigger certain account-abstraction transactions to revert and pay for gas, even though they were valid and correctly signed.
“Huge thanks to the EF for handling the issue responsibly and granting us a $50k bounty, the maximum high-severity award,” Trust Security, the firm that identified the attack, wrote on X.
The Ethereum Foundation has clarified that the vector is linked to censorship and griefing, not fund-theft. The foundation also claimed the attack had been patched in its latest release.
The attack vector’s real-world impact was limited because the specific vulnerable ERC-4337 transaction type was minute. Still, Ethereum users sent around 1.7 million vulnerable ERC-4337 transactions over the past week, which is around 9% of all Ethereum transactions made during that period.
According to the Ethereum Foundation, the timing of the discovery could not have been better, as it was an issue that needed to be addressed before broader adoption amplified its effects.
Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.
English (US)