The creation of a list of potential critical vulnerabilities could have adverse financial consequences and expose the Ethereum network to risk, according to Peter Szilágyi, head of the Geth team.
On Friday, during a conference call, the leading developers of the second-largest cryptocurrency by market capitalization discussed the unannounced hard fork that had occurred earlier this week.
On November 11, Infura and some other Ethereum infrastructure services faced service interruptions. This caused delays in ETH price feeds and ERC-20 token streams, and some exchanges halted withdrawals.
Later it turned out that the outages were linked to consensus errors in older versions of the Geth client. Because part of the network had not updated to the latest version, at block 11234873 Ethereum split into two chains.
In a comment to CoinDesk, Summa founder James Prestwich said that in open-source software it is usually standard to give advance notice to those affected by a vulnerability. He believes that the Geth representatives should have informed users about potential issues.
Peter Szilágyi, head of Geth, said that disclosing vulnerabilities exposes the system to risk. He noted that such information could reach malicious actors and also give some projects an unwarranted competitive edge. For example, in the case of early disclosure, Infura could have gained such an advantage.
Szilágyi believes that developers should continue to adhere to the current approach, i.e., not disseminate information about vulnerabilities. He, however, agreed that Geth should have informed users about the existence of a vulnerability in earlier versions of the client.
Ethereum developer Mika Zoltu also spoke out against creating a list of notifications about critical vulnerabilities.
Back in September, Ethereum co-founder Vitalik Buterin stated that a potential 51% attack on the ETH 2.0 network would not be fatal.
Follow ForkLog news on Twitter!