Ethereum’s highly anticipated Constantinople upgrade, which was planned to be released on January 16th, has once again changed the date for February 27th. This was decided as of today when core developers were conducting a phone call meeting.
The reason behind the postponement for the upgrade is due to a vulnerability which was discovered by smart contract auditor ChainSecurity. According to the information published by them, one of Ethereum Improvement Proposals (EIPs), specifically EIP 1283, which is to introduce cheaper gas costs for certain operations, “as an unwanted side effect, this enables reentrancy attacks” for “certain Solidity smart contracts.”
Reentrancy attacks happen when hackers send falsified information on the amount of Ethereum coins they have gained in their accounts to Ethereum network, while repeatedly sending fund requests. Although without a code vulnerability such attacks would fail completely, and ChainSecurity says that the currently live, a pre-fork network has no signs of such vulnerabilities.
Due to this vulnerability, Constantinople will not feature the inclusion of the problematical EIP, which will be placed under testing and refashioned for inclusion for a subsequent hard ford. Constantinople will be issued for two parts simultaneously on the main network.
The first upgrade shall include every five original EIPs and a second upgrade will remove EIP 1283. This will make sure the nodes have already been implemented Constantinople before its postponed can fix the issue by removing EIP 1283 without any need for rollbacks.
The main reason why the Ethereum blockchain must undergo a hard for is due to Constantinople being a backward-incompatible upgrade. Its also a non-contentious hard fork, which means there is no debate on whether it should happen or not.