A high-priority critical bug was identified during a recent Ethereum Virtual Machine (EVM) audit for Telos’s (TLOS) brand new, non-Ethereum fork Layer 1, the “Telos EVM”. Telos is a high-performance blockchain network that is significantly more robust and advanced than any other EVM. Some are referring to the Telos EVM as EVM 2.0 plus.
The vulnerability was reportedly detected by software security expert Guido Vranken (@guidovranken), who’s currently working for Sentnl and was hired by Telos core developers team. As confirmed in the announcement, the bug was discovered as part of a planned security audit for the Telos EVM.
The Sentnl audit team confirmed that they found a critical vulnerability in Ethereum’s (ETH) codebase while auditing the Telos EVM. Due to the recent expansion of DeFi on the Ethereum network and this being a high priority bug, one could assume that this could have potentially resulted in hundreds of millions of dollars lost. Fortunately, this timely audit ended up serving a higher purpose. In good practice, the Sentnl audit team immediately informed the Ethereum developers about their findings.
— Go Ethereum (@go_ethereum) August 18, 2021
It’s worth noting that these types of critical bugs are not uncovered very often. As noted by the Telos team, they had decided to go the extra mile by having their codebase thoroughly audited before launching the Telos EVM. The team was seeking to find the not-so-typical “cookie-cutter” auditor who will simply run a series of test codes.
The Telos developers further explained that these test codes are readily available online. They also noted that the team had written a library of their own custom test codes. After performing these tasks internally and getting them all to a green light stage, they wanted to put their EVM under a real high-powered, third-party inspection.
The Telos team mentioned that they wanted a team of skilled white hat programmers to carefully go through every line of code. As a result, they extensively vetted and decided to work with Sentnl.
To vindicate this decision, the Sentnl team helped tighten the Telos code and to everyone’s surprise, they discovered a serious flaw in Ethereum while comparing Ethereum EVM code to the Telos EVM code.
According to the code testing experts, this should speak volumes about Sentnl and Telos EVM because Ethereum EVM has reportedly been vigorously audited. It’s continuously undergoing audits. So uncovering this bug was like finding a needle in a haystack.
The Ethereum developers have announced that a high severity security issue was detected.
Ethereum development teams also confirmed the bug and have given credit to Guido Vranken for finding the vulnerability.
This latest auditing exercise indicates that Telos cares about security and hired a qualified and competent group to check their code. It’s very important to write code by observing best programming practices. It’s also vital to have that source code audited by an experienced third party so that they can identify any potential issues before publishing the codebase for use in a production environment.
As mentioned in the update from Telos, the audit was so thorough that they identified an exploit no one ever detected before. This incident confirms that we can put a high value on the level of code security of the Telos EVM.
As a global crypto community, they’re also a key part of the larger EVM and DeFi landscape and the Telos team genuinely cares about the security and success of this emerging space.
Douglas Horn, Chief Architect at Telos, stated:
We were diligent in our selection process in picking Sentnl to audit the Telos EVM code. We wanted the best around and it’s gratifying to see such a clear demonstration that we made the right choice. Telos EVM intends to make a major contribution to the EVM space and we’re glad that our project is already leading to meaningful improvements to the Ethereum and DeFi worlds. People should also feel very confident that the most thorough standard of code review has gone into Telos EVM, thanks to Sentnl.
Guido Vranken from Sentnl Auditors said:
In order to find vulnerabilities in the Telos EVM, I engaged in deep and rigorous fuzzing, and verified that its behavior matched that of go-ethereum exactly. Despite go-ethereum having an outstanding track record when it comes to security, the procedure was so effective that it wasn’t just instrumental in asserting the correctness of the Telos EVM, but also found a high severity issue in go-ethereum.
- CryptoPunks NFTs Record $900 Million Month Sales
- Cardano360 Alonzo Purple Testnet Community Achievements
- Moonbeam Announces Moonriver Network Launch Completion
- Constellation Network Provides Commercial Partners End-to-End Blockchain Security
- Thorstarter Launches Its Second IDO for BNPL Pay Finance on Its ‘Decentralized VC’ Launchpad