Alisa Davidson
Revealed: April 30, 2025 at 11:10 am Up to date: April 30, 2025 at 10:50 am
Edited and fact-checked:
April 30, 2025 at 11:10 am
In Temporary
Pavel Shabarkin publicly disclosed a crucial vulnerability on Scroll, claiming that the problem might have halted the blockchain, impacting over $100 million in TVL, however Scroll reportedly didn’t resolve the issue successfully.
White hat hacker Pavel Shabarkin publicly disclosed a crucial vulnerability on the Ethereum Layer 2 community Scroll through social media platform X. He claimed that the problem might have halted the blockchain, impacting over $100 million in complete worth locked (TVL). Regardless of this, Scroll reportedly didn’t resolve the issue successfully.
In line with Pavel Shabarkin, “Anybody might power Scroll L2 into an indefinite re-org, halting the chain in order that no consumer transactions could be included in blocks and the chain wouldn’t transfer ahead. All funds on L2 could be frozen.”
The hacker additionally expressed frustration with Scroll’s response to the problem, noting that the challenge downplayed his report and failed to have interaction in significant communication, opting as a substitute for silence. Moreover, he identified that Immunefi, the platform dealing with the vulnerability report, didn’t precisely classify the problem, even after he requested a re-evaluation. Because of this, Pavel Shabarkin selected to go public along with his findings to boost consciousness about Scroll’s obvious lack of safety experience.
The difficulty reported by Pavel Shabarkin poses dangers to the Scroll community, with the potential for the chain to be halted without charge to the attacker. In the course of the assault, withdrawals would stay blocked, probably indefinitely, because the attacker can maintain the halt with none expense. This disruption in block manufacturing would stop important time-sensitive decentralized finance (DeFi) actions, reminiscent of including funds to keep away from liquidation or updating oracle costs, inserting consumer funds at substantial danger. Moreover, the sequencer would cease gathering transaction charges as a result of no Layer 2 consumer transactions might be included in blocks. The vulnerability is especially regarding as anybody with web entry might set off the assault, making it an simply accessible menace.
In response, Ye Zhang, co-founder of Scroll, defined that the hacker’s claims stem from a elementary misunderstanding of how the protocol operates. Particularly, the hacker ignored the sunshine CCC verify that the sequencer carried out previous to the Euclid improve.
He highlighted that, “The PoC doesn’t maintain up. Logs don’t appear to point out reorgs. Mild CCC already tracks precompile invocations and skips such transactions with out triggering any reorg.”
Ye Zhang additional emphasised that Scroll is dedicated to making sure protocol safety, having invested over $1 million in audits, and values the contributions of whitehat hackers.
Scroll is an Ethereum Layer 2 scaling resolution that leverages Zero-Data (ZK) rollups to enhance transaction throughput, decrease gasoline charges, and protect Ethereum’s safety and decentralization. By incorporating a zkEVM (Zero-Data Ethereum Digital Machine), Scroll ensures full compatibility with Ethereum’s current infrastructure, enabling builders to deploy decentralized purposes (dApps) without having to change their code.
Disclaimer
According to the Belief Undertaking pointers, please observe that the data offered on this web page will not be meant to be and shouldn’t be interpreted as authorized, tax, funding, monetary, or some other type of recommendation. You will need to solely make investments what you’ll be able to afford to lose and to hunt unbiased monetary recommendation you probably have any doubts. For additional info, we recommend referring to the phrases and situations in addition to the assistance and help pages offered by the issuer or advertiser. MetaversePost is dedicated to correct, unbiased reporting, however market situations are topic to vary with out discover.
About The Creator
Alisa, a devoted journalist on the MPost, focuses on cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a eager eye for rising traits and applied sciences, she delivers complete protection to tell and have interaction readers within the ever-evolving panorama of digital finance.
Extra articles
Alisa Davidson
Alisa, a devoted journalist on the MPost, focuses on cryptocurrency, zero-knowledge proofs, investments, and the expansive realm of Web3. With a eager eye for rising traits and applied sciences, she delivers complete protection to tell and have interaction readers within the ever-evolving panorama of digital finance.
Extra articles
