Ethereum Virtual Machine

Aave’s proposal to launch on zkEVM passes ‘temperature check’ vote

A proposal to deploy the third version of lending protocol Aave has recently passed a “temperate check” with an overwhelming favorable majority.

A “temperature check” proposal to deploy the decentralized exchange (DEX) Aave on the zkSync Era Mainnet has passed with overwhelming support from the Aave community.

When voting closed on April 16, more than 99% of Aave (AAVE) tokenholders casting ballots had voted in favor of launching the third version of the lending and borrowing protocol on the zero-knowledge Ethereum Virtual Machine (zkEVM).

According to the proposal first pitched on March 26, the launch will be limited to USD Coin (USDC) and Ether (ETH).

A [Temp Check] is currently running to deploy Aave V3 on the @zksync Era Mainnet, expanding Aave’s presence and tapping into the growing zkEVM ecosystem.https://t.co/ps1RMl7Sva

— Aave (@AaveAave) April 14, 2023

Now that the temperature check has indicated a “positive sentiment,” the next steps listed in the proposal will be to proceed to another stage for further discussion, followed by risk parameter evaluation and finalization of the proposal.

If the next stages are successful the proposal will be submitted for voting and on-chain governance approval.

Only around 0.02% voted against the proposal with a further 0.02% abstaining from voting.

According to the proposal, deploying on zkSync can benefit the Aave ecosystem by introducing new users into decentralized finance and cementing Aave as a premier borrowing platform within the zero-knowledge ecosystem.

The Aave community previously voted to deploy the Aave V3 codebase on zkSync’s v2 Testnet, which was approved in another off-chain vote.

Decentralized exchange Uniswap is also set to launch on azkEVM solution from scaling solution provider Polygon after a governance proposal was successfully passed.

In November 2022, Aave changed its governance procedures after it was hit by a $60 million short attack that ultimately failed.

Magazine: Unstablecoins: Depegging, bank runs and other risks loom

zkSync Era’s ‘elegant’ fix for 921 ETH ‘stuck forever’ in smart contract

Matter Labs confirmed the funds are safe and that they’ve found an “elegant solution” to transfer the funds out.

Matter Labs, the team behind Ethereum layer 2 scaling solution zkSync, has confirmed that 921 Ether (ETH) worth $1.7 million is currently stuck in one of its new smart contracts, GemstoneIDO.

However, the firm claims the funds to be “safe” and to have found an “elegant” solution for rescuing the funds, which accumulated during the Gemholic token sale.

Initially stating that the funds wouldn’t be “stuck forever,” Matter Labs said in its most recent tweet that it had found an “elegant solution” to “unfreeze” the GemstoneIDO contract and transfer the funds out.

@GemholicECO, who ran into a problem with their smart contract on zkSync Era, has reached out to us for support, which we provided.

We’d like to give the community an update and further context on their issue in full transparency, as we always have and always will.

— zkSync ∎ (@zksync) April 7, 2023

Matter Labs identified the issue to have stemmed from the .transfer() function in the GemstoneIDO smart contract, which is part of a project run by the GemholicECO ecosystem.

Matter Labs said that the issue could have been prevented had they deployed the contract on a testnet first.

“Unfortunately, the contracts were deployed on Era mainnet without having been tried on the testnet or local node, which would have immediately caught the problem.”

The faulty function came from zkSync Era, a new type of Ethereum Virtual Machine (EVM) zero knowledge proof rollup that executes smart contract much faster than on the base layer.

The team however stressed that zkSync Era is not EVM-equivalent, meaning that it is compatible with the EVM at a bytecode level. This means some functions work differently in the new environment.

“This is a deliberate design choice with specific upsides and trade-offs,” they said.

In justifying its design choice, Matter Labs said zkSync Era could process some transaction types between 10 to 1,000 times cheaper than other EVM rollups.

Nontheless, Matter Labs held themselves accountable for the mistake and assured members of the zkSync ecosystem that they’ll continue resolve similar issues relentlessly.

“With this comes great responsibility and inevitably the occasional friction and today was one of these instances. When there are problems our team will continue to be on alert and be relentless in resolving issues.”

zkEVMs are complex systems that are in the process of maturing. Even though zkSync Era is still in Alpha, we’ve already got a thriving ecosystem.

— zkSync ∎ (@zksync) April 7, 2023

Several members of the CryptoCurrency subreddit, however, expressed their frustration on the matter:

“Another example of why a chain shouldnt be rushing its mainnet launch. Always remember this guys, EVM compatible =/= EVM equivalent.”

“I’m all in for seeing Zero Knowledge tech becoming more and more relevant in the crypto space. However, these chains also have to take into consideration the fact that people’s funds are at stake,” said another.

Transaction failures of the GemstoneIDO contract can be seen on the zkSync explorer page, which also shows the 921 Ether is stored in its smart contract.

*Matter Labs confirmed that GemstoneIDO, a smart contract in the broader Gemholic.ECO ecosystem, was the contract at concern. Source: zkSync Explorer*

Matter Labs launched zkSync Era on mainnet last week, promising that decentralized exchanges Uniswap and SushiSwap would be live in a matter of days. That hasn’t happened yet, however, projects including Argent, Celer Network and MetaMask are live on the network now.

Updated 1:37am UTC time on April 7: This article has been updated to add comments from Matter Labs most recent post on the incident.

Magazine: Ethereum is eating the world — ‘You only need one internet’

Buterin weighs in on zk-EVMs’ impact on decentralization and security

Vitalik Buterin has weighed the impacts of the addition of zk-EVMs at the protocol level, saying it could speed up the verification process on the base layer.

Ethereum co-founder Vitalik Buterin wants to see zero-knowledge Ethereum Virtual Machines (zk-EVMs) built on Ethereum’s first layer to speed up the verification process on the base blockchain.

Buterin explained in a March 31 post that it’s possible to integrate a zk-EVM on the base layer without compromising on decentralization and security. The technology enables Ethereum Virtual Machines to execute smart contracts on the blockchain with ZK proofs.

How will Ethereum’s multi-client philosophy interact with ZK-EVMs?https://t.co/MPpTPNhldR

— vitalik.eth (@VitalikButerin) March 31, 2023

Ethereum was developed with a “multi-client philosophy” to ensure decentralization at the protocol level, Buterin explained. By integrating zk-EVMs at the Ethereum layer 1, it would be the third type of client.

“Once that happens, zk-EVMs de-facto become a third type of Ethereum client, just as important to the network’s security as execution clients and consensus clients are today.”

The other two clients are the “consensus” and “execution” clients. The consensus client implements proof-of-stake to ensure nodes in the network reach agreement, while the execution client listens to new transactions broadcast to the network, executes them in standard EVM and holds a copy of the latest state of the blockchain.

In championing the idea of zk-EVM verification at the Ethereum base layer, Buterin firstly considered the advantages and drawbacks of treating the layer 1 as a “clearinghouse” by pushing almost all activity to layer 2’s.

He said many layer 1-based apps would become “economically nonviable” and that small funds — worth a few hundred dollars or less — may get “stuck” in the event that gas fees grow too large.

Buterin explained that zk-EVMs would need to be “open” in that different clients each have different zk-EVM implementations and each client waits for a proof that is compatible with its own implementation before accepting a block as valid.

He prefers this approach because it wouldn’t abandon the “multi-client” paradigm, and an open zk-EVM infrastructure would also ensure that new clients could be developed, which would further decentralize Ethereum at the base layer.

Buterin said zkEVMs might be the solution to “The Verge,” a part of the Ethereum roadmap that aims to make verification at the base layer easier.

Updated roadmap diagram! pic.twitter.com/MT9BKgYcJH

— vitalik.eth (@VitalikButerin) November 4, 2022

Buterin acknowledged that the zk-EVM infrastructure might cause data inefficiency and latency issues, however, he said those challenges wouldn’t be “too hard” to overcome.

If the zk-EVM ecosystem is implemented, it would make running a full node on Ethereum even easier, Buterin explained:

“Ethereum blocks would be smaller than today, anyone could run a fully verifying node on their laptop or even their phone or inside a browser extension, and this would all happen while preserving the benefits of Ethereum’s multi-client philosophy.”

Ethereum layer-2 scaling platform Polygon has made considerable progress with its zk-EVM, having recently open-sourced its zkEVM to the Polygon mainnet on March 27, promising reduced transaction costs and increased throughput of smart contract deployments.

StarkWare, ConsenSys, Scroll, zkSync and Immutable are also deploying similar zkEVM scaling solutions.

Magazine: Attack of the zkEVMs! Crypto’s 10x moment

Hedera confirms exploit on mainnet led to theft of service tokens

Hedera said the March 9 smart contract exploit has not impacted the network or its consensus layer.

Hedera, the team behind distributed ledger Hedera Hashgraph, has confirmed a smart contract exploit on the Hedera Mainnet that has led to the theft of several liquidity pool tokens.

Hedera said the attacker targeted liquidity pool tokens on decentralized exchanges (DEXs) that derived its code from Uniswap v2 on Ethereum, which was ported over for use on the Hedera Token Service.

Today, attackers exploited the Smart Contract Service code of the Hedera mainnet to transfer Hedera Token Service tokens held by victims’ accounts to their own account. (1/6)

— Hedera (@hedera) March 10, 2023

The Hedera team explained that the suspicious activity was detected when the attacker attempted to move the stolen tokens across the Hashport bridge, which consisted of liquidity pool tokens on SaucerSwap, Pangolin and HeliSwap. Operators acted promptly to temporarily pause the bridge.

Hedera didn’t confirm the amount of tokens that were stolen.

On Feb. 3, Hedera upgraded the network to convert Ethereum Virtual Machine (EVM)-compatible smart contract code onto the Hedera Token Service (HTS).

Part of this process involves the decompiling of Ethereum contract bytecode to the HTS, which is where Hedera-based DEX SaucerSwap believes the attack vector came from. However, Hedera didn’t confirm this in its most recent post.

Earlier, Hedera managed to shut down network access by turning off IP proxies on March 9. The team said it has identified the “root cause” of the exploit and is “working on a solution.”

To prevent the attacker from being able to steal more tokens, Hedera turned off mainnet proxies, which removed user access to the mainnet. The team has identified the root cause of the issue and are working on a solution. (5/6)

— Hedera (@hedera) March 10, 2023

“Once the solution is ready, Hedera Council members will sign transactions to approve the deployment of updated code on mainnet to remove this vulnerability, at which point the mainnet proxies will be turned back on, allowing normal activity to resume,” the team added.

*A notice posted by Hedera on its status webpage cautioned users that its network would not be accessible. Source:* *Hedera*

Since Hedera turned off proxies shortly after it found the potential exploit, the team suggested tokenholders check the balances on their account ID and Ethereum Virtual Machine (EVM) address on hashscan.io for their own “comfort.”

All HashPack functionality will be unavailable during this downtime https://t.co/ngaRmg00Zi

— HashPack Wallet (@HashPackApp) March 9, 2023

The price of the network’s token Hedera (HBAR) has fallen 7% since the incident roughly 16 hours ago, in line with the broader market fall over the last 24 hours.

However, the total value locked (TVL) on SaucerSwap fell nearly 30% from $20.7 million to $14.58 million over the same timeframe:

*The TVL on SaucerSwap fell sharply following the news of the exploit. Source:* *DefiLlama*

The fall suggests a significant amount of tokenholders acted quickly and withdraw their funds following the initial discussion of a potential exploit.

The incident has potentially spoiled a major milestone for the network, with the Hedera Mainnet surpassing 5 billion transactions on March 9.

#Hedera: 5 BILLION mainnet transactions!

Real transactions. Real applications. Real-world #utility. Are you watching?

We are witnessing #DLT adoption on an unprecedented scale.

This is only the beginning. pic.twitter.com/n0TbWTJmC0

— Hedera (@hedera) March 8, 2023

This appears to be the first reported network exploit on Hedera since it was launched in July 2017.

Ripple wants to bring Ethereum smart contracts to the XRP Ledger

The EVM-compatible XRP Ledger sidechain is set to undergo its second phase in early 2023, which will make the chain permissionless and improve scalability.

Ripple users may be able to interact with Ethereum-compatible decentralized applications (DApps) in the future following the launch of a test phase of Ripple’s new XRP (XRP) Ledger sidechain.

The launch of the sidechain was shared in a Tweet by blockchain development firm Peersyst Technologies on Oct. 17, noting that the new sidechain is compatible with Ethereum Virtual Machine (EVM).

This means that Ripple users could eventually have access to DApps like Uniswap (should it port over) and Web3 wallets such as MetaMask and XUMM Wallet.

The new sidechain also comes with a cross-chain bridge built to transfer XRP and other assets between the EVM-supported sidechain and the XRP Ledger Devnet.

According to RippleX software engineer Mayukha Vadari, the release “means developers no longer have to choose between XRPL or EVM-compatible blockchains.”

Developers will also be able to access XRPL’s fast low-cost transactions and bring Solidity-based smart contracts onto XRPL, he said.

The XRP-based EVM-compatible sidechain was custom-built by the Tendermint protocol and aims to process 1000 transactions per second (TPS).

Tomorrow we will publish a user guide for all #XRPLcommunity to use and test the #EVMsidechain and create their $XRP accounts on @MetaMask

— Peersyst Technology (@Peersyst) October 17, 2022

Vadari noted that the first phase of the EVM sidechain is now currently available for testing on the XRPL Devnet. Phase two will see the EVM-compatible sidechain transition to a “permissionless” chain with improved scalability.

Vadari said the aim is to achieve block times similar to that of the XRP Ledger for the second phase, which looks set to roll out in early 2023.

“The end goal is phase three: a permissionless EVM sidechain and bridge available on the XRPL Mainnet,” she added.

The news didn’t appear to affect the price of Ripple’s XRP token too much, which is currently priced at $0.476 and is up 23.86% for the month.

The latest announcement comes amid a nearly two-year-long lawsuit against Ripple by the U.S. Securities Exchange Commission (SEC), which has arguably affected the adoption and development of the global settlement network.

Ripple also continues to make moves in the central bank digital currency (CBDC) space since it first piloted a CBDC Private Ledger for banks in March 2021, having most recently partnered with The Royal Monetary Authority of Bhutan in Sept. 2022.