Optimism Foundation Disables Fraud Protection Due to Vulnerabilities

The Optimism Foundation has restored the L2 network to a permissioned state following the discovery of vulnerabilities in the decentralized fault proof mechanism by auditors.

Today, @OPLabsPBC posted an upgrade proposal detailing findings from a recent series of community-driven audits on the Fault Proof System, including the plan to fix the bugs identified as part of the audits.https://t.co/Kylblb3Wyx

— Optimism (@Optimism) August 16, 2024

Introduced in early July, the permissionless Fault Proof solution allows users to challenge potentially fraudulent and incorrect transactions. In permissioned blockchain ecosystems, only trusted claimants can perform these actions.

The launch of the Fault Proof functionality marked the implementation of the first stage of decentralization for OP Mainnet and OP Stack.

However, two months later, the Optimism Foundation activated a fallback permissioned mode and proposed improvements to the mechanism due to code errors identified by auditors from Spearbit, Cantina, and Code4rena.

The organization put forward a governance proposal for an upgrade to fix the bugs, some of which were deemed “serious.”

“None of the vulnerabilities were exploited, and user assets were not and are not at risk. However, as a precautionary measure, a permissioned rollback mechanism was activated to avoid any potential instability until the bugs are fixed,” wrote Optimism Foundation engineer Mofi Taiwo.

If the community approves the proposal, the L2 network upgrade, named Granite, will take place on September 10. It includes several updates and a hard fork.

Back in April, the Optimism team resolved two critical vulnerabilities in Fault Proof during the testnet verification stage.