Geth

From CryptoWiki

Basics

  • Golang client of the go-ethereum
  • Go is easy to build, code and read but loses some of the speed.
  • The command line interface for running a full ethereum node implemented in Go. It is the main deliverable of the Frontier Release
  • Other CLI’s are eth; C++ & Pyethapp

Bugs

  • From Blockthreat (19-5-2022):

"Geth patched a DoS vulnerability caused by a malicious p2p message."

  • Geth has issued a hotfix to a high-severity security issue in its code (24-8-2021).
  • Samczun has written (27-5-2021) about bugs he found within go-ethereum (Geth). The first one was a bug in Geth’s uncle validation routine which did not behave correctly given a specially crafted uncle. If exploited, this could have caused an accidental fork between Geth and Parity nodes. And the second one was a bug in Geth’s state downloader which could be used to trick it into syncing with mainnet incorrectly. If exploited, an attacker could have booby trapped the Ethereum blockchain and triggered a hard fork at will.

"There were two serious vulnerabilities found in the geth network, both of which were found by John Youngseok Yang (Software Platform Lab), earning him 20k points on the Ethereum Bounty Program leaderboard. In order to minimise disruption, the Ethereum developers decided to hard fork.

Services running older versions of geth nodes found themselves stuck on a minority chain, creating a knock-on effect for all apps that were reliant on them. Most users learnt of the issue when the Infura API went down."

"The most famous was the “Shanghai DoS Attacks” of late 2016. This attack basically took Geth nodes offline which meant the network was relying on Parity Ethereum to handle the load. Obviously this is a perfect example of why having a multi-client network is hugely beneficial - if Ethereum was just relying on Geth then the entire network would have been taken down with this attack."

Team

Retrieved from "https://cryptowiki.me/index.php?title=Geth&oldid=15643"