Another major crypto hack looms with the Ethereum Merge on the way.
Security experts have identified two hacks categories, which can take place during and after the merge.
The industry has been riddled with jarring attacks recently, and a new wave of attacks could deal even more damaging blows.
Digital asset hacks have always been around, and they may not be going away anytime soon as blackhat hackers have Ethereum in their crosshairs.
The much anticipated Ethereum Merge is upon us in just a matter of days. The Merge would see the blockchain transition to a proof-of-stake mechanism making it faster, more efficient, and less energy-consuming.
While there are all praises for the network upgrade, security experts have expressed concerns about what they believe could go wrong with the network should bad actors have their way.
The first security breach that could occur during the merge is the replay attacks. As the merge upgrade is carried out, assets on the Ethereum blockchain will be duplicated. The main assets will be on the post-merge mainnet, while the duplicated assets will still exist on the proof-of-work network. On the surface, no issue may arise, but users may be tempted to sell these copy assets for a profit and may end up selling the main assets.
Bad actors can also lure users into selling to them, knowing they will purchase the main assets. The deceit is a replay attack as bad actors will duplicate transactions to scam users.
Marius Van der Wijden, Ethereum developer, has stated that there will be no problems with the replay attacks due to the Merge. However, users are being urged to do absolutely nothing during the period to avoid being scammed due to uncertainty.
The merge will go on for about 12 minutes and will see a pause on most exchanges to avoid scams. About 150 developers at Ethereum would be on a high alert to detect bugs and have assured that no funds would be at risk.
Post-Merge security challenges
The fraud that can happen during the Merge has a lifespan of 12 minutes, but the real issue could also occur after the merge. It is a well-known fact that proof-of-stake has its advantages in terms of speed and efficiency; however, several security experts argue that the proof-of-work mechanism is a more secure consensus model.
As node validators are informed of the block to validate, they can plan an attack on the blockchain. The security experts who asked not to be named explained that Ethereum is forgoing a level of security for efficiency and speed as bad actors can gain control of two blocks, although this is unlikely.