Ethereum VM May Have Vulnerability

The vulnerability is reported by NettaLab Twitter account
12 November 2018   1587

On November 9, a statement appeared in Netta Lab’s Twitter account that the organization discovered a vulnerability in the Ethereum virtual machine that allows to execute smart contracts endlessly without paying for gas online. The researchers also allegedly turned to the operator of the American database of vulnerabilities, where they registered the corresponding discovery.

Netta Labs discovered an Ethereum EVM vulnerability, which could be exploited by hackers. The vulnerability can cause smart contracts can be executed indefinitely without gas being paied.
 

Netta Lab's Twitter

At Netta Lab's request, Google demonstrates the site of the netto.io project, which specializes in auditing smart contracts under the Netta Lab brand, but the Twitter accounts of the projects do not match. Note that the profile that reported the vulnerability was registered in November.

Many users expressed doubts about the authenticity of the information that appeared, but then the creator of the NEO project Da Hongwei said that he spoke with the CEO of Netta Labs and asked the researchers to audit the NEO virtual machine.

Nevertheless, Vitalik Buterin wrote on Reddit that this is a vulnerability in the Python-implementation of the virtual machine, which was first reported on GitHub 9 days ago. This means that the main clients (go-ethereum; parity and cpp-ethereum) are not affected.

Python News Digest 8 - 14.02

Learn about the best Python tools, why sys.getsizeof is not what you need, how to call await on multiple functions and more
14 February 2020   246

Greetings! I hope your week went great! Here's new Python news digest.

Learn how parallelism can slow down your Python code, implementing interface in Python, how to check if a file is a valid image with Python and other intersting things awaits for you in this digest.

Articles

  • Understanding Best Practice Python Tooling by Comparing Popular Project Templates

Author checked and compare the most popular Python tools in this big article

  • The Parallelism Blues: when faster code is slower

Learn when, why and how parallelism can slow down your Python app

  • sys.getsizeof is not what you want

Learn why sys.getsizeof counts not all the bytes, and even wrong bytes

Guides

  • Implementing an Interface in Python

Tutorial for beginners on how to use a Python interface; understand why interfaces are so useful and learn how to implement formal and informal interfaces in Python

  • Python asyncio and await'ing multiple functions

In this tiny tutorial, you'll learn how to call await on multiple functions in Python using the asyncio package

  • How to Check if a File is a Valid Image with Python

Really small, but a useful tutorial that we will show you how to check if a certain file is a valied image using Python

  • Understand Group by in Django with SQL

Learn and understand what GROUP BY in Django ORM is by comparing QuerySets and SQL

Updates

  • virtualenv

A virtual environment builder for Python